From 9e40d4868720e3118e0af6b110854419464c6f5a Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Tue, 22 Mar 2016 12:53:26 +0000 Subject: [PATCH 01/13] mid-commit for apache server install --- config/scenario.xml | 10 +++---- lib/configuration.rb | 2 +- lib/helpers/bootstrap.rb | 29 ++++++++++++++----- lib/objects/base_module.rb | 11 +++++++ lib/puppet_shared/puppet_shared | 1 - lib/templates/vagrantbase.erb | 11 +++++++ .../module/cleanup/manifests/config.pp | 8 ++--- .../http/apache/example42_apache_2_1_12.pp | 1 + .../manifests/install.pp | 2 ++ .../unix/http/apache/secgen_metadata.xml | 5 ++++ xml/services.xml | 10 +------ 11 files changed, 62 insertions(+), 28 deletions(-) create mode 100644 lib/objects/base_module.rb delete mode 100644 lib/puppet_shared/puppet_shared create mode 100644 modules/services/unix/http/apache/example42_apache_2_1_12.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp create mode 100644 modules/services/unix/http/apache/secgen_metadata.xml diff --git a/config/scenario.xml b/config/scenario.xml index b9d7f6b8d..a0dd295c2 100644 --- a/config/scenario.xml +++ b/config/scenario.xml @@ -2,14 +2,12 @@ - + - - - - - + + + --> diff --git a/lib/configuration.rb b/lib/configuration.rb index f6ce67f7c..c69566925 100644 --- a/lib/configuration.rb +++ b/lib/configuration.rb @@ -44,7 +44,7 @@ class Configuration if defined? @@services return @@services end - return @@services = _get_list(SERVICES_XML, "//services/service", Service) + return @@services = _get_list(SCENARIO_XML, "/systems/system/services/service", Service) end def self._get_list(xmlfile, xpath, cls) diff --git a/lib/helpers/bootstrap.rb b/lib/helpers/bootstrap.rb index 458949638..1a1741e60 100644 --- a/lib/helpers/bootstrap.rb +++ b/lib/helpers/bootstrap.rb @@ -61,17 +61,32 @@ class Bootstrap end def move_secure_service_puppet_files - puts 'Moving secure service puppet files' - Dir.glob("#{ROOT_DIR}/modules/services/**/**/puppet/module/*.pp").each do |puppet_file| - puts "Moving #{puppet_file} to mount/puppet/module" - FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/module") + puts 'Moving Service manifests' + Dir.glob("#{ROOT_DIR}/modules/services/**/**/**/*.pp").each do |puppet_file| + puts "Moving #{puppet_file} to mount/puppet/manifest/" + FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest/") end - Dir.glob("#{ROOT_DIR}/modules/services/**/**/puppet/manifest/*.pp").each do |puppet_file| - puts "Moving #{puppet_file} to mount/puppet/manifest." - FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest") + + puts 'Moving Service modules' + Dir.glob("#{ROOT_DIR}/modules/services/**/**/**/module/**/**").each do |puppet_module_directory| + root_directory_length = ROOT_DIR.split('/').count + module_name = puppet_module_directory.split('/')[root_directory_length + 6] + module_path = "#{ROOT_DIR}/mount/puppet/module/#{module_name}" + + if(Dir.exists?(module_path)) + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) + else + Dir.mkdir("#{ROOT_DIR}/mount/puppet/module/#{module_name}") + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) + end + + puts 'Moving vulnerability templates' end end + def move_build_puppet_files puts 'Moving build puppet module files' diff --git a/lib/objects/base_module.rb b/lib/objects/base_module.rb new file mode 100644 index 000000000..0ec68af00 --- /dev/null +++ b/lib/objects/base_module.rb @@ -0,0 +1,11 @@ +#Contains common components that modules will inherit from. +class BaseModule + + #Name of the module + attr_accessor :name + + #Type of the module + attr_accessor :type + + +end \ No newline at end of file diff --git a/lib/puppet_shared/puppet_shared b/lib/puppet_shared/puppet_shared deleted file mode 100644 index 948138ac7..000000000 --- a/lib/puppet_shared/puppet_shared +++ /dev/null @@ -1 +0,0 @@ -The new mount \ No newline at end of file diff --git a/lib/templates/vagrantbase.erb b/lib/templates/vagrantbase.erb index 804b3fd12..feb9e6ef7 100644 --- a/lib/templates/vagrantbase.erb +++ b/lib/templates/vagrantbase.erb @@ -22,7 +22,18 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Add secure services + <% systems.services.each do |service| %> + <% service_name = service.name.gsub!('-', '_').gsub!('.', '_') %> + + config.vm.provision "puppet" do | <%=service_name%> | + + <%=service_name%>.module_path = "<%="#{ROOT_DIR}/mount/puppet/module/#{service_name}"%>" + <%=service_name%>.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" + <%=service_name%>.manifest_file = "init.pp" + end + + <% end %> # Add vulnerabilities diff --git a/modules/build/puppet/cleanup/module/cleanup/manifests/config.pp b/modules/build/puppet/cleanup/module/cleanup/manifests/config.pp index c1bc4efb1..7974eb134 100644 --- a/modules/build/puppet/cleanup/module/cleanup/manifests/config.pp +++ b/modules/build/puppet/cleanup/module/cleanup/manifests/config.pp @@ -15,10 +15,10 @@ class cleanup::config { # disables eth1 which runs the public network for each vulnerable machine # vagrant runs over 10.0 for eth0 .. eth1 for public .. and eth2 for private. - exec { "ifconfig": - command => "ifconfig eth1 down", - path => "/sbin/", - } +# exec { "ifconfig": +# command => "ifconfig eth1 down", +# path => "/sbin/", +# } # changes default vagrant password, would kind of be pointless if they could just ssh to vagrant/vagrant :P # this never worked. # user { diff --git a/modules/services/unix/http/apache/example42_apache_2_1_12.pp b/modules/services/unix/http/apache/example42_apache_2_1_12.pp new file mode 100644 index 000000000..34bba84eb --- /dev/null +++ b/modules/services/unix/http/apache/example42_apache_2_1_12.pp @@ -0,0 +1 @@ +include apache \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp new file mode 100644 index 000000000..1396c0ab8 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp @@ -0,0 +1,2 @@ +include apache +class{'apache':} \ No newline at end of file diff --git a/modules/services/unix/http/apache/secgen_metadata.xml b/modules/services/unix/http/apache/secgen_metadata.xml new file mode 100644 index 000000000..285e1576d --- /dev/null +++ b/modules/services/unix/http/apache/secgen_metadata.xml @@ -0,0 +1,5 @@ + + \ No newline at end of file diff --git a/xml/services.xml b/xml/services.xml index b1f2a33b2..8b1378917 100644 --- a/xml/services.xml +++ b/xml/services.xml @@ -1,9 +1 @@ - - - - secureftp - - - + From da9eda4602e3f317b54292e0c76a89c5ab0c423d Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Wed, 23 Mar 2016 19:20:54 +0000 Subject: [PATCH 02/13] Relates to SG-18 : Test commit --- .../module/example42_apache_2_1_12/Gemfile | 18 + .../module/example42_apache_2_1_12/LICENSE | 17 + .../module/example42_apache_2_1_12/README.md | 236 ++++++++ .../module/example42_apache_2_1_12/Rakefile | 12 + .../example42_apache_2_1_12/checksums.json | 29 + .../manifests/dotconf.pp | 107 ++++ .../manifests/htpasswd.pp | 112 ++++ .../example42_apache_2_1_12/manifests/init.pp | 528 ++++++++++++++++++ .../manifests/listen.pp | 42 ++ .../manifests/module.pp | 139 +++++ .../manifests/params.pp | 158 ++++++ .../manifests/passenger.pp | 41 ++ .../manifests/redhat.pp | 9 + .../example42_apache_2_1_12/manifests/spec.pp | 22 + .../example42_apache_2_1_12/manifests/ssl.pp | 67 +++ .../manifests/vhost.pp | 275 +++++++++ .../manifests/virtualhost.pp | 117 ++++ .../example42_apache_2_1_12/metadata.json | 56 ++ .../spec/classes/apache_spec.rb | 199 +++++++ .../spec/defines/apache_virtualhost_spec.rb | 67 +++ .../spec/spec_helper.rb | 1 + .../templates/00-NameVirtualHost.conf.erb | 3 + .../templates/listen.conf.erb | 6 + .../templates/module/proxy.conf.erb | 17 + .../templates/spec.erb | 8 + .../templates/virtualhost/vhost.conf.erb | 77 +++ .../virtualhost/virtualhost.conf.erb | 16 + .../example42_apache_2_1_12/tests/vhost.pp | 7 + 28 files changed, 2386 insertions(+) create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb create mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile new file mode 100644 index 000000000..f8ddad569 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile @@ -0,0 +1,18 @@ +source 'https://rubygems.org' + +puppetversion = ENV['PUPPET_VERSION'] + +is_ruby18 = RUBY_VERSION.start_with? '1.8' + +if is_ruby18 + gem 'rspec', "~> 3.1.0", :require => false +end +gem 'puppet', puppetversion, :require => false +gem 'puppet-lint' +gem 'puppetlabs_spec_helper', '>= 0.1.0' +gem 'rspec-puppet' +gem 'metadata-json-lint' + +group :development do + gem 'puppet-blacksmith' +end diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE b/modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE new file mode 100644 index 000000000..f41da0185 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE @@ -0,0 +1,17 @@ +Copyright (C) 2013 Alessandro Franceschi / Lab42 + +for the relevant commits Copyright (C) by the respective authors. + +Contact Lab42 at: info@lab42.it + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md b/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md new file mode 100644 index 000000000..5ee018ea6 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md @@ -0,0 +1,236 @@ +# Puppet module: apache + +This is a Puppet apache module from the second generation of Example42 Puppet Modules. + +Made by Alessandro Franceschi / Lab42 + +Official site: http://www.example42.com + +Official git repository: http://github.com/example42/puppet-apache + +Released under the terms of Apache 2 License. + +This module requires functions provided by the Example42 Puppi module. + +For detailed info about the logic and usage patterns of Example42 modules read README.usage on Example42 main modules set. + +## USAGE - Module specific usage + +* Install apache with a custom httpd.conf template and some virtual hosts + + class { 'apache': + template => 'example42/apache/httpd.conf.erb', + } + + apache::vhost { 'mysite': + docroot => '/path/to/docroot', + template => 'example42/apache/vhost/mysite.com.erb', + } + + +* Install mod ssl + + include apache::ssl + + +* Manage basic auth users (Here user joe is created with the $crypt_password on the defined htpasswd_file + + apache::htpasswd { 'joe': + crypt_password => 'B5dPQYYjf.jjA', + htpasswd_file => '/etc/httpd/users.passwd', + } + + +* Manage custom configuration files (created in conf.d, source or content can be defined) + + apache::dotconf { 'trac': + content => template("site/trac/apache.conf.erb") + } + + +* Add other listening ports (a relevant NameVirtualHost directive is automatically created) + + apache::listen { '8080': } + + +* Add other listening ports without creating a relevant NameVirtualHost directive + + apache::listen { '8080': + $namevirtualhost = false, + } + + +* Add an apache module and manage its configuraton + + apache::module { 'proxy': + templatefile => 'site/apache/module/proxy.conf.erb', + } + + +* Install mod passenger + + include apache::passenger + + +## USAGE - Basic management + +* Install apache with default settings + + class { "apache": } + +* Disable apache service. + + class { "apache": + disable => true + } + +* Disable apache service at boot time, but don't stop if is running. + + class { "apache": + disableboot => true + } + +* Remove apache package + + class { "apache": + absent => true + } + +* Enable auditing without making changes on existing apache configuration files + + class { "apache": + audit_only => true + } + +* Install apache with a specific version + + class { "apache": + version => '2.2.22' + } + + +## USAGE - Default server management + +* Simple way to manage default apache configuration + + apache::vhost { 'default': + docroot => '/var/www/document_root', + server_name => false, + priority => '', + template => 'apache/virtualhost/vhost.conf.erb', + } + +* Using a source file to create the vhost + + apache::vhost { 'default': + source => 'puppet:///files/web/default.conf', + template => '', + } + + +## USAGE - Overrides and Customizations + +* Use custom sources for main config file + + class { "apache": + source => [ "puppet:///modules/lab42/apache/apache.conf-${hostname}" , "puppet:///modules/lab42/apache/apache.conf" ], + } + + +* Use custom source directory for the whole configuration dir + + class { "apache": + source_dir => "puppet:///modules/lab42/apache/conf/", + source_dir_purge => false, # Set to true to purge any existing file not present in $source_dir + } + +* Use custom template for main config file + + class { "apache": + template => "example42/apache/apache.conf.erb", + } + +* Define custom options that can be used in a custom template without the + need to add parameters to the apache class + + class { "apache": + template => "example42/apache/apache.conf.erb", + options => { + 'LogLevel' => 'INFO', + 'UsePAM' => 'yes', + }, + } + +* Automaticallly include a custom subclass + + class { "apache:" + my_class => 'apache::example42', + } + +## USAGE - Hiera Support +* Manage apache configuration using Hiera + +```yaml +apache::template: 'modules/apache/apache2.conf.erb' +apache::options: + timeout: '300' + keepalive: 'On' + maxkeepaliverequests: '100' + keepalivetimeout: '5' +``` + +* Defining Apache resources using Hiera + +```yaml +apache::virtualhost_hash: + 'mysite.com': + documentroot: '/var/www/mysite.com' + aliases: 'www.mysite.com' +apache::htpasswd_hash: + 'myuser': + crypt_password: 'password1' + htpasswd_file: '/etc/apache2/users.passwd' +apache::listen_hash: + '8080': + namevirtualhost: '*' +apache::module_hash: + 'status': + ensure: present +``` + +## USAGE - Example42 extensions management +* Activate puppi (recommended, but disabled by default) + Note that this option requires the usage of Example42 puppi module + + class { "apache": + puppi => true, + } + +* Activate puppi and use a custom puppi_helper template (to be provided separately with + a puppi::helper define ) to customize the output of puppi commands + + class { "apache": + puppi => true, + puppi_helper => "myhelper", + } + +* Activate automatic monitoring (recommended, but disabled by default) + This option requires the usage of Example42 monitor and relevant monitor tools modules + + class { "apache": + monitor => true, + monitor_tool => [ "nagios" , "monit" , "munin" ], + } + +* Activate automatic firewalling + This option requires the usage of Example42 firewall and relevant firewall tools modules + + class { "apache": + firewall => true, + firewall_tool => "iptables", + firewall_src => "10.42.0.0/24", + firewall_dst => "$ipaddress_eth0", + } + + +[![Build Status](https://travis-ci.org/example42/puppet-apache.png?branch=master)](https://travis-ci.org/example42/puppet-apache) diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile new file mode 100644 index 000000000..d7a2a69fd --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile @@ -0,0 +1,12 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint' +PuppetLint.configuration.send("disable_80chars") +PuppetLint.configuration.send('disable_class_parameter_defaults') + +# Blacksmith +begin + require 'puppet_blacksmith/rake_tasks' +rescue LoadError + puts "Blacksmith needed only to push to the Forge" +end diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json b/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json new file mode 100644 index 000000000..7672aee84 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json @@ -0,0 +1,29 @@ +{ + "Gemfile": "08b4b449407602e452a4d939c92d8fd2", + "LICENSE": "a300b604c66de62cf6e923cca89c9d83", + "README.md": "eda04faa84f9fdd551768ae1653ffb94", + "Rakefile": "beb946c8ed36b603d578cc9ca17ca85d", + "manifests/dotconf.pp": "575cab47757dcf509f1e1e8ac11b644b", + "manifests/htpasswd.pp": "b61c60bf0ff48b8fae5ae74370eec18e", + "manifests/init.pp": "3f856f760da332ae66429de7b2e3ac1c", + "manifests/listen.pp": "b2e74f8aa59829c0644b836a8d0e4c2d", + "manifests/module.pp": "8cd0fcdb5495ac1df21d8d4bf14f2782", + "manifests/params.pp": "b708a3a8faa792f25fa36232982c091d", + "manifests/passenger.pp": "471b18ed8769eb16b1fbeb955e3d28c9", + "manifests/redhat.pp": "7bf95178474b51eb75a37931e4ec4d2f", + "manifests/spec.pp": "27b6dcd653caef771ac053e2df3260e9", + "manifests/ssl.pp": "7a2feb658749e0cb8414893da77565f1", + "manifests/vhost.pp": "cead2da83f4059f8236c9acbfc6b97ec", + "manifests/virtualhost.pp": "caba8b56341d8a765f5ad136ddaa45fe", + "metadata.json": "b3fa4d5d439ae3641593797312250da0", + "spec/classes/apache_spec.rb": "8b9164190257524c21ffe86c08678dfd", + "spec/defines/apache_virtualhost_spec.rb": "ae7bd850a64d89233675385c1f605ab8", + "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", + "templates/00-NameVirtualHost.conf.erb": "a410a82e9c65d36c7537bfb36a7a3041", + "templates/listen.conf.erb": "47fe4e9a45f066ac5bd9cbbfe1fd0bd2", + "templates/module/proxy.conf.erb": "2eccd5a67ff4070bdd6ed8cd98b4bbda", + "templates/spec.erb": "055d4f22a02a677753cf922108b6e50c", + "templates/virtualhost/vhost.conf.erb": "4e6d66668b21c1cf28c11f6fcf536f18", + "templates/virtualhost/virtualhost.conf.erb": "a6f72c70e83bec34a85071b9bbef3b3d", + "tests/vhost.pp": "a2ee77862630ba4f7e0fdfb10a8dca79" +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp new file mode 100644 index 000000000..6306b1ad8 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp @@ -0,0 +1,107 @@ +# = Define: apache::dotconf +# +# General Apache define to be used to create generic custom .conf files +# Very simple wrapper to a normal file type +# Use source or template to define the source +# +# == Parameters +# +# [*source*] +# Sets the content of source parameter for the dotconf file +# If defined, apache dotconf file will have the param: source => $source +# +# [*template*] +# Sets the path to the template to use as content for dotconf file +# If defined, apache dotconf file has: content => content("$template") +# Note source and template parameters are mutually exclusive: don't use both +# +# == Usage +# apache::dotconf { "sarg": source => 'puppet://$servername/sarg/sarg.conf' } +# or +# apache::dotconf { "trac": content => template("trac/apache.conf.erb") } +# +define apache::dotconf ( + $enable = true, + $source = '' , + $content = '' , + $priority = '', + $ensure = present, +) { + + $manage_file_source = $source ? { + '' => undef, + default => $source, + } + + $manage_file_content = $content ? { + '' => undef, + default => $content, + } + + # Config file path + if $priority != '' { + $dotconf_path = "${apache::dotconf_dir}/${priority}-${name}.conf" + } else { + $dotconf_path = "${apache::dotconf_dir}/${name}.conf" + } + + # Config file enable path + if $priority != '' { + $dotconf_enable_path = "${apache::config_dir}/conf-enabled/${priority}-${name}.conf" + } else { + $dotconf_enable_path = "${apache::config_dir}/conf-enabled/${name}.conf" + } + + file { "Apache_${name}.conf": + ensure => $ensure, + path => $dotconf_path, + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + source => $manage_file_source, + content => $manage_file_content, + audit => $apache::manage_audit, + } + + # Some OS specific settings: + # Ubuntu 14 uses conf-available / conf-enabled folders + case $::operatingsystem { + /(?i:Ubuntu)/ : { + case $::lsbmajdistrelease { + /14/ : { + $dotconf_link_ensure = $enable ? { + true => $dotconf_path, + false => absent, + } + + file { "ApacheDotconfEnabled_${name}": + ensure => $dotconf_link_ensure, + path => $dotconf_enable_path, + require => Package['apache'], + } + } + default: { } + } + } + /(?i:Debian)/ : { + case $::lsbmajdistrelease { + /8/ : { + $dotconf_link_ensure = $enable ? { + true => $dotconf_path, + false => absent, + } + + file { "ApacheDotconfEnabled_${name}": + ensure => $dotconf_link_ensure, + path => $dotconf_enable_path, + require => Package['apache'], + } + } + default: { } + } + } + default: { } + } +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp new file mode 100644 index 000000000..1a5ae8808 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp @@ -0,0 +1,112 @@ +# = Define apache::htpasswd +# +# This define managed apache htpasswd files +# Based on CamptoCamp Apache module: +# https://github.com/camptocamp/puppet-apache/blob/master/manifests/auth/htpasswd.pp +# +# == Parameters +# +# [*ensure*] +# Define if the add (present) or remove the user (set as $name) +# Default: 'present', +# +# [*htpasswd_file*] +# Path of the htpasswd file to manage. +# Default: "${apache::params::config_dir}/htpasswd" +# +# [*username*] +# Define username when you want to put the username in different files +# Default: $name +# +# [*crypt_password*] +# Crypted password (as it appears in htpasswd) +# Default: false (either crypt_password or clear_password must be set) +# +# [*clear_password*] +# Clear password (as it appears in htpasswd) +# Default: false (either crypt_password or clear_password must be set) +# +# +# == Usage +# +# Set clear password='mypass' to user 'my_user' on default htpasswd file: +# apache::htpasswd { 'myuser': +# clear_password => 'my_pass', +# } +# +# Set crypted password to user 'my_user' on custom htpasswd file: +# apache::htpasswd { 'myuser': +# crypt_password => 'B5dPQYYjf.jjA', +# htpasswd_file => '/etc/httpd/users.passwd', +# } +# +# Set the same user in different files +# apache::htpasswd { 'myuser': +# crypt_password => 'password1', +# htpasswd_file => '/etc/httpd/users.passwd' +# } +# +# apache::htpasswd { 'myuser2': +# crypt_password => 'password2', +# username => 'myuser', +# htpasswd_file => '/etc/httpd/httpd.passwd' +# } +# +define apache::htpasswd ( + $ensure = 'present', + $htpasswd_file = '', + $username = $name, + $crypt_password = false, + $clear_password = false ) { + + include apache + + $real_htpasswd_file = $htpasswd_file ? { + '' => "${apache::params::config_dir}/htpasswd", + default => $htpasswd_file, + } + + case $ensure { + + 'present': { + if $crypt_password and $clear_password { + fail 'Choose only one of crypt_password OR clear_password !' + } + + if !$crypt_password and !$clear_password { + fail 'Choose one of crypt_password OR clear_password !' + } + + if $crypt_password { + exec { "test -f ${real_htpasswd_file} || OPT='-c'; htpasswd -b \${OPT} ${real_htpasswd_file} ${username} '${crypt_password}'": + unless => "grep -q '${username}:${crypt_password}' ${real_htpasswd_file}", + path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + } + + if $clear_password { + exec { "test -f ${real_htpasswd_file} || OPT='-c'; htpasswd -bp \$OPT ${real_htpasswd_file} ${username} ${clear_password}": + unless => "egrep '^${username}:' ${real_htpasswd_file} && grep ${username}:\$(mkpasswd -S \$(egrep '^${username}:' ${real_htpasswd_file} |cut -d : -f 2 |cut -c-2) ${clear_password}) ${real_htpasswd_file}", + path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + } + } + + 'absent': { + exec { "htpasswd -D ${real_htpasswd_file} ${username}": + onlyif => "egrep -q '^${username}:' ${real_htpasswd_file}", + notify => Exec["delete ${real_htpasswd_file} after remove ${username}"], + path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + + exec { "delete ${real_htpasswd_file} after remove ${username}": + command => "rm -f ${real_htpasswd_file}", + onlyif => "wc -l ${real_htpasswd_file} | egrep -q '^0[^0-9]'", + refreshonly => true, + path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + } + + default: { } + } +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp new file mode 100644 index 000000000..accb8be78 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp @@ -0,0 +1,528 @@ + +# = Class: apache +# +# This is the main apache class +# +# +# == Parameters +# +# Standard class parameters +# Define the general class behaviour and customizations +# +# [*my_class*] +# Name of a custom class to autoload to manage module's customizations +# If defined, apache class will automatically "include $my_class" +# Can be defined also by the (top scope) variable $apache_myclass +# +# [*source*] +# Sets the content of source parameter for main configuration file +# If defined, apache main config file will have the param: source => $source +# Can be defined also by the (top scope) variable $apache_source +# +# [*source_dir*] +# If defined, the whole apache configuration directory content is retrieved +# recursively from the specified source +# (source => $source_dir , recurse => true) +# Can be defined also by the (top scope) variable $apache_source_dir +# +# [*source_dir_purge*] +# If set to true (default false) the existing configuration directory is +# mirrored with the content retrieved from source_dir +# (source => $source_dir , recurse => true , purge => true) +# Can be defined also by the (top scope) variable $apache_source_dir_purge +# +# [*template*] +# Sets the path to the template to use as content for main configuration file +# If defined, apache main config file has: content => content("$template") +# Note source and template parameters are mutually exclusive: don't use both +# Can be defined also by the (top scope) variable $apache_template +# +# [*options*] +# An hash of custom options to be used in templates for arbitrary settings. +# Can be defined also by the (top scope) variable $apache_options +# +# [*service_autorestart*] +# Automatically restarts the apache service when there is a change in +# configuration files. Default: true, Set to false if you don't want to +# automatically restart the service. +# +# [*service_requires*] +# Overwrites the service dependencies, which are by default: Package['apache']. +# Set this parameter to a custom set of requirements, if you want to let the +# Apache service depend on more than just the package dependency. +# +# [*absent*] +# Set to 'true' to remove package(s) installed by module +# Can be defined also by the (top scope) variable $apache_absent +# +# [*disable*] +# Set to 'true' to disable service(s) managed by module +# Can be defined also by the (top scope) variable $apache_disable +# +# [*disableboot*] +# Set to 'true' to disable service(s) at boot, without checks if it's running +# Use this when the service is managed by a tool like a cluster software +# Can be defined also by the (top scope) variable $apache_disableboot +# +# [*monitor*] +# Set to 'true' to enable monitoring of the services provided by the module +# Can be defined also by the (top scope) variables $apache_monitor +# and $monitor +# +# [*monitor_tool*] +# Define which monitor tools (ad defined in Example42 monitor module) +# you want to use for apache checks +# Can be defined also by the (top scope) variables $apache_monitor_tool +# and $monitor_tool +# +# [*monitor_target*] +# The Ip address or hostname to use as a target for monitoring tools. +# Default is the fact $ipaddress +# Can be defined also by the (top scope) variables $apache_monitor_target +# and $monitor_target +# +# [*puppi*] +# Set to 'true' to enable creation of module data files that are used by puppi +# Can be defined also by the (top scope) variables $apache_puppi and $puppi +# +# [*puppi_helper*] +# Specify the helper to use for puppi commands. The default for this module +# is specified in params.pp and is generally a good choice. +# You can customize the output of puppi commands for this module using another +# puppi helper. Use the define puppi::helper to create a new custom helper +# Can be defined also by the (top scope) variables $apache_puppi_helper +# and $puppi_helper +# +# [*firewall*] +# Set to 'true' to enable firewalling of the services provided by the module +# Can be defined also by the (top scope) variables $apache_firewall +# and $firewall +# +# [*firewall_tool*] +# Define which firewall tool(s) (ad defined in Example42 firewall module) +# you want to use to open firewall for apache port(s) +# Can be defined also by the (top scope) variables $apache_firewall_tool +# and $firewall_tool +# +# [*firewall_src*] +# Define which source ip/net allow for firewalling apache. Default: 0.0.0.0/0 +# Can be defined also by the (top scope) variables $apache_firewall_src +# and $firewall_src +# +# [*firewall_dst*] +# Define which destination ip to use for firewalling. Default: $ipaddress +# Can be defined also by the (top scope) variables $apache_firewall_dst +# and $firewall_dst +# +# [*debug*] +# Set to 'true' to enable modules debugging +# Can be defined also by the (top scope) variables $apache_debug and $debug +# +# [*audit_only*] +# Set to 'true' if you don't intend to override existing configuration files +# and want to audit the difference between existing files and the ones +# managed by Puppet. +# Can be defined also by the (top scope) variables $apache_audit_only +# and $audit_only +# +# Default class params - As defined in apache::params. +# Note that these variables are mostly defined and used in the module itself, +# overriding the default values might not affected all the involved components. +# Set and override them only if you know what you're doing. +# Note also that you can't override/set them via top scope variables. +# +# [*package*] +# The name of apache package +# +# [*service*] +# The name of apache service +# +# [*service_status*] +# If the apache service init script supports status argument +# +# [*process*] +# The name of apache process +# +# [*process_args*] +# The name of apache arguments. Used by puppi and monitor. +# Used only in case the apache process name is generic (java, ruby...) +# +# [*process_user*] +# The name of the user apache runs with. Used by puppi and monitor. +# +# [*config_dir*] +# Main configuration directory. Used by puppi +# +# [*config_file*] +# Main configuration file path +# +# [*config_file_mode*] +# Main configuration file path mode +# +# [*config_file_owner*] +# Main configuration file path owner +# +# [*config_file_group*] +# Main configuration file path group +# +# [*config_file_init*] +# Path of configuration file sourced by init script +# +# [*config_file_default_purge*] +# Set to 'true' to purge the default configuration file +# +# [*pid_file*] +# Path of pid file. Used by monitor +# +# [*data_dir*] +# Path of application data directory. Used by puppi +# +# [*log_dir*] +# Base logs directory. Used by puppi +# +# [*log_file*] +# Log file(s). Used by puppi +# +# [*port*] +# The listening port, if any, of the service. +# This is used by monitor, firewall and puppi (optional) components +# Note: This doesn't necessarily affect the service configuration file +# Can be defined also by the (top scope) variable $apache_port +# +# [*ssl_port*] +# The ssl port, used if apache::ssl is included and monitor/firewall +# are enabled +# +# [*protocol*] +# The protocol used by the the service. +# This is used by monitor, firewall and puppi (optional) components +# Can be defined also by the (top scope) variable $apache_protocol +# +# [*version*] +# The version of apache package to be installed +# +# +# == Examples +# +# You can use this class in 2 ways: +# - Set variables (at top scope level on in a ENC) and "include apache" +# - Call apache as a parametrized class +# +# See README for details. +# +# +# == Author +# Alessandro Franceschi +# +class apache ( + $my_class = params_lookup( 'my_class' ), + $source = params_lookup( 'source' ), + $source_dir = params_lookup( 'source_dir' ), + $source_dir_purge = params_lookup( 'source_dir_purge' ), + $template = params_lookup( 'template' ), + $service_autorestart = params_lookup( 'service_autorestart' , 'global' ), + $options = params_lookup( 'options' ), + $absent = params_lookup( 'absent' ), + $disable = params_lookup( 'disable' ), + $disableboot = params_lookup( 'disableboot' ), + $monitor = params_lookup( 'monitor' , 'global' ), + $monitor_tool = params_lookup( 'monitor_tool' , 'global' ), + $monitor_target = params_lookup( 'monitor_target' , 'global' ), + $puppi = params_lookup( 'puppi' , 'global' ), + $puppi_helper = params_lookup( 'puppi_helper' , 'global' ), + $firewall = params_lookup( 'firewall' , 'global' ), + $firewall_tool = params_lookup( 'firewall_tool' , 'global' ), + $firewall_src = params_lookup( 'firewall_src' , 'global' ), + $firewall_dst = params_lookup( 'firewall_dst' , 'global' ), + $debug = params_lookup( 'debug' , 'global' ), + $audit_only = params_lookup( 'audit_only' , 'global' ), + $package = params_lookup( 'package' ), + $service = params_lookup( 'service' ), + $service_status = params_lookup( 'service_status' ), + $service_requires = params_lookup( 'service_requires' ), + $process = params_lookup( 'process' ), + $process_args = params_lookup( 'process_args' ), + $process_user = params_lookup( 'process_user' ), + $config_dir = params_lookup( 'config_dir' ), + $config_file = params_lookup( 'config_file' ), + $config_file_mode = params_lookup( 'config_file_mode' ), + $config_file_owner = params_lookup( 'config_file_owner' ), + $config_file_group = params_lookup( 'config_file_group' ), + $config_file_init = params_lookup( 'config_file_init' ), + $config_file_default_purge = params_lookup( 'config_file_default_purge'), + $pid_file = params_lookup( 'pid_file' ), + $data_dir = params_lookup( 'data_dir' ), + $log_dir = params_lookup( 'log_dir' ), + $log_file = params_lookup( 'log_file' ), + $port = params_lookup( 'port' ), + $ssl_port = params_lookup( 'ssl_port' ), + $protocol = params_lookup( 'protocol' ), + $version = params_lookup( 'version' ), + $dotconf_hash = params_lookup( 'dotconf_hash'), + $htpasswd_hash = params_lookup( 'htpasswd_hash'), + $listen_hash = params_lookup( 'listen_hash'), + $module_hash = params_lookup( 'module_hash'), + $vhost_hash = params_lookup( 'vhost_hash'), + $virtualhost_hash = params_lookup( 'virtualhost_hash'), + ) inherits apache::params { + + $bool_source_dir_purge=any2bool($source_dir_purge) + $bool_service_autorestart=any2bool($service_autorestart) + $bool_absent=any2bool($absent) + $bool_disable=any2bool($disable) + $bool_disableboot=any2bool($disableboot) + $bool_monitor=any2bool($monitor) + $bool_puppi=any2bool($puppi) + $bool_firewall=any2bool($firewall) + $bool_debug=any2bool($debug) + $bool_audit_only=any2bool($audit_only) + + ## Integration with Hiera + if $dotconf_hash != {} { + validate_hash($dotconf_hash) + create_resources('apache::dotconf', $dotconf_hash) + } + if $htpasswd_hash != {} { + validate_hash($htpasswd_hash) + create_resources('apache::htpasswd', $htpasswd_hash) + } + if $listen_hash != {} { + validate_hash($listen_hash) + create_resources('apache::listen', $listen_hash) + } + if $module_hash != {} { + validate_hash($module_hash) + create_resources('apache::module', $module_hash) + } + if $vhost_hash != {} { + validate_hash($vhost_hash) + create_resources('apache::vhost', $vhost_hash) + } + if $virtualhost_hash != {} { + validate_hash($virtualhost_hash) + create_resources('apache::virtualhost', $virtualhost_hash) + } + + ### Calculation of variables that dependes on arguments + $vdir = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => "${apache::config_dir}/sites-available", + SLES => "${apache::config_dir}/vhosts.d", + default => "${apache::config_dir}/conf.d", + } + + case $::operatingsystem { + /(?i:Ubuntu)/ : { + case $::lsbmajdistrelease { + /14/ : { + $dotconf_dir = "${apache::config_dir}/conf-available" + } + default: { + $dotconf_dir = "${apache::config_dir}/conf.d" + } + } + } + /(?i:Debian)/ : { + case $::lsbmajdistrelease { + /8/ : { + $dotconf_dir = "${apache::config_dir}/conf-available" + } + default: { + $dotconf_dir = "${apache::config_dir}/conf.d" + } + } + } + default: { + $dotconf_dir = "${apache::config_dir}/conf.d" + } + } + + ### Definition of some variables used in the module + $manage_package = $apache::bool_absent ? { + true => 'absent', + false => $apache::version ? { + '' => 'present', + default => $apache::version, + }, + } + + $manage_service_enable = $apache::bool_disableboot ? { + true => false, + default => $apache::bool_disable ? { + true => false, + default => $apache::bool_absent ? { + true => false, + false => true, + }, + }, + } + + $manage_service_ensure = $apache::bool_disable ? { + true => 'stopped', + default => $apache::bool_absent ? { + true => 'stopped', + default => 'running', + }, + } + + $manage_service_autorestart = $apache::bool_service_autorestart ? { + true => 'Service[apache]', + false => undef, + } + + $manage_file = $apache::bool_absent ? { + true => 'absent', + default => 'present', + } + + if $apache::bool_absent == true + or $apache::bool_disable == true + or $apache::bool_monitor == false + or $apache::bool_disableboot == true { + $manage_monitor = false + } else { + $manage_monitor = true + } + + if $apache::bool_absent == true or $apache::bool_disable == true { + $manage_firewall = false + } else { + $manage_firewall = true + } + + $manage_audit = $apache::bool_audit_only ? { + true => 'all', + false => undef, + } + + $manage_file_replace = $apache::bool_audit_only ? { + true => false, + false => true, + } + + $manage_file_source = $apache::source ? { + '' => undef, + default => $apache::source, + } + + $manage_file_content = $apache::template ? { + '' => undef, + default => template($apache::template), + } + + ### Managed resources + package { 'apache': + ensure => $apache::manage_package, + name => $apache::package, + } + + service { 'apache': + ensure => $apache::manage_service_ensure, + name => $apache::service, + enable => $apache::manage_service_enable, + hasstatus => $apache::service_status, + pattern => $apache::process, + require => $service_requires, + } + + file { 'apache.conf': + ensure => $apache::manage_file, + path => $apache::config_file, + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + source => $apache::manage_file_source, + content => $apache::manage_file_content, + replace => $apache::manage_file_replace, + audit => $apache::manage_audit, + } + + # The whole apache configuration directory can be recursively overriden + if $apache::source_dir and $apache::source_dir != '' { + file { 'apache.dir': + ensure => directory, + path => $apache::config_dir, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + source => $apache::source_dir, + recurse => true, + purge => $apache::bool_source_dir_purge, + force => $apache::bool_source_dir_purge, + replace => $apache::manage_file_replace, + audit => $apache::manage_audit, + } + } + + if $apache::config_file_default_purge { + apache::vhost { 'default': + enable => false, + priority => '', + } + } + + ### Include custom class if $my_class is set + if $apache::my_class and $apache::my_class != '' { + include $apache::my_class + } + + + ### Provide puppi data, if enabled ( puppi => true ) + if $apache::bool_puppi == true { + $classvars=get_class_args() + puppi::ze { 'apache': + ensure => $apache::manage_file, + variables => $classvars, + helper => $apache::puppi_helper, + } + } + + + ### Service monitoring, if enabled ( monitor => true ) + if $apache::monitor_tool { + monitor::port { "apache_${apache::protocol}_${apache::port}": + protocol => $apache::protocol, + port => $apache::port, + target => $apache::monitor_target, + tool => $apache::monitor_tool, + enable => $apache::manage_monitor, + } + monitor::process { 'apache_process': + process => $apache::process, + service => $apache::service, + pidfile => $apache::pid_file, + user => $apache::process_user, + argument => $apache::process_args, + tool => $apache::monitor_tool, + enable => $apache::manage_monitor, + } + } + + + ### Firewall management, if enabled ( firewall => true ) + if $apache::bool_firewall == true { + firewall { "apache_${apache::protocol}_${apache::port}": + source => $apache::firewall_src, + destination => $apache::firewall_dst, + protocol => $apache::protocol, + port => $apache::port, + action => 'allow', + direction => 'input', + tool => $apache::firewall_tool, + enable => $apache::manage_firewall, + } + } + + + ### Debugging, if enabled ( debug => true ) + if $apache::bool_debug == true { + file { 'debug_apache': + ensure => $apache::manage_file, + path => "${settings::vardir}/debug-apache", + mode => '0640', + owner => 'root', + group => 'root', + content => inline_template('<%= scope.to_hash.reject { |k,v| k.to_s =~ /(uptime.*|path|timestamp|free|.*password.*|.*psk.*|.*key)/ }.to_yaml %>'), + } + } +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp new file mode 100644 index 000000000..093d37142 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp @@ -0,0 +1,42 @@ +# = Define: apache::listen +# +# This define creates a Listen statement in Apache configuration +# It adds a single configuration file to Apache conf.d with the Listen +# statement +# +# == Parameters +# +# [*namevirtualhost*] +# If to add a NameVirtualHost for this port. Default: * +# (it creates a NameVirtualHost <%= @namevirtualhost %>:<%= @port %> entry) +# Set to false to listen to the port without a NameVirtualHost +# +# == Examples +# apache::listen { '8080':} +# +define apache::listen ( + $namevirtualhost = '*', + $ensure = 'present', + $template = 'apache/listen.conf.erb', + $notify_service = true ) { + + include apache + + $manage_service_autorestart = $notify_service ? { + true => 'Service[apache]', + false => undef, + } + + file { "Apache_Listen_${name}.conf": + ensure => $ensure, + path => "${apache::config_dir}/conf.d/0000_listen_${name}.conf", + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + require => Package['apache'], + notify => $manage_service_autorestart, + content => template($template), + audit => $apache::manage_audit, + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp new file mode 100644 index 000000000..8c60352a2 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp @@ -0,0 +1,139 @@ +# = Define: apache::module +# +# This define installs and configures apache modules +# On Debian and derivatives it places the module config +# into /etc/apache/mods-available. +# On RedHat and derivatives it just creates the configuration file, if +# provided via the templatefile => argument +# If you need to customize the module .conf file, +# add a templatefile with path to the template, +# +# == Parameters +# +# [*ensure*] +# If to enable/install the module. Default: present +# Set to absent to disable/remove the module +# +# [*templatefile*] +# Optional. Location of the template to use to configure +# the module +# +# [*install_package*] +# If a module package has to be installed. Default: false +# Set to true if the module package is not installed by default +# and you need to install the relevant package +# In this case the package name is calculated according to the operatingsystem +# and the ${name} variable. +# If the autocalculated package name for the module is not +# correct, you can explicitely set it (using a string different than +# true or false) +# +# [*notify_service*] +# If you want to restart the apache service automatically when +# the module is applied. Default: true +# +# == Examples +# apache::module { 'proxy': +# templatefile => 'apache/module/proxy.conf.erb', +# } +# +# apache::module { 'bw': +# install_package => true, +# templatefile => 'myclass/apache/bw.conf.erb', +# } +# +# apache::module { 'proxy_html': +# install_package => 'libapache2-mod-proxy-html', +# } +# +# +define apache::module ( + $ensure = 'present', + $templatefile = '', + $install_package = false, + $notify_service = true ) { + + include apache + + $manage_service_autorestart = $notify_service ? { + true => 'Service[apache]', + false => undef, + } + + if $install_package != false { + $modpackage_basename = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'libapache2-mod-', + /(?i:SLES|OpenSuSE)/ => 'apache2-mod_', + default => 'mod_', + } + + $real_install_package = $install_package ? { + true => "${modpackage_basename}${name}", + default => $install_package, + } + + package { "ApacheModule_${name}": + ensure => $ensure, + name => $real_install_package, + notify => $manage_service_autorestart, + require => Package['apache'], + } + + } + + + if $templatefile != '' { + $module_conf_path = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => "${apache::config_dir}/mods-available/${name}.conf", + default => "${apache::config_dir}/conf.d/module_${name}.conf", + } + + file { "ApacheModule_${name}_conf": + ensure => present , + path => $module_conf_path, + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + content => template($templatefile), + notify => $manage_service_autorestart, + require => Package['apache'], + } + } + + + if $::operatingsystem == 'Debian' + or $::operatingsystem == 'Ubuntu' + or $::operatingsystem == 'Mint' { + case $ensure { + 'present': { + + $exec_a2enmod_subscribe = $install_package ? { + false => undef, + default => Package["ApacheModule_${name}"] + } + $exec_a2dismode_before = $install_package ? { + false => undef, + default => Package["ApacheModule_${name}"] + } + + exec { "/usr/sbin/a2enmod ${name}": + unless => "/bin/sh -c '[ -L ${apache::config_dir}/mods-enabled/${name}.load ] && [ ${apache::config_dir}/mods-enabled/${name}.load -ef ${apache::config_dir}/mods-available/${name}.load ]'", + notify => $manage_service_autorestart, + require => Package['apache'], + subscribe => $exec_a2enmod_subscribe, + } + } + 'absent': { + exec { "/usr/sbin/a2dismod ${name}": + onlyif => "/bin/sh -c '[ -L ${apache::config_dir}/mods-enabled/${name}.load ] && [ ${apache::config_dir}/mods-enabled/${name}.load -ef ${apache::config_dir}/mods-available/${name}.load ]'", + notify => $manage_service_autorestart, + require => Package['apache'], + before => $exec_a2dismode_before, + } + } + default: { + } + } + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp new file mode 100644 index 000000000..e7496949f --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp @@ -0,0 +1,158 @@ +# Class: apache::params +# +# This class defines default parameters used by the main module class apache +# Operating Systems differences in names and paths are addressed here +# +# == Variables +# +# Refer to apache class for the variables defined here. +# +# == Usage +# +# This class is not intended to be used directly. +# It may be imported or inherited by other classes +# +class apache::params { + + ### Application specific parameters + $package_modssl = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'libapache-mod-ssl', + /(?i:SLES|OpenSuSE)/ => undef, + default => 'mod_ssl', + } + + ### Application related parameters + + $package = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'apache2', + /(?i:SLES|OpenSuSE)/ => 'apache2', + default => 'httpd', + } + + $service = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'apache2', + /(?i:SLES|OpenSuSE)/ => 'apache2', + default => 'httpd', + } + + $service_status = $::operatingsystem ? { + default => true, + } + + $process = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'apache2', + /(?i:SLES|OpenSuSE)/ => 'httpd2-prefork', + default => 'httpd', + } + + $process_args = $::operatingsystem ? { + default => '', + } + + $process_user = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => 'www-data', + /(?i:SLES|OpenSuSE)/ => 'wwwrun', + default => 'apache', + } + + $config_dir = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => '/etc/apache2', + /(?i:SLES|OpenSuSE)/ => '/etc/apache2', + freebsd => '/usr/local/etc/apache20', + default => '/etc/httpd', + } + + $config_file = $::operatingsystem ? { + /(?i:Ubuntu|Debian|Mint)/ => '/etc/apache2/apache2.conf', + /(?i:SLES|OpenSuSE)/ => '/etc/apache2/httpd.conf', + freebsd => '/usr/local/etc/apache20/httpd.conf', + default => '/etc/httpd/conf/httpd.conf', + } + + $config_file_mode = $::operatingsystem ? { + default => '0644', + } + + $config_file_owner = $::operatingsystem ? { + default => 'root', + } + + $config_file_group = $::operatingsystem ? { + freebsd => 'wheel', + default => 'root', + } + + $config_file_init = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => '/etc/default/apache2', + /(?i:SLES|OpenSuSE)/ => '/etc/sysconfig/apache2', + default => '/etc/sysconfig/httpd', + } + + $pid_file = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => '/var/run/apache2.pid', + /(?i:SLES|OpenSuSE)/ => '/var/run/httpd2.pid', + default => '/var/run/httpd.pid', + } + + $log_dir = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => '/var/log/apache2', + /(?i:SLES|OpenSuSE)/ => '/var/log/apache2', + default => '/var/log/httpd', + } + + $log_file = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => ['/var/log/apache2/access.log','/var/log/apache2/error.log'], + /(?i:SLES|OpenSuSE)/ => ['/var/log/apache2/access.log','/var/log/apache2/error.log'], + default => ['/var/log/httpd/access.log','/var/log/httpd/error.log'], + } + + $data_dir = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => '/var/www', + /(?i:Suse|OpenSuse)/ => '/srv/www/htdocs', + default => '/var/www/html', + } + + $ports_conf_path = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => '/etc/apache2/ports.conf', + default => '', + } + + $port = '80' + $ssl_port = '443' + $protocol = 'tcp' + + # General Settings + $my_class = '' + $source = '' + $source_dir = '' + $source_dir_purge = false + $config_file_default_purge = false + $template = '' + $options = '' + $service_autorestart = true + $service_requires = Package['apache'] + $absent = false + $version = '' + $disable = false + $disableboot = false + + ### General module variables that can have a site or per module default + $monitor = false + $monitor_tool = '' + $monitor_target = $::ipaddress + $firewall = false + $firewall_tool = '' + $firewall_src = '0.0.0.0/0' + $firewall_dst = $::ipaddress + $puppi = false + $puppi_helper = 'standard' + $debug = false + $audit_only = false + $dotconf_hash = {} + $htpasswd_hash = {} + $listen_hash = {} + $module_hash = {} + $vhost_hash = {} + $virtualhost_hash = {} + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp new file mode 100644 index 000000000..9cb409cc9 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp @@ -0,0 +1,41 @@ +# Class apache::passenger +# +# Apache resources specific for passenger +# +class apache::passenger { + + include apache + + case $::operatingsystem { + ubuntu,debian,mint: { + package { 'libapache2-mod-passenger': + ensure => present; + } + + exec { 'enable-passenger': + command => '/usr/sbin/a2enmod passenger', + creates => '/etc/apache2/mods-enabled/passenger.load', + notify => Service['apache'], + require => [ + Package['apache'], + Package['libapache2-mod-passenger'] + ], + } + } + + centos,redhat,scientific,fedora: { + $osver = split($::operatingsystemrelease, '[.]') + + case $osver[0] { + 5: { require yum::repo::passenger } + default: { } + } + package { 'mod_passenger': + ensure => present; + } + } + + default: { } + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp new file mode 100644 index 000000000..72a4e4204 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp @@ -0,0 +1,9 @@ +# Class apache::redhat +# +# Apache resources specific for RedHat +# +class apache::redhat { + apache::dotconf { '00-NameVirtualHost': + content => template('apache/00-NameVirtualHost.conf.erb'), + } +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp new file mode 100644 index 000000000..ef75f6972 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp @@ -0,0 +1,22 @@ +# Class: apache::spec +# +# This class is used only for rpsec-puppet tests +# Can be taken as an example on how to do custom classes but should not +# be modified. +# +# == Usage +# +# This class is not intended to be used directly. +# Use it as reference +# +class apache::spec inherits apache { + + # This just a test to override the arguments of an existing resource + # Note that you can achieve this same result with just: + # class { "apache": template => "apache/spec.erb" } + + File['apache.conf'] { + content => template('apache/spec.erb'), + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp new file mode 100644 index 000000000..6d0f6d70b --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp @@ -0,0 +1,67 @@ +# Class apache::ssl +# +# Apache resources specific for SSL +# +class apache::ssl { + + include apache + + case $::operatingsystem { + ubuntu,debian,mint: { + exec { 'enable-ssl': + command => '/usr/sbin/a2enmod ssl', + creates => '/etc/apache2/mods-enabled/ssl.load', + notify => Service['apache'], + require => Package['apache'], + } + } + + default: { + package { 'mod_ssl': + ensure => present, + require => Package['apache'], + notify => Service['apache'], + } + file { "${apache::config_dir}/ssl.conf": + mode => '0644', + owner => 'root', + group => 'root', + notify => Service['apache'], + } + file {['/var/cache/mod_ssl', '/var/cache/mod_ssl/scache']: + ensure => directory, + owner => 'apache', + group => 'root', + mode => '0700', + require => Package['mod_ssl'], + notify => Service['apache'], + } + } + } + + ### Port monitoring, if enabled ( monitor => true ) + if $apache::bool_monitor == true { + monitor::port { "apache_${apache::protocol}_${apache::ssl_port}": + protocol => $apache::protocol, + port => $apache::ssl_port, + target => $apache::monitor_target, + tool => $apache::monitor_tool, + enable => $apache::manage_monitor, + } + } + + ### Firewall management, if enabled ( firewall => true ) + if $apache::bool_firewall == true { + firewall { "apache_${apache::protocol}_${apache::ssl_port}": + source => $apache::firewall_src, + destination => $apache::firewall_dst, + protocol => $apache::protocol, + port => $apache::ssl_port, + action => 'allow', + direction => 'input', + tool => $apache::firewall_tool, + enable => $apache::manage_firewall, + } + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp new file mode 100644 index 000000000..8c1d89dac --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp @@ -0,0 +1,275 @@ +# = Define: apache::vhost +# +# This class manages Apache Virtual Hosts configuration files +# +# == Parameters: +# [*port*] +# The port to configure the host on + +# [*ip_addr*] +# The ip to configure the host on. Default: * (all IPs) +# +# [*docroot*] +# The VirtualHost DocumentRoot +# +# [*docroot_create*] +# If the specified directory has to be created. Default: false +# +# [*ssl*] +# Set to true to enable SSL for this Virtual Host +# +# [*template*] +# Specify a custom template to use instead of the default one +# The value will be used in content => template($template) +# +# [*source*] +# Source file for vhost. Alternative to template. +# Note that if you decide to source a static file most of the other +# parameters of this define won't be used. +# Note also that if you set a source file, you've to explicitly set +# the template parameter to undef. +# +# [*priority*] +# The priority of the VirtualHost, lower values are evaluated first +# Set to '' to edit default apache value +# +# [*serveraliases*] +# An optional list of space separated ServerAliases +# +# [*env_variables*] +# An optional list of space separated environment variables (e.g ['APP_ENV dev']) +# +# [*server_admin*] +# Server admin email address +# +# [*server_name*] +# An optional way to directly set server name +# False mean, that servername is not present in generated config file +# +# [*passenger*] +# If Passenger should be enabled +# +# [*passenger_high_performance*] +# Set the PassengerHighPerformance directive +# +# [*passenger_pool_max_pool_size*] +# Set the PassengerMaxPoolSize directive +# +# [*passenger_pool_idle_time*] +# Set the PassengerPoolIdleTime directive +# +# [*passenger_max_requests*] +# Set the PassengerMaxRequests directive +# +# [*passenger_stat_throttle_rate*] +# Set the PassengerStatThrottleRate directive +# +# [*passenger_rack_auto_detect*] +# Set the RackAutoDetect directive +# +# [*passenger_rails_auto_detect*] +# Set the RailsAutoDetect directive +# +# [*passenger_rails_env*] +# Set the RailsEnv directive +# +# [*passenger_rails_base_uri*] +# Set the RackBaseURI directive +# +# [*passenger_rack_env*] +# Set the RackEnv directive +# +# [*passenger_rack_base_uri*] +# Set the RackBaseURI directive +# +# [*directory*] +# Set the VHost directory used for the directive +# +# [*directory_options*] +# Set the directory's Options +# +# [*directory_allow_override*] +# Set the directory's override configuration +# +# [*directory_require*] +# Set the Require attribute for Apache 2.4 +# +# [*aliases*] +# Set one or more Alias directives (e.g '/phpmyadmin /usr/share/phpMyAdmin' +# or ['/alias1 /path/to/alias', '/alias2 /path/to/secondalias']) +# +# [*proxy_aliases*] +# Set one or more proxy and reverse proxy directives. (e.g. '/manager http://localhost:8080/manager' +# or ['/manager http://localhost:8080/manager', '/alias3 http://remote.server.com/alias']) +# +# == Examples: +# apache::vhost { 'site.name.fqdn': +# docroot => '/path/to/docroot', +# } +# +# apache::vhost { 'mysite': +# docroot => '/path/to/docroot', +# template => 'myproject/apache/mysite.conf', +# } +# +# apache::vhost { 'my.other.site': +# docroot => '/path/to/docroot', +# directory => '/path/to', +# directory_allow_override => 'All', +# } +# +# apache::vhost { 'sitewithalias': +# docroot => '/path/to/docroot', +# aliases => '/phpmyadmin /usr/share/phpMyAdmin', +# } +# +define apache::vhost ( + $server_admin = '', + $server_name = '', + $docroot = '', + $docroot_create = false, + $docroot_owner = 'root', + $docroot_group = 'root', + $port = '80', + $ip_addr = '*', + $ssl = false, + $template = 'apache/virtualhost/vhost.conf.erb', + $source = '', + $priority = '50', + $serveraliases = '', + $env_variables = '', + $passenger = false, + $passenger_high_performance = true, + $passenger_max_pool_size = 12, + $passenger_pool_idle_time = 1200, + $passenger_max_requests = 0, + $passenger_stat_throttle_rate = 30, + $passenger_rack_auto_detect = true, + $passenger_rails_auto_detect = false, + $passenger_rails_env = '', + $passenger_rails_base_uri = '', + $passenger_rack_env = '', + $passenger_rack_base_uri = '', + $enable = true, + $directory = '', + $directory_options = '', + $directory_allow_override = 'None', + $directory_require = '', + $aliases = '', + $proxy_aliases = '' +) { + + $ensure = $enable ? { + true => present, + false => present, + absent => absent, + } + $bool_docroot_create = any2bool($docroot_create) + $bool_passenger = any2bool($passenger) + $bool_passenger_high_performance = any2bool($passenger_high_performance) + $bool_passenger_rack_auto_detect = any2bool($passenger_rack_auto_detect) + $bool_passenger_rails_auto_detect = any2bool($passenger_rails_auto_detect) + + $real_docroot = $docroot ? { + '' => "${apache::data_dir}/${name}", + default => $docroot, + } + + $real_directory = $directory ? { + '' => $apache::data_dir, + default => $directory, + } + + $server_name_value = $server_name ? { + '' => $name, + default => $server_name, + } + + $manage_file_source = $source ? { + '' => undef, + default => $source, + } + + # Server admin email + if $server_admin != '' { + $server_admin_email = $server_admin + } elsif ($name != 'default') and ($name != 'default-ssl') { + $server_admin_email = "webmaster@${name}" + } else { + $server_admin_email = 'webmaster@localhost' + } + + # Config file path + if $priority != '' { + $config_file_path = "${apache::vdir}/${priority}-${name}.conf" + } elsif ($name != 'default') and ($name != 'default-ssl') { + $config_file_path = "${apache::vdir}/${name}.conf" + } else { + $config_file_path = "${apache::vdir}/${name}" + } + + # Config file enable path + if $priority != '' { + $config_file_enable_path = "${apache::config_dir}/sites-enabled/${priority}-${name}.conf" + } elsif ($name != 'default') and ($name != 'default-ssl') { + $config_file_enable_path = "${apache::config_dir}/sites-enabled/${name}.conf" + } else { + $config_file_enable_path = "${apache::config_dir}/sites-enabled/000-${name}" + } + + $manage_file_content = $template ? { + '' => undef, + undef => undef, + default => template($template), + } + + include apache + + file { $config_file_path: + ensure => $ensure, + source => $manage_file_source, + content => $manage_file_content, + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + } + + # Some OS specific settings: + # On Debian/Ubuntu manages sites-enabled + case $::operatingsystem { + ubuntu,debian,mint: { + $file_vhost_link_ensure = $enable ? { + true => $config_file_path, + false => absent, + absent => absent, + } + file { "ApacheVHostEnabled_${name}": + ensure => $file_vhost_link_ensure, + path => $config_file_enable_path, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + } + } + redhat,centos,scientific,fedora: { + include apache::redhat + } + default: { } + } + + if $bool_docroot_create == true { + file { $real_docroot: + ensure => directory, + owner => $docroot_owner, + group => $docroot_group, + mode => '0775', + require => Package['apache'], + } + } + + if $bool_passenger == true { + include apache::passenger + } +} + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp new file mode 100644 index 000000000..c36a8a8f3 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp @@ -0,0 +1,117 @@ +# = Define: apache::virtualhost +# +# NOTE: This define does the same function of apache::vhost and is +# now deprecated. Use apache::vhost instead. +# +# Basic Virtual host management define +# You can use different templates for your apache virtual host files +# Default is virtualhost.conf.erb, adapt it to your needs or create +# your custom template. +# +# == Usage: +# With standard template: +# apache::virtualhost { "www.example42.com": } +# +# With custom template (create it in MODULEPATH/apache/templates/virtualhost/) +# apache::virtualhost { "webmail.example42.com": +# templatefile => "webmail.conf.erb" +# } +# +# With custom template in custom location +# (MODULEPATH/mymod/templates/apache/vihost/) +# apache::virtualhost { "webmail.example42.com": +# templatefile => "webmail.conf.erb" +# templatepath => "mymod/apache/vihost" +# } +# +define apache::virtualhost ( + $templatefile = 'virtualhost.conf.erb' , + $templatepath = 'apache/virtualhost' , + $documentroot = '' , + $filename = '' , + $aliases = '' , + $create_docroot = true , + $enable = true , + $owner = '' , + $content = '' , + $groupowner = '' ) { + + include apache + + $real_filename = $filename ? { + '' => $name, + default => $filename, + } + + $real_documentroot = $documentroot ? { + '' => "${apache::data_dir}/${name}", + default => $documentroot, + } + + $real_owner = $owner ? { + '' => $apache::config_file_owner, + default => $owner, + } + + $real_groupowner = $groupowner ? { + '' => $apache::config_file_group, + default => $groupowner, +} + + $real_path = $::operatingsystem ? { + /(?i:Debian|Ubuntu|Mint)/ => "${apache::vdir}/${real_filename}", + default => "${apache::vdir}/${real_filename}.conf", + } + + $ensure_link = any2bool($enable) ? { + true => "${apache::vdir}/${real_filename}", + false => absent, + } + $ensure = bool2ensure($enable) + $bool_create_docroot = any2bool($enable) ? { + true => any2bool($create_docroot), + false => false, + } + + $real_content = $content ? { + '' => template("${templatepath}/${templatefile}"), + default => $content, + } + + file { "ApacheVirtualHost_${name}": + ensure => $ensure, + path => $real_path, + content => $real_content, + mode => $apache::config_file_mode, + owner => $apache::config_file_owner, + group => $apache::config_file_group, + require => Package['apache'], + notify => $apache::manage_service_autorestart, + } + + # Some OS specific settings: + # On Debian/Ubuntu manages sites-enabled + case $::operatingsystem { + ubuntu,debian,mint: { + file { "ApacheVirtualHostEnabled_${name}": + ensure => $ensure_link, + path => "${apache::config_dir}/sites-enabled/${real_filename}", + require => Package['apache'], + } + } + redhat,centos,scientific,fedora: { + include apache::redhat + } + default: { } + } + + if $bool_create_docroot == true { + file { $real_documentroot: + ensure => directory, + owner => $real_owner, + group => $real_groupowner, + mode => '0775', + } + } + +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json b/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json new file mode 100644 index 000000000..a246d196a --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json @@ -0,0 +1,56 @@ +{ + "name": "example42-apache", + "version": "2.1.12", + "author": "Alessandro Franceschi, Martin Alfke", + "summary": "Puppet module for apache", + "license": "Apache-2.0", + "source": "https://github.com/example42/puppet-apache", + "project_page": "https://github.com/example42/puppet-apache", + "issues_url": "https://github.com/example42/puppet-apache/issues", + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"}, + {"name":"example42/puppi","version_requirement":">= 2.0.0"}, + {"name":"example42/monitor","version_requirement":">= 2.0.0"}, + {"name":"example42/iptables","version_requirement":">= 2.0.0"}, + {"name":"example42/firewall","version_requirement":">= 2.0.0"}, + {"name":"puppetlabs/concat","version_requirement":">= 1.0.0"} + ], + "checksums": { + }, + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "7" + ] + }, + { + "operatingsystem": "Centos", + "operatingsystemrelease": [ + "7" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "14.04" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": ">= 3.0.0 < 5.0.0" + }, + { + "name": "puppet", + "version_requirement": ">= 3.0.0 < 5.0.0" + } + ] +} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb new file mode 100644 index 000000000..23169fbbf --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb @@ -0,0 +1,199 @@ +require "#{File.join(File.dirname(__FILE__),'..','spec_helper.rb')}" + +describe 'apache' do + + let(:title) { 'apache' } + let(:node) { 'rspec.example42.com' } + let(:facts) { { :ipaddress => '10.42.42.42' , :monitor_tool => 'puppi', :operatingsystemrelease => '6.6' } } + + describe 'Test standard installation' do + it { should contain_package('apache').with_ensure('present') } + it { should contain_service('apache').with_ensure('running') } + it { should contain_service('apache').with_enable('true') } + it { should contain_file('apache.conf').with_ensure('present') } + end + + describe 'Test standard installation with monitoring and firewalling' do + let(:params) { {:monitor => true , :firewall => true, :port => '42' } } + + it { should contain_package('apache').with_ensure('present') } + it { should contain_service('apache').with_ensure('running') } + it { should contain_service('apache').with_enable('true') } + it { should contain_file('apache.conf').with_ensure('present') } + it 'should monitor the process' do + should contain_monitor__process('apache_process').with_enable(true) + end + it 'should place a firewall rule' do + should contain_firewall('apache_tcp_42').with_enable(true) + end + end + + describe 'Test decommissioning - absent' do + let(:params) { {:absent => true, :monitor => true , :firewall => true, :port => '42'} } + + it 'should remove Package[apache]' do should contain_package('apache').with_ensure('absent') end + it 'should stop Service[apache]' do should contain_service('apache').with_ensure('stopped') end + it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end + it 'should remove apache configuration file' do should contain_file('apache.conf').with_ensure('absent') end + it 'should not monitor the process' do + should contain_monitor__process('apache_process').with_enable(false) + end + it 'should remove a firewall rule' do + should contain_firewall('apache_tcp_42').with_enable(false) + end + end + + describe 'Test decommissioning - disable' do + let(:params) { {:disable => true, :monitor => true , :firewall => true, :port => '42'} } + + it { should contain_package('apache').with_ensure('present') } + it 'should stop Service[apache]' do should contain_service('apache').with_ensure('stopped') end + it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end + it { should contain_file('apache.conf').with_ensure('present') } + it 'should not monitor the process' do + should contain_monitor__process('apache_process').with_enable(false) + end + it 'should remove a firewall rule' do + should contain_firewall('apache_tcp_42').with_enable(false) + end + end + + describe 'Test decommissioning - disableboot' do + let(:params) { {:disableboot => true, :monitor => true , :firewall => true, :port => '42'} } + + it { should contain_package('apache').with_ensure('present') } + it { should_not contain_service('apache').with_ensure('present') } + it { should_not contain_service('apache').with_ensure('absent') } + it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end + it { should contain_file('apache.conf').with_ensure('present') } + it 'should not monitor the process locally' do + should contain_monitor__process('apache_process').with_enable(false) + end + it 'should keep a firewall rule' do + should contain_firewall('apache_tcp_42').with_enable(true) + end + end + + describe 'Test customizations - template' do + let(:params) { {:template => "apache/spec.erb" , :options => { 'opt_a' => 'value_a' } } } + + it 'should generate a valid template' do + should contain_file('apache.conf').with_content(/fqdn: rspec.example42.com/) + end + it 'should generate a template that uses custom options' do + should contain_file('apache.conf').with_content(/value_a/) + end + + end + + describe 'Test customizations - source' do + let(:params) { {:source => "puppet://modules/apache/spec" , :source_dir => "puppet://modules/apache/dir/spec" , :source_dir_purge => true } } + + it 'should request a valid source ' do + should contain_file('apache.conf').with_source("puppet://modules/apache/spec") + end + it 'should request a valid source dir' do + should contain_file('apache.dir').with_source("puppet://modules/apache/dir/spec") + end + it 'should purge source dir if source_dir_purge is true' do + should contain_file('apache.dir').with_purge(true) + end + end + + describe 'Test customizations - custom class' do + let(:params) { {:my_class => "apache::spec" } } + it 'should automatically include a custom class' do + should contain_file('apache.conf').with_content(/fqdn: rspec.example42.com/) + end + end + + describe 'Test service autorestart' do + it 'should automatically restart the service, by default' do + should contain_file('apache.conf').with_notify("Service[apache]") + end + end + + describe 'Test service autorestart' do + let(:params) { {:service_autorestart => "no" } } + + it 'should not automatically restart the service, when service_autorestart => false' do + should contain_file('apache.conf').with_notify(nil) + end + end + + describe 'Test Puppi Integration' do + let(:params) { {:puppi => true, :puppi_helper => "myhelper"} } + + it 'should generate a puppi::ze define' do + should contain_puppi__ze('apache').with_helper("myhelper") + end + end + + describe 'Test Monitoring Tools Integration' do + let(:params) { {:monitor => true, :monitor_tool => "puppi" } } + + it 'should generate monitor defines' do + should contain_monitor__process('apache_process').with_tool("puppi") + end + end + + describe 'Test Firewall Tools Integration' do + let(:params) { {:firewall => true, :firewall_tool => "iptables" , :protocol => "tcp" , :port => "42" } } + + it 'should generate correct firewall define' do + should contain_firewall('apache_tcp_42').with_tool("iptables") + end + end + + describe 'Test OldGen Module Set Integration' do + let(:params) { {:monitor => "yes" , :monitor_tool => "puppi" , :firewall => "yes" , :firewall_tool => "iptables" , :puppi => "yes" , :port => "42" } } + + it 'should generate monitor resources' do + should contain_monitor__process('apache_process').with_tool("puppi") + end + it 'should generate firewall resources' do + should contain_firewall('apache_tcp_42').with_tool("iptables") + end + it 'should generate puppi resources ' do + should contain_puppi__ze('apache').with_ensure("present") + end + end + + describe 'Test params lookup' do + let(:facts) { { :monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } + let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } + + it 'should honour top scope global vars' do + should contain_monitor__process('apache_process').with_enable(true) + end + end + + describe 'Test params lookup' do + let(:facts) { { :apache_monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } + let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } + + it 'should honour module specific vars' do + should contain_monitor__process('apache_process').with_enable(true) + end + end + + describe 'Test params lookup' do + let(:facts) { { :monitor => false , :apache_monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } + let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } + + it 'should honour top scope module specific over global vars' do + should contain_monitor__process('apache_process').with_enable(true) + end + end + + describe 'Test params lookup' do + let(:facts) { { :monitor => false , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } + let(:params) { { :monitor => true , :monitor_tool => 'puppi' , :firewall => true, :port => '42' } } + + it 'should honour passed params over global vars' do + should contain_monitor__process('apache_process').with_enable(true) + end + end + +end + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb new file mode 100644 index 000000000..920c577d4 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb @@ -0,0 +1,67 @@ +require "#{File.join(File.dirname(__FILE__),'..','spec_helper.rb')}" + +describe 'apache::virtualhost' do + + let(:title) { 'apache::virtualhost' } + let(:node) { 'rspec.example42.com' } + let(:facts) { { :arch => 'i386' , :operatingsystem => 'redhat' } } + let(:params) { + { 'enable' => 'true', + 'name' => 'www.example42.com', + 'documentroot' => '/store/www', + } + } + + describe 'Test apache::virtualhost on redhat' do + it 'should create a apache::virtualhost file' do + should contain_file('ApacheVirtualHost_www.example42.com').with_ensure('present') + end + it 'should populate correctly the apache::virtualhost file DocumentRoot' do + should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ DocumentRoot \/store\/www/) + end + it 'should populate correctly the apache::virtualhost file ErrorLog' do + should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ ErrorLog \/var\/log\/httpd\/www.example42.com-error_log/) + end + it 'should create the docroot directory' do + should contain_file('/store/www').with_ensure("directory") + end + + end + + describe 'Test apache::virtualhost on ubuntu' do + let(:facts) { { :arch => 'i386' , :operatingsystem => 'ubuntu' } } + let(:params) { + { 'enable' => 'true', + 'name' => 'www.example42.com', + } + } + + it 'should create a apache::virtualhost link in sites-enabled' do + should contain_file('ApacheVirtualHostEnabled_www.example42.com').with_ensure('/etc/apache2/sites-available/www.example42.com') + end + it 'should populate correctly the apache::virtualhost file DocumentRoot' do + should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ DocumentRoot \/var\/www\/www.example42.com/) + end + it 'should populate correctly the apache::virtualhost file ErrorLog' do + should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ ErrorLog \/var\/log\/apache2\/www.example42.com-error_log/) + end + it 'should create the docroot directory' do + should contain_file('/var/www/www.example42.com').with_ensure("directory") + end + + end + + describe 'Test apache::virtualhost decommissioning' do + let(:params) { + { 'enable' => 'false', + 'name' => 'www.example42.com', + 'documentroot' => '/var/www/example42.com', + } + } + + it { should contain_file('ApacheVirtualHost_www.example42.com').with_ensure('absent') } + it { should_not contain_file('/var/www/example42.com').with_ensure('directory') } + end + +end + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb new file mode 100644 index 000000000..2c6f56649 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb new file mode 100644 index 000000000..d15418d4c --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb @@ -0,0 +1,3 @@ +# File managed by Puppet + +NameVirtualHost *:80 diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb new file mode 100644 index 000000000..a0c73b188 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb @@ -0,0 +1,6 @@ +# File Handled by Puppet + +<% if @namevirtualhost -%> +NameVirtualHost <%= @namevirtualhost %>:<%= @name %> +<% end %> +Listen <%= @name %> diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb new file mode 100644 index 000000000..4310aa9d3 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb @@ -0,0 +1,17 @@ +# File Managed by Puppet + + + + # This is not a forwared proxy + ProxyRequests Off + + + AddDefaultCharset off + Order deny,allow + Deny from all + Allow from all + + + ProxyVia On + + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb new file mode 100644 index 000000000..0e810745d --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb @@ -0,0 +1,8 @@ +# This is a template used only for rspec tests + +# Yaml of the whole scope +<%= scope.to_hash.reject { |k,v| !( k.is_a?(String) && v.is_a?(String) ) }.to_yaml %> + +# Custom Options +<%= @options['opt_a'] %> +<%= @options['opt_b'] %> diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb new file mode 100644 index 000000000..6f96bf2ab --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb @@ -0,0 +1,77 @@ +# File Managed by Puppet + +:<%= @port %>> + ServerAdmin <%= @server_admin_email ||= 'webmaster@localhost' %> + DocumentRoot <%= @real_docroot %> +<% if @server_name_value != false -%> + ServerName <%= @server_name_value %> +<% end -%> +<% if @serveraliases != "" -%> +<% if @serveraliases.is_a? Array -%> + ServerAlias <%= @serveraliases.flatten.join(" ") %> +<% else -%> + ServerAlias <%= @serveraliases %> +<% end -%> +<% end -%> +<% if @env_variables != "" -%> +<% if @env_variables.is_a? Array -%> +<% @env_variables.each do |envvars| -%> + SetEnv <%= envvars %> +<% end -%> +<% end -%> +<% end -%> + + ErrorLog <%= scope.lookupvar('apache::log_dir') %>/<%= @name %>-error_log + CustomLog <%= scope.lookupvar('apache::log_dir') %>/<%= @name %>-access_log common + +<% if @bool_passenger -%> + PassengerHighPerformance <%= @bool_passenger_high_performance ? "On" : "Off" %> + PassengerMaxPoolSize <%= @passenger_max_pool_size %> + PassengerPoolIdleTime <%= @passenger_pool_idle_time %> + PassengerMaxRequests <%= @passenger_max_requests %> + PassengerStatThrottleRate <%= @passenger_stat_throttle_rate %> + RackAutoDetect <%= @bool_passenger_rack_auto_detect ? "On" : "Off" %> + RailsAutoDetect <%= @bool_passenger_rails_auto_detect ? "On" : "Off" %> + + <% if @passenger_rails_env != '' %>RailsEnv <%= @passenger_rails_env %><% end %> + <% if @passenger_rack_env != '' %>RackEnv <%= @passenger_rack_env %><% end %> + <% if @passenger_rails_base_uri != '' %>RailsBaseURI <%= @passenger_rails_base_uri %><% end %> + <% if @passenger_rack_base_uri != '' %>RackBaseURI <%= @passenger_rack_base_uri %><% end %> + +<% end -%> +<% if @directory_options != "" || @directory_allow_override != "None" || @directory_require != "" -%> + > +<% if @directory_options != "" -%> + Options <%= @directory_options %> +<% end -%> +<% if @directory_allow_override != "None" -%> + AllowOverride <%= @directory_allow_override %> +<% end -%> +<% if @directory_require != "" -%> + Require <%= @directory_require %> +<% end -%> + +<% end -%> + +<% if @aliases != "" -%> +<% if @aliases.is_a? Array -%> +<% @aliases.each do |singlealias| %> + Alias <%= singlealias %> +<% end -%> +<% else -%> + Alias <%= @aliases %> +<% end -%> +<% end -%> +<% if @proxy_aliases != "" -%> +<% if @proxy_aliases.is_a? Array -%> +<% @proxy_aliases.each do |singleproxyalias| %> + + ProxyPass <%= singleproxyalias %> + ProxyPassReverse <%= singleproxyalias %> +<% end -%> +<% else -%> + ProxyPass <%= @proxy_aliases %> + ProxyPassReverse <%= @proxy_aliases %> +<% end -%> +<% end -%> + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb new file mode 100644 index 000000000..1dee1c333 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb @@ -0,0 +1,16 @@ +# File Managed by Puppet + + + ServerAdmin webmaster@<%= @name %> + DocumentRoot <%= @real_documentroot %> + ServerName <%= @name %> +<% if @aliases != "" -%> +<% if @aliases.is_a? Array -%> + ServerAlias <%= @aliases.flatten.join(" ") %> +<% else -%> + ServerAlias <%= @aliases %> +<% end -%> +<% end -%> + ErrorLog <%= scope.lookupvar('apache::log_dir')%>/<%= @name %>-error_log + CustomLog <%= scope.lookupvar('apache::log_dir')%>/<%= @name %>-access_log common + diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp new file mode 100644 index 000000000..7e66efde9 --- /dev/null +++ b/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp @@ -0,0 +1,7 @@ +include apache + +apache::vhost { 'testsite': + docroot => '/var/www/test', + env_variables => ['APP_ENV dev'], +} + From 866de4d855ec38719b33b4cbb94f186fa1072bef Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Sat, 26 Mar 2016 02:49:56 +0000 Subject: [PATCH 03/13] Relates to SG-11 : Pushes code to repo for Tom to branch from --- Gemfile.lock | 21 + config/scenario.xml | 2 +- lib/helpers/bootstrap.rb | 87 +- lib/templates/vagrantbase.erb | 12 +- modules/build/ssh-keys/kali-1.0 | 27 - modules/build/ssh-keys/kali-1.0.pub | 1 - .../module/bootstrap/files}/bootstrap.sh | 0 .../build/{puppet => unix}/cleanup/cleanup.pp | 0 .../module/cleanup/manifests/config.pp | 0 .../unix/ftp/secure_ftp/secgen_metadata.xml | 5 + modules/services/unix/http/apache/apache.pp | 3 + .../http/apache/example42_apache_2_1_12.pp | 1 - .../unix/http/apache/module/apache/Gemfile | 48 + .../LICENSE | 6 +- .../unix/http/apache/module/apache/README.md | 3478 +++++++++++++++++ .../unix/http/apache/module/apache/Rakefile | 11 + .../http/apache/module/apache/checksums.json | 310 ++ .../apache/module/apache/manifests/init.pp | 413 ++ .../apache/module/apache/manifests/listen.pp | 10 + .../apache/module/apache/manifests/params.pp | 545 +++ .../apache/module/apache/manifests/ssl.pp | 18 + .../apache/module/apache/manifests/vhost.pp | 999 +++++ .../http/apache/module/apache/metadata.json | 81 + .../module/apache/spec/classes/apache_spec.rb | 884 +++++ .../apache/module/apache/spec/spec_helper.rb | 23 + .../module/example42_apache_2_1_12/Gemfile | 18 - .../module/example42_apache_2_1_12/README.md | 236 -- .../module/example42_apache_2_1_12/Rakefile | 12 - .../example42_apache_2_1_12/checksums.json | 29 - .../example42_apache_2_1_12/manifests/init.pp | 528 --- .../manifests/listen.pp | 42 - .../manifests/params.pp | 158 - .../example42_apache_2_1_12/manifests/ssl.pp | 67 - .../manifests/vhost.pp | 275 -- .../example42_apache_2_1_12/metadata.json | 56 - .../spec/classes/apache_spec.rb | 199 - .../spec/spec_helper.rb | 1 - .../unix/http/apache/secgen_metadata.xml | 5 - .../vsftpd_234_backdoor/files/copyvsftpd.sh | 0 .../vsftpd_234_backdoor/files/startvsftpd.sh | 0 .../files/vsftpd-2.3.4.tar.gz | Bin .../vsftpd_234_backdoor/manifests/install.pp | 6 +- .../distcc_exec/manifests/distcc_config.pp | 0 .../distcc_exec/templates/distcc.erb | 0 .../mountable_nfs/manifests/config.pp | 0 .../mountable_nfs/templates/exports.erb | 0 .../writeable_shadow/manifests/config.pp | 0 47 files changed, 6895 insertions(+), 1722 deletions(-) create mode 100644 Gemfile.lock delete mode 100644 modules/build/ssh-keys/kali-1.0 delete mode 100644 modules/build/ssh-keys/kali-1.0.pub rename modules/build/{scripts => unix/bootstrap/module/bootstrap/files}/bootstrap.sh (100%) rename modules/build/{puppet => unix}/cleanup/cleanup.pp (100%) rename modules/build/{puppet => unix}/cleanup/module/cleanup/manifests/config.pp (100%) create mode 100644 modules/services/unix/http/apache/apache.pp delete mode 100644 modules/services/unix/http/apache/example42_apache_2_1_12.pp create mode 100644 modules/services/unix/http/apache/module/apache/Gemfile rename modules/services/unix/http/apache/module/{example42_apache_2_1_12 => apache}/LICENSE (78%) create mode 100644 modules/services/unix/http/apache/module/apache/README.md create mode 100644 modules/services/unix/http/apache/module/apache/Rakefile create mode 100644 modules/services/unix/http/apache/module/apache/checksums.json create mode 100644 modules/services/unix/http/apache/module/apache/manifests/init.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/listen.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/params.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/ssl.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/vhost.pp create mode 100644 modules/services/unix/http/apache/module/apache/metadata.json create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/apache_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/spec_helper.rb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb rename modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/{module => }/vsftpd_234_backdoor/files/copyvsftpd.sh (100%) rename modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/{module => }/vsftpd_234_backdoor/files/startvsftpd.sh (100%) rename modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/{module => }/vsftpd_234_backdoor/files/vsftpd-2.3.4.tar.gz (100%) rename modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/{module => }/vsftpd_234_backdoor/manifests/install.pp (79%) rename modules/vulnerabilities/unix/misc/distcc_exec/{module => }/distcc_exec/manifests/distcc_config.pp (100%) rename modules/vulnerabilities/unix/misc/distcc_exec/{module => }/distcc_exec/templates/distcc.erb (100%) rename modules/vulnerabilities/unix/other/mountable_nfs/{module => }/mountable_nfs/manifests/config.pp (100%) rename modules/vulnerabilities/unix/other/mountable_nfs/{module => }/mountable_nfs/templates/exports.erb (100%) rename modules/vulnerabilities/unix/other/writeable_shadow/{module => }/writeable_shadow/manifests/config.pp (100%) diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 000000000..69b3eada5 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,21 @@ +GEM + remote: https://rubygems.org/ + specs: + mini_portile2 (2.0.0) + minitest (5.8.4) + nokogiri (1.6.7.2) + mini_portile2 (~> 2.0.0.rc2) + rake (10.5.0) + xml-simple (1.1.5) + +PLATFORMS + ruby + +DEPENDENCIES + minitest + nokogiri + rake + xml-simple + +BUNDLED WITH + 1.10.4 diff --git a/config/scenario.xml b/config/scenario.xml index a0dd295c2..03df98216 100644 --- a/config/scenario.xml +++ b/config/scenario.xml @@ -6,7 +6,7 @@ - + --> diff --git a/lib/helpers/bootstrap.rb b/lib/helpers/bootstrap.rb index 1a1741e60..d82a1b549 100644 --- a/lib/helpers/bootstrap.rb +++ b/lib/helpers/bootstrap.rb @@ -35,83 +35,64 @@ class Bootstrap def move_vulnerability_puppet_files puts 'Moving vulnerability manifests' - Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/**/**/**/*.pp").each do |puppet_file| + Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/*/*/*/*.pp").each do |puppet_file| puts "Moving #{puppet_file} to mount/puppet/manifest/" FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest/") end puts 'Moving vulnerability modules' - Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/**/**/**/module/**").each do |puppet_module_directory| - root_directory_length = ROOT_DIR.split('/').count - module_name = puppet_module_directory.split('/')[root_directory_length + 4] - module_path = "#{ROOT_DIR}/mount/puppet/module/#{module_name}" - - if(Dir.exists?(module_path)) - puts "Moving #{puppet_module_directory} to #{module_path}" - FileUtils.cp_r(puppet_module_directory, module_path) - else - Dir.mkdir("#{ROOT_DIR}/mount/puppet/module/#{module_name}") - puts "Moving #{puppet_module_directory} to #{module_path}" - FileUtils.cp_r(puppet_module_directory, module_path) - end - - puts 'Moving vulnerability templates' - + Dir.glob("#{ROOT_DIR}/modules/vulnerabilities/*/*/*/*/").each do |puppet_module_directory| + module_path = "#{ROOT_DIR}/mount/puppet/module/" + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) end end def move_secure_service_puppet_files puts 'Moving Service manifests' - Dir.glob("#{ROOT_DIR}/modules/services/**/**/**/*.pp").each do |puppet_file| + Dir.glob("#{ROOT_DIR}/modules/services/*/*/*/*.pp").each do |puppet_file| puts "Moving #{puppet_file} to mount/puppet/manifest/" FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest/") end puts 'Moving Service modules' - Dir.glob("#{ROOT_DIR}/modules/services/**/**/**/module/**/**").each do |puppet_module_directory| - root_directory_length = ROOT_DIR.split('/').count - module_name = puppet_module_directory.split('/')[root_directory_length + 6] - module_path = "#{ROOT_DIR}/mount/puppet/module/#{module_name}" + Dir.glob("#{ROOT_DIR}/modules/services/*/*/*/module/**").each do |puppet_module_directory| + + module_path = "#{ROOT_DIR}/mount/puppet/module/" + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) - if(Dir.exists?(module_path)) - puts "Moving #{puppet_module_directory} to #{module_path}" - FileUtils.cp_r(puppet_module_directory, module_path) - else - Dir.mkdir("#{ROOT_DIR}/mount/puppet/module/#{module_name}") - puts "Moving #{puppet_module_directory} to #{module_path}" - FileUtils.cp_r(puppet_module_directory, module_path) - end puts 'Moving vulnerability templates' end end - def move_build_puppet_files - puts 'Moving build puppet module files' - Dir.glob("#{ROOT_DIR}/modules/build/puppet/**/module/*.pp").each do |puppet_file| - root_directory_length = ROOT_DIR.split('/').count - module_name = puppet_file.split('/')[root_directory_length + 3] - module_path = "#{ROOT_DIR}/mount/puppet/module/#{module_name}" - if(Dir.exists?(module_path)) - Dir.mkdir("#{module_path}/manifests") - puts "Moving #{puppet_file} to #{module_path}" - FileUtils.copy(puppet_file, "#{module_path}/manifests") - else - Dir.mkdir("#{ROOT_DIR}/mount/puppet/module/#{module_name}") - Dir.mkdir("#{ROOT_DIR}/mount/puppet/module/#{module_name}/manifests") - puts "Moving #{puppet_file} to #{module_path}" - FileUtils.copy(puppet_file, "#{module_path}/manifests") - end - end - Dir.glob("#{ROOT_DIR}/modules/build/puppet/**/manifest/*.pp").each do |puppet_file| - puts "Moving #{puppet_file} to mount/puppet/manifest." - FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest") - end - end + puts 'Moving Dependency modules' + Dir.glob("#{ROOT_DIR}/modules/dependencies/**").each do |puppet_module_directory| + + module_path = "#{ROOT_DIR}/mount/puppet/module/" + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) + end + + puts 'Moving build manifests' + + Dir.glob("#{ROOT_DIR}/modules/build/*/*/*.pp").each do |puppet_file| + puts "Moving #{puppet_file} to mount/puppet/manifest/" + FileUtils.copy(puppet_file, "#{ROOT_DIR}/mount/puppet/manifest/") + end + + puts 'Moving build modules' + + Dir.glob("#{ROOT_DIR}/modules/build/*/*/module/**").each do |puppet_module_directory| + + module_path = "#{ROOT_DIR}/mount/puppet/module/" + puts "Moving #{puppet_module_directory} to #{module_path}" + FileUtils.cp_r(puppet_module_directory, module_path) + end - def move_files end diff --git a/lib/templates/vagrantbase.erb b/lib/templates/vagrantbase.erb index feb9e6ef7..4d2bd9a62 100644 --- a/lib/templates/vagrantbase.erb +++ b/lib/templates/vagrantbase.erb @@ -24,13 +24,13 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Add secure services <% systems.services.each do |service| %> - <% service_name = service.name.gsub!('-', '_').gsub!('.', '_') %> + <% service_name = service.name%> config.vm.provision "puppet" do | <%=service_name%> | - <%=service_name%>.module_path = "<%="#{ROOT_DIR}/mount/puppet/module/#{service_name}"%>" + <%=service_name%>.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" <%=service_name%>.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" - <%=service_name%>.manifest_file = "init.pp" + <%=service_name%>.manifest_file = "<%=service_name%>.pp" end <% end %> @@ -43,7 +43,7 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| <% vulnerability_name = vulnerability.name %> config.vm.provision "puppet" do | <%=vulnerability_name%> | - <%=vulnerability_name%>.module_path = "<%="#{ROOT_DIR}/mount/puppet/module/#{vulnerability_name}"%>" + <%=vulnerability_name%>.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" <%=vulnerability_name%>.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" <%=vulnerability_name%>.manifest_file = "<%=vulnerability_name%>.pp" end @@ -52,8 +52,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # clean up script which clears history from the VMs and clobs files together config.vm.provision "puppet" do |cleanup| - cleanup.module_path = "<%="#{ROOT_DIR}/modules/build/puppet/cleanup/module"%>" - cleanup.manifests_path = "<%="#{ROOT_DIR}/modules/build/puppet/cleanup"%>" + cleanup.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" + cleanup.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" cleanup.manifest_file = "cleanup.pp" end diff --git a/modules/build/ssh-keys/kali-1.0 b/modules/build/ssh-keys/kali-1.0 deleted file mode 100644 index ac5f2b084..000000000 --- a/modules/build/ssh-keys/kali-1.0 +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEArvBoa+yz0D6dHtssTftgC6vy1TdwoBqXcGEPGHdv7BnsXAo7 -cCCTDkDk+/2yAAEd/1EDFo11fqxrbA4KhHLchAQRCHr8xNQpmNladd7ElhSsQ1bx -AQbTAzu1Hb7IcxevE0VTDFmVlThsw6GWXe5lTYI8+pZXUpyrb/K8eUi/7hykI2vU -shrkfSaCmtnjRs6xdCkWS18MJR1zeRsJiSwPMCG40DPetiGBoQw4xtcUhXxjtecY -2mwoe2x7TZN0G+VkTQQUZkxL5SRunjKJCLFuruh//drCms3psfDGHPqkvPBHmGbM -vn1vDMgE9KHdJvbLq2o3/rZmIpvUab5/4Lt0+wIDAQABAoIBAHZt/FMr8GNHMDkm -aWz1g4UDSCa+HHnW5rTGkGCg4t00g4Wfy7NR6hwZJKvPiMRl/TfOUUfgRi2Wbja9 -nrMhy1V4J0vVbu+VLf/zDUGEqRNtNV11KzzlsM6cijVz5eG8o+Jo6RsQPqrBgyhB -aTl33Y7GX5/JTZ54v7rO2ndFH+IC1Gzb8UFj5bIcAD8MAvXdazIpSuEzpMKaHVY/ -cLGli/vIGKAcc9I5gCA4iTxNEc0n736gAJYD06SSAcxaK7VHBYwld5fMpeT7pBfT -o5FmWGdiNDOFr50acOfNHmMevJAO6KhmIU7XEohweeFaNiq9K6Nf/8k+1Vn1SQL3 -0CcYodECgYEA4/LorHCJVbAaQOzf+BwXjkhrXv6R5iFO7hvlxBkYfuOVr1u2lY0s -TD/otK2S335n59ptfcmNf2n+mfLGjtDRkJGDEl/aSL6xZ3dKctXStpV6dih3AH52 -4JtZdWQSWVaPN1CVoUDcezxYlv//3wtm4bAAfQ9yFQuCWaEMg3Qt3HMCgYEAxHeH -LaYyjC/lfEqhuSoOLx+BeHv92o72vo4GJz+VX+0/k1o002mQM6H6ka6uI5Pk2Sfm -/MgbZGhtJTbXcWeoeHALB3QI3FBn9GtwZud8F71TIRge+nlLlPbp0IEphWPgxKCo -6fXc6ClYko5YtENGhzxqLenAvR/JGlp1mgoTq1kCgYAp2W7eOcr88Ffhk5uK8Z1h -geo0hohCt9rF3FlSp0jYAvB4QV5EFqcLWLBge317irmI15FChr5zpgIYQXoyviO7 -ZvupY++va1Mmq7//VUJaQxc4mjU+4fjxQ5Qo+TZlMH8aqLDP6hiQh4O8NUPEr1M0 -HBv62dsYAgTsb6TcfXfuAQKBgQC1BnWVyEdXCGLpTVMKbAe5v8vqGkVjdss/9VkS -HPIj+1TTDxERo3jtOljIly15NrJsrOmXDULAF8BJw+hrY9nFb2eaLH5lkejXO4/M -IYsjzJymJ7WTkOPllEUIi5qYf9kBFA/P020CteYY0/RD1KFNxosHVxTyrjD8iVFG -5/YLsQKBgG7G9lMbzbXsdTvlJJm5sId0Nxdc97PezpC3IAdDCiqRwushbGV00n9W -tzg8udeocVh3KeL9btxIovSFKgGC1ONKbsYULuVQVGe0LMpqGr6IVjhoOEQzGaJA -a9CvKv9Qk2UPgtNBVpP4fhEhyTaHY8sWCSYXvKRhFlL4gH47P0tl ------END RSA PRIVATE KEY----- diff --git a/modules/build/ssh-keys/kali-1.0.pub b/modules/build/ssh-keys/kali-1.0.pub deleted file mode 100644 index f6d8b2e2c..000000000 --- a/modules/build/ssh-keys/kali-1.0.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCu8Ghr7LPQPp0e2yxN+2ALq/LVN3CgGpdwYQ8Yd2/sGexcCjtwIJMOQOT7/bIAAR3/UQMWjXV+rGtsDgqEctyEBBEIevzE1CmY2Vp13sSWFKxDVvEBBtMDO7UdvshzF68TRVMMWZWVOGzDoZZd7mVNgjz6lldSnKtv8rx5SL/uHKQja9SyGuR9JoKa2eNGzrF0KRZLXwwlHXN5GwmJLA8wIbjQM962IYGhDDjG1xSFfGO15xjabCh7bHtNk3Qb5WRNBBRmTEvlJG6eMokIsW6u6H/92sKazemx8MYc+qS88EeYZsy+fW8MyAT0od0m9surajf+tmYim9Rpvn/gu3T7 sliim@S70wN diff --git a/modules/build/scripts/bootstrap.sh b/modules/build/unix/bootstrap/module/bootstrap/files/bootstrap.sh similarity index 100% rename from modules/build/scripts/bootstrap.sh rename to modules/build/unix/bootstrap/module/bootstrap/files/bootstrap.sh diff --git a/modules/build/puppet/cleanup/cleanup.pp b/modules/build/unix/cleanup/cleanup.pp similarity index 100% rename from modules/build/puppet/cleanup/cleanup.pp rename to modules/build/unix/cleanup/cleanup.pp diff --git a/modules/build/puppet/cleanup/module/cleanup/manifests/config.pp b/modules/build/unix/cleanup/module/cleanup/manifests/config.pp similarity index 100% rename from modules/build/puppet/cleanup/module/cleanup/manifests/config.pp rename to modules/build/unix/cleanup/module/cleanup/manifests/config.pp diff --git a/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml b/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml index e69de29bb..1ed66b0a5 100644 --- a/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml +++ b/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml @@ -0,0 +1,5 @@ + \ No newline at end of file diff --git a/modules/services/unix/http/apache/apache.pp b/modules/services/unix/http/apache/apache.pp new file mode 100644 index 000000000..9652701d4 --- /dev/null +++ b/modules/services/unix/http/apache/apache.pp @@ -0,0 +1,3 @@ +class { 'apache': + mpm_module => 'prefork' +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/example42_apache_2_1_12.pp b/modules/services/unix/http/apache/example42_apache_2_1_12.pp deleted file mode 100644 index 34bba84eb..000000000 --- a/modules/services/unix/http/apache/example42_apache_2_1_12.pp +++ /dev/null @@ -1 +0,0 @@ -include apache \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/apache/Gemfile b/modules/services/unix/http/apache/module/apache/Gemfile new file mode 100644 index 000000000..bfe64b186 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/Gemfile @@ -0,0 +1,48 @@ +source ENV['GEM_SOURCE'] || "https://rubygems.org" + +def location_for(place, fake_version = nil) + if place =~ /^(git:[^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place, { :require => false }] + end +end + +group :development, :unit_tests do + gem 'rspec-core', '3.1.7', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'simplecov', :require => false + gem 'puppet_facts', :require => false + gem 'json', :require => false +end + +group :system_tests do + if beaker_version = ENV['BEAKER_VERSION'] + gem 'beaker', *location_for(beaker_version) + end + if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] + gem 'beaker-rspec', *location_for(beaker_rspec_version) + else + gem 'beaker-rspec', :require => false + end + gem 'serverspec', :require => false + gem 'beaker-puppet_install_helper', :require => false +end + + + +if facterversion = ENV['FACTER_GEM_VERSION'] + gem 'facter', facterversion, :require => false +else + gem 'facter', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE b/modules/services/unix/http/apache/module/apache/LICENSE similarity index 78% rename from modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE rename to modules/services/unix/http/apache/module/apache/LICENSE index f41da0185..8961ce8a6 100644 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/LICENSE +++ b/modules/services/unix/http/apache/module/apache/LICENSE @@ -1,8 +1,6 @@ -Copyright (C) 2013 Alessandro Franceschi / Lab42 +Copyright (C) 2012 Puppet Labs Inc -for the relevant commits Copyright (C) by the respective authors. - -Contact Lab42 at: info@lab42.it +Puppet Labs can be contacted at: info@puppetlabs.com Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/modules/services/unix/http/apache/module/apache/README.md b/modules/services/unix/http/apache/module/apache/README.md new file mode 100644 index 000000000..77c27e737 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/README.md @@ -0,0 +1,3478 @@ +# apache + +[Module description]: #module-description + +[Setup]: #setup +[Beginning with Apache]: #beginning-with-apache + +[Usage]: #usage +[Configuring virtual hosts]: #configuring-virtual-hosts +[Configuring virtual hosts with SSL]: #configuring-virtual-hosts-with-ssl +[Configuring virtual host port and address bindings]: #configuring-virtual-host-port-and-address-bindings +[Configuring virtual hosts for apps and processors]: #configuring-virtual-hosts-for-apps-and-processors +[Configuring IP-based virtual hosts]: #configuring-ip-based-virtual-hosts +[Installing Apache modules]: #installing-apache-modules +[Installing arbitrary modules]: #installing-arbitrary-modules +[Installing specific modules]: #installing-specific-modules +[Configuring FastCGI servers]: #configuring-fastcgi-servers-to-handle-php-files +[Load balancing examples]: #load-balancing-examples + +[Reference]: #reference +[Public classes]: #public-classes +[Private classes]: #private-classes +[Public defined types]: #public-defined-types +[Private defined types]: #private-defined-types +[Templates]: #templates + +[Limitations]: #limitations + +[Development]: #development +[Contributing]: #contributing +[Running tests]: #running-tests + +[`AddDefaultCharset`]: https://httpd.apache.org/docs/current/mod/core.html#adddefaultcharset +[`add_listen`]: #add_listen +[`Alias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#alias +[`AliasMatch`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#aliasmatch +[aliased servers]: https://httpd.apache.org/docs/current/urlmapping.html +[`AllowEncodedSlashes`]: https://httpd.apache.org/docs/current/mod/core.html#allowencodedslashes +[`apache`]: #class-apache +[`apache_version`]: #apache_version +[`apache::balancer`]: #defined-type-apachebalancer +[`apache::balancermember`]: #defined-type-apachebalancermember +[`apache::fastcgi::server`]: #defined-type-apachefastcgiserver +[`apache::mod`]: #defined-type-apachemod +[`apache::mod::`]: #classes-apachemodmodule-name +[`apache::mod::alias`]: #class-apachemodalias +[`apache::mod::auth_cas`]: #class-apachemodauth_cas +[`apache::mod::auth_mellon`]: #class-apachemodauth_mellon +[`apache::mod::disk_cache`]: #class-apachemoddisk_cache +[`apache::mod::event`]: #class-apachemodevent +[`apache::mod::ext_filter`]: #class-apachemodext_filter +[`apache::mod::geoip`]: #class-apachemodgeoip +[`apache::mod::itk`]: #class-apachemoditk +[`apache::mod::ldap`]: #class-apachemodldap +[`apache::mod::passenger`]: #class-apachemodpassenger +[`apache::mod::peruser`]: #class-apachemodperuser +[`apache::mod::prefork`]: #class-apachemodprefork +[`apache::mod::proxy_html`]: #class-apachemodproxy_html +[`apache::mod::security`]: #class-apachemodsecurity +[`apache::mod::shib`]: #class-apachemodshib +[`apache::mod::ssl`]: #class-apachemodssl +[`apache::mod::status`]: #class-apachemodstatus +[`apache::mod::worker`]: #class-apachemodworker +[`apache::mod::wsgi`]: #class-apachemodwsgi +[`apache::params`]: #class-apacheparams +[`apache::version`]: #class-apacheversion +[`apache::vhost`]: #defined-type-apachevhost +[`apache::vhost::custom`]: #defined-type-apachevhostcustom +[`apache::vhost::WSGIImportScript`]: #wsgiimportscript +[Apache HTTP Server]: https://httpd.apache.org +[Apache modules]: https://httpd.apache.org/docs/current/mod/ +[array]: https://docs.puppetlabs.com/puppet/latest/reference/lang_data_array.html + +[beaker-rspec]: https://github.com/puppetlabs/beaker-rspec + +[certificate revocation list]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationfile +[certificate revocation list path]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationpath +[common gateway interface]: https://httpd.apache.org/docs/current/howto/cgi.html +[`confd_dir`]: #confd_dir +[`content`]: #content +[custom error documents]: https://httpd.apache.org/docs/current/custom-error.html +[`custom_fragment`]: #custom_fragment + +[`default_mods`]: #default_mods +[`default_ssl_crl`]: #default_ssl_crl +[`default_ssl_crl_path`]: #default_ssl_crl_path +[`default_ssl_vhost`]: #default_ssl_vhost +[`dev_packages`]: #dev_packages +[`directory`]: #directory +[`directories`]: #parameter-directories-for-apachevhost +[`DirectoryIndex`]: https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex +[`docroot`]: #docroot +[`docroot_owner`]: #docroot_owner +[`docroot_group`]: #docroot_group +[`DocumentRoot`]: https://httpd.apache.org/docs/current/mod/core.html#documentroot + +[`EnableSendfile`]: https://httpd.apache.org/docs/current/mod/core.html#enablesendfile +[enforcing mode]: http://selinuxproject.org/page/Guide/Mode +[`ensure`]: https://docs.puppetlabs.com/references/latest/type.html#package-attribute-ensure +[`error_log_file`]: #error_log_file +[`error_log_syslog`]: #error_log_syslog +[`error_log_pipe`]: #error_log_pipe +[`ExpiresByType`]: https://httpd.apache.org/docs/current/mod/mod_expires.html#expiresbytype +[exported resources]: http://docs.puppetlabs.com/latest/reference/lang_exported.md +[`ExtendedStatus`]: https://httpd.apache.org/docs/current/mod/core.html#extendedstatus + +[Facter]: http://docs.puppetlabs.com/facter/ +[FastCGI]: http://www.fastcgi.com/ +[FallbackResource]: https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource +[`fallbackresource`]: #fallbackresource +[filter rules]: https://httpd.apache.org/docs/current/filter.html +[`filters`]: #filters +[`ForceType`]: https://httpd.apache.org/docs/current/mod/core.html#forcetype + +[GeoIPScanProxyHeaders]: http://dev.maxmind.com/geoip/legacy/mod_geoip2/#Proxy-Related_Directives +[`gentoo/puppet-portage`]: https://github.com/gentoo/puppet-portage + +[Hash]: https://docs.puppetlabs.com/puppet/latest/reference/lang_data_hash.html + +[`IncludeOptional`]: https://httpd.apache.org/docs/current/mod/core.html#includeoptional +[`Include`]: https://httpd.apache.org/docs/current/mod/core.html#include +[interval syntax]: https://httpd.apache.org/docs/current/mod/mod_expires.html#AltSyn +[`ip`]: #ip +[`ip_based`]: #ip_based +[IP-based virtual hosts]: https://httpd.apache.org/docs/current/vhosts/ip-based.html + +[`KeepAlive`]: https://httpd.apache.org/docs/current/mod/core.html#keepalive +[`KeepAliveTimeout`]: https://httpd.apache.org/docs/current/mod/core.html#keepalivetimeout +[`keepalive` parameter]: #keepalive +[`keepalive_timeout`]: #keepalive_timeout +[`limitreqfieldsize`]: https://httpd.apache.org/docs/current/mod/core.html#limitrequestfieldsize + +[`lib`]: #lib +[`lib_path`]: #lib_path +[`Listen`]: https://httpd.apache.org/docs/current/bind.html +[`ListenBackLog`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#listenbacklog +[`LoadFile`]: https://httpd.apache.org/docs/current/mod/mod_so.html#loadfile +[`LogFormat`]: https://httpd.apache.org/docs/current/mod/mod_log_config.html#logformat +[`logroot`]: #logroot +[Log security]: https://httpd.apache.org/docs/current/logs.html#security + +[`manage_docroot`]: #manage_docroot +[`manage_user`]: #manage_user +[`manage_group`]: #manage_group +[`MaxConnectionsPerChild`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxconnectionsperchild +[`max_keepalive_requests`]: #max_keepalive_requests +[`MaxRequestWorkers`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxrequestworkers +[`MaxSpareThreads`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#maxsparethreads +[MIME `content-type`]: https://www.iana.org/assignments/media-types/media-types.xhtml +[`MinSpareThreads`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#minsparethreads +[`mod_alias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html +[`mod_auth_cas`]: https://github.com/Jasig/mod_auth_cas +[`mod_auth_kerb`]: http://modauthkerb.sourceforge.net/configure.html +[`mod_authnz_external`]: https://github.com/phokz/mod-auth-external +[`mod_auth_mellon`]: https://github.com/UNINETT/mod_auth_mellon +[`mod_disk_cache`]: https://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html +[`mod_cache_disk`]: https://httpd.apache.org/docs/current/mod/mod_cache_disk.html +[`mod_expires`]: https://httpd.apache.org/docs/current/mod/mod_expires.html +[`mod_ext_filter`]: https://httpd.apache.org/docs/current/mod/mod_ext_filter.html +[`mod_fcgid`]: https://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html +[`mod_geoip`]: http://dev.maxmind.com/geoip/legacy/mod_geoip2/ +[`mod_info`]: https://httpd.apache.org/docs/current/mod/mod_info.html +[`mod_ldap`]: https://httpd.apache.org/docs/2.2/mod/mod_ldap.html +[`mod_mpm_event`]: https://httpd.apache.org/docs/current/mod/event.html +[`mod_negotiation`]: https://httpd.apache.org/docs/current/mod/mod_negotiation.html +[`mod_pagespeed`]: https://developers.google.com/speed/pagespeed/module/?hl=en +[`mod_passenger`]: https://www.phusionpassenger.com/library/config/apache/reference/ +[`mod_php`]: http://php.net/manual/en/book.apache.php +[`mod_proxy`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html +[`mod_proxy_balancer`]: https://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html +[`mod_reqtimeout`]: https://httpd.apache.org/docs/current/mod/mod_reqtimeout.html +[`mod_rewrite`]: https://httpd.apache.org/docs/current/mod/mod_rewrite.html +[`mod_security`]: https://www.modsecurity.org/ +[`mod_ssl`]: https://httpd.apache.org/docs/current/mod/mod_ssl.html +[`mod_status`]: https://httpd.apache.org/docs/current/mod/mod_status.html +[`mod_version`]: https://httpd.apache.org/docs/current/mod/mod_version.html +[`mod_wsgi`]: https://modwsgi.readthedocs.org/en/latest/ +[module contribution guide]: https://docs.puppetlabs.com/forge/contributing.html +[`mpm_module`]: #mpm_module +[multi-processing module]: https://httpd.apache.org/docs/current/mpm.html + +[name-based virtual hosts]: https://httpd.apache.org/docs/current/vhosts/name-based.html +[`no_proxy_uris`]: #no_proxy_uris + +[open source Puppet]: https://docs.puppetlabs.com/puppet/ +[`Options`]: https://httpd.apache.org/docs/current/mod/core.html#options + +[`path`]: #path +[`Peruser`]: https://www.freebsd.org/cgi/url.cgi?ports/www/apache22-peruser-mpm/pkg-descr +[`port`]: #port +[`priority`]: #defined-types-apachevhost +[`proxy_dest`]: #proxy_dest +[`proxy_dest_match`]: #proxy_dest_match +[`proxy_pass`]: #proxy_pass +[`ProxyPass`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass +[`ProxySet`]: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyset +[Puppet Enterprise]: https://docs.puppetlabs.com/pe/ +[Puppet Forge]: https://forge.puppetlabs.com +[Puppet Labs]: https://puppetlabs.com +[Puppet module]: https://docs.puppetlabs.com/puppet/latest/reference/modules_fundamentals.html +[Puppet module's code]: https://github.com/puppetlabs/puppetlabs-apache/blob/master/manifests/default_mods.pp +[`purge_configs`]: #purge_configs +[`purge_vhost_dir`]: #purge_vhost_dir +[Python]: https://www.python.org/ + +[Rack]: http://rack.github.io/ +[`rack_base_uris`]: #rack_base_uris +[RFC 2616]: https://www.ietf.org/rfc/rfc2616.txt +[`RequestReadTimeout`]: https://httpd.apache.org/docs/current/mod/mod_reqtimeout.html#requestreadtimeout +[rspec-puppet]: http://rspec-puppet.com/ + +[`ScriptAlias`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#scriptalias +[`ScriptAliasMatch`]: https://httpd.apache.org/docs/current/mod/mod_alias.html#scriptaliasmatch +[`scriptalias`]: #scriptalias +[SELinux]: http://selinuxproject.org/ +[`ServerAdmin`]: https://httpd.apache.org/docs/current/mod/core.html#serveradmin +[`serveraliases`]: #serveraliases +[`ServerLimit`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#serverlimit +[`ServerName`]: https://httpd.apache.org/docs/current/mod/core.html#servername +[`ServerRoot`]: https://httpd.apache.org/docs/current/mod/core.html#serverroot +[`ServerTokens`]: https://httpd.apache.org/docs/current/mod/core.html#servertokens +[`ServerSignature`]: https://httpd.apache.org/docs/current/mod/core.html#serversignature +[Service attribute restart]: http://docs.puppetlabs.com/references/latest/type.html#service-attribute-restart +[`source`]: #source +[`SSLCARevocationCheck`]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationcheck +[SSL certificate key file]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile +[SSL chain]: https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatechainfile +[SSL encryption]: https://httpd.apache.org/docs/current/ssl/index.html +[`ssl`]: #ssl +[`ssl_cert`]: #ssl_cert +[`ssl_compression`]: #ssl_compression +[`ssl_key`]: #ssl_key +[`StartServers`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#startservers +[suPHP]: http://www.suphp.org/Home.html +[`suphp_addhandler`]: #suphp_addhandler +[`suphp_configpath`]: #suphp_configpath +[`suphp_engine`]: #suphp_engine +[supported operating system]: https://forge.puppetlabs.com/supported#puppet-supported-modules-compatibility-matrix + +[`ThreadLimit`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#threadlimit +[`ThreadsPerChild`]: https://httpd.apache.org/docs/current/mod/mpm_common.html#threadsperchild +[`TimeOut`]: https://httpd.apache.org/docs/current/mod/core.html#timeout +[template]: http://docs.puppetlabs.com/puppet/latest/reference/lang_template.html +[`TraceEnable`]: https://httpd.apache.org/docs/current/mod/core.html#traceenable + +[`verify_config`]: #verify_config +[`vhost`]: #defined-type-apachevhost +[`vhost_dir`]: #vhost_dir +[`virtual_docroot`]: #virtual_docroot + +[Web Server Gateway Interface]: https://www.python.org/dev/peps/pep-3333/#abstract +[`WSGIPythonPath`]: http://modwsgi.readthedocs.org/en/develop/configuration-directives/WSGIPythonPath.html +[`WSGIPythonHome`]: http://modwsgi.readthedocs.org/en/develop/configuration-directives/WSGIPythonHome.html + +#### Table of Contents + +1. [Module description - What is the apache module, and what does it do?][Module description] +2. [Setup - The basics of getting started with apache][Setup] + - [Beginning with Apache - Installation][Beginning with Apache] +3. [Usage - The classes and defined types available for configuration][Usage] + - [Configuring virtual hosts - Examples to help get started][Configuring virtual hosts] + - [Configuring FastCGI servers to handle PHP files][Configuring FastCGI servers] + - [Load balancing with exported and non-exported resources][Load balancing examples] +4. [Reference - An under-the-hood peek at what the module is doing and how][Reference] + - [Public classes][] + - [Private classes][] + - [Public defined types][] + - [Private defined types][] + - [Templates][] +5. [Limitations - OS compatibility, etc.][Limitations] +6. [Development - Guide for contributing to the module][Development] + - [Contributing to the apache module][Contributing] + - [Running tests - A quick guide][Running tests] + +## Module description + +[Apache HTTP Server][] (also called Apache HTTPD, or simply Apache) is a widely used web server. This [Puppet module][] simplifies the task of creating configurations to manage Apache servers in your infrastructure. It can configure and manage a range of virtual host setups and provides a streamlined way to install and configure [Apache modules][]. + +## Setup + +**What the apache Puppet module affects:** + +- Configuration files and directories (created and written to) + - **WARNING**: Configurations *not* managed by Puppet will be purged. +- Package/service/configuration files for Apache +- Apache modules +- Virtual hosts +- Listened-to ports +- `/etc/make.conf` on FreeBSD and Gentoo + +On Gentoo, this module depends on the [`gentoo/puppet-portage`][] Puppet module. Note that while several options apply or enable certain features and settings for Gentoo, it is not a [supported operating system][] for this module. + +> **Note**: This module modifies Apache configuration files and directories and purges any configuration not managed by Puppet. Apache configuration should be managed by Puppet, as unmanaged configuration files can cause unexpected failures. + +To temporarily disable full Puppet management, set the [`purge_configs`][] parameter in the [`apache`][] class declaration to false. We recommend using this only as a temporary means of saving and relocating customized configurations. + +### Beginning with Apache + +To have Puppet install Apache with the default parameters, declare the [`apache`][] class: + +``` puppet +class { 'apache': } +``` + +The Puppet module applies a default configuration based on your operating system; Debian, Red Hat, FreeBSD, and Gentoo systems each have unique default configurations. These defaults work in testing environments but are not suggested for production, and Puppet recommends customizing the class's parameters to suit your site. Use the [Reference](#reference) section to find information about the class's parameters and their default values. + +You can customize parameters when declaring the `apache` class. For instance, this declaration installs Apache without the apache module's [default virtual host configuration][Configuring virtual hosts], allowing you to customize all Apache virtual hosts: + +``` puppet +class { 'apache': + default_vhost => false, +} +``` + +## Usage + +### Configuring a virtual host + +The default [`apache`][] class sets up a virtual host on port 80, listening on all interfaces and serving the [`docroot`][] parameter's default directory of `/var/www`. + +> **Note**: See the [`apache::vhost`][] defined type's reference for a list of all virtual host parameters. + +To configure basic [name-based virtual hosts][], specify the [`port`][] and [`docroot`][] parameters in the [`apache::vhost`][] defined type: + +``` puppet +apache::vhost { 'vhost.example.com': + port => '80', + docroot => '/var/www/vhost', +} +``` + +> **Note**: Apache processes virtual hosts in alphabetical order, and server administrators can prioritize Apache's virtual host processing by prefixing a virtual host's configuration file name with a number. The [`apache::vhost`][] defined type applies a default [`priority`][] of 15, which Puppet interprets by prefixing the virtual host's file name with `15-`. This all means that if multiple sites have the same priority, or if you disable priority numbers by setting the `priority` parameter's value to false, Apache still processes virtual hosts in alphabetical order. + +To configure user and group ownership for `docroot`, use the [`docroot_owner`][] and [`docroot_group`][] parameters: + +``` puppet +apache::vhost { 'user.example.com': + port => '80', + docroot => '/var/www/user', + docroot_owner => 'www-data', + docroot_group => 'www-data', +} +``` + +#### Configuring virtual hosts with SSL + +To configure a virtual host to use [SSL encryption][] and default SSL certificates, set the [`ssl`][] parameter. You must also specify the [`port`][] parameter, typically with a value of '443', to accommodate HTTPS requests: + +``` puppet +apache::vhost { 'ssl.example.com': + port => '443', + docroot => '/var/www/ssl', + ssl => true, +} +``` + +To configure a virtual host to use SSL and specific SSL certificates, use the paths to the certificate and key in the [`ssl_cert`][] and [`ssl_key`][] parameters, respectively: + +``` puppet +apache::vhost { 'cert.example.com': + port => '443', + docroot => '/var/www/cert', + ssl => true, + ssl_cert => '/etc/ssl/fourth.example.com.cert', + ssl_key => '/etc/ssl/fourth.example.com.key', +} +``` + +To configure a mix of SSL and unencrypted virtual hosts at the same domain, declare them with separate [`apache::vhost`][] defined types: + +``` puppet +# The non-ssl virtual host +apache::vhost { 'mix.example.com non-ssl': + servername => 'mix.example.com', + port => '80', + docroot => '/var/www/mix', +} + +# The SSL virtual host at the same domain +apache::vhost { 'mix.example.com ssl': + servername => 'mix.example.com', + port => '443', + docroot => '/var/www/mix', + ssl => true, +} +``` + +To configure a virtual host to redirect unencrypted connections to SSL, declare them with separate [`apache::vhost`][] defined types and redirect unencrypted requests to the virtual host with SSL enabled: + +``` puppet +apache::vhost { 'redirect.example.com non-ssl': + servername => 'redirect.example.com', + port => '80', + docroot => '/var/www/redirect', + redirect_status => 'permanent', + redirect_dest => 'https://redirect.example.com/' +} + +apache::vhost { 'redirect.example.com ssl': + servername => 'redirect.example.com', + port => '443', + docroot => '/var/www/redirect', + ssl => true, +} +``` + +#### Configuring virtual host port and address bindings + +Virtual hosts listen on all IP addresses ('*') by default. To configure the virtual host to listen on a specific IP address, use the [`ip`][] parameter: + +``` puppet +apache::vhost { 'ip.example.com': + ip => '127.0.0.1', + port => '80', + docroot => '/var/www/ip', +} +``` + +It is also possible to configure more than one IP address per virtual host by using an array of IP addresses for the [`ip`][] parameter: + +``` puppet +apache::vhost { 'ip.example.com': + ip => ['127.0.0.1','169.254.1.1'], + port => '80', + docroot => '/var/www/ip', +} +``` + +To configure a virtual host with [aliased servers][], refer to the aliases using the [`serveraliases`][] parameter: + +``` puppet +apache::vhost { 'aliases.example.com': + serveraliases => [ + 'aliases.example.org', + 'aliases.example.net', + ], + port => '80', + docroot => '/var/www/aliases', +} +``` + +To set up a virtual host with a wildcard alias for the subdomain mapped to a same-named directory, such as 'http://example.com.loc' mapped to `/var/www/example.com`, define the wildcard alias using the [`serveraliases`][] parameter and the document root with the [`virtual_docroot`][] parameter: + +``` puppet +apache::vhost { 'subdomain.loc': + vhost_name => '*', + port => '80', + virtual_docroot => '/var/www/%-2+', + docroot => '/var/www', + serveraliases => ['*.loc',], +} +``` + +To configure a virtual host with [filter rules][], pass the filter directives as an [array][] using the [`filters`][] parameter: + +``` puppet +apache::vhost { 'subdomain.loc': + port => '80', + filters => [ + 'FilterDeclare COMPRESS', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', + 'FilterChain COMPRESS', + 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', + ], + docroot => '/var/www/html', +} +``` + +#### Configuring virtual hosts for apps and processors + +To set up a virtual host with [suPHP][], use the [`suphp_engine`][] parameter to enable the suPHP engine, [`suphp_addhandler`][] parameter to define a MIME type, [`suphp_configpath`][] to set which path suPHP passes to the PHP interpreter, and the [`directory`][] parameter to configure Directory, File, and Location directive blocks: + +``` puppet +apache::vhost { 'suphp.example.com': + port => '80', + docroot => '/home/appuser/myphpapp', + suphp_addhandler => 'x-httpd-php', + suphp_engine => 'on', + suphp_configpath => '/etc/php5/apache2', + directories => [ + { 'path' => '/home/appuser/myphpapp', + 'suphp' => { + user => 'myappuser', + group => 'myappgroup', + }, + }, + ], +} +``` + +You can use a set of parameters to configure a virtual host to use the [Web Server Gateway Interface][] (WSGI) for [Python][] applications: + +``` puppet +apache::vhost { 'wsgi.example.com': + port => '80', + docroot => '/var/www/pythonapp', + wsgi_application_group => '%{GLOBAL}', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => { + processes => '2', + threads => '15', + display-name => '%{GROUP}', + }, + wsgi_import_script => '/var/www/demo.wsgi', + wsgi_import_script_options => { + process-group => 'wsgi', + application-group => '%{GLOBAL}', + }, + wsgi_process_group => 'wsgi', + wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, +} +``` + +Starting in Apache 2.2.16, Apache supports [FallbackResource][], a simple replacement for common RewriteRules. You can set a FallbackResource using the [`fallbackresource`][] parameter: + +``` puppet +apache::vhost { 'wordpress.example.com': + port => '80', + docroot => '/var/www/wordpress', + fallbackresource => '/index.php', +} +``` + +> **Note**: The `fallbackresource` parameter only supports the 'disabled' value since Apache 2.2.24. + +To configure a virtual host with a designated directory for [Common Gateway Interface][] (CGI) files, use the [`scriptalias`][] parameter to define the `cgi-bin` path: + +``` puppet +apache::vhost { 'cgi.example.com': + port => '80', + docroot => '/var/www/cgi', + scriptalias => '/usr/lib/cgi-bin', +} +``` + +To configure a virtual host for [Rack][], use the [`rack_base_uris`][] parameter: + +``` puppet +apache::vhost { 'rack.example.com': + port => '80', + docroot => '/var/www/rack', + rack_base_uris => ['/rackapp1', '/rackapp2'], +} +``` + +#### Configuring IP-based virtual hosts + +You can configure [IP-based virtual hosts][] to listen on any port and have them respond to requests on specific IP addresses. In this example, we set the server to listen on ports 80 and 81 because the example virtual hosts are _not_ declared with a [`port`][] parameter: + +``` puppet +apache::listen { '80': } + +apache::listen { '81': } +``` + +Then we configure the IP-based virtual hosts with the [`ip_based`][] parameter: + +``` puppet +apache::vhost { 'first.example.com': + ip => '10.0.0.10', + docroot => '/var/www/first', + ip_based => true, +} + +apache::vhost { 'second.example.com': + ip => '10.0.0.11', + docroot => '/var/www/second', + ip_based => true, +} +``` + +You can also configure a mix of IP- and [name-based virtual hosts][], and in any combination of [SSL][SSL encryption] and unencrypted configurations. First, we add two IP-based virtual hosts on an IP address (in this example, 10.0.0.10). One uses SSL and the other is unencrypted: + +``` puppet +apache::vhost { 'The first IP-based virtual host, non-ssl': + servername => 'first.example.com', + ip => '10.0.0.10', + port => '80', + ip_based => true, + docroot => '/var/www/first', +} + +apache::vhost { 'The first IP-based vhost, ssl': + servername => 'first.example.com', + ip => '10.0.0.10', + port => '443', + ip_based => true, + docroot => '/var/www/first-ssl', + ssl => true, +} +``` + +Next, we add two name-based virtual hosts listening on a second IP address (10.0.0.20): + +``` puppet +apache::vhost { 'second.example.com': + ip => '10.0.0.20', + port => '80', + docroot => '/var/www/second', +} + +apache::vhost { 'third.example.com': + ip => '10.0.0.20', + port => '80', + docroot => '/var/www/third', +} +``` + +To add name-based virtual hosts that answer on either 10.0.0.10 or 10.0.0.20, you **must** set the [`add_listen`][] parameter to false to disable the default Apache setting of `Listen 80`, as it conflicts with the preceding IP-based virtual hosts. + +``` puppet +apache::vhost { 'fourth.example.com': + port => '80', + docroot => '/var/www/fourth', + add_listen => false, +} + +apache::vhost { 'fifth.example.com': + port => '80', + docroot => '/var/www/fifth', + add_listen => false, +} +``` + +### Installing Apache modules + +There are two ways to install [Apache modules][] using the Puppet apache module: + +- Use the [`apache::mod::`][] classes to [install specific Apache modules with parameters][Installing specific modules]. +- Use the [`apache::mod`][] defined type to [install arbitrary Apache modules][Installing arbitrary modules]. + +#### Installing specific modules + +The Puppet apache module supports installing many common [Apache modules][], often with parameterized configuration options. For a list of supported Apache modules, see the [`apache::mod::`][] class references. + +For example, you can install the `mod_ssl` Apache module with default settings by declaring the [`apache::mod::ssl`][] class: + +``` puppet +class { 'apache::mod::ssl': } +``` + +[`apache::mod::ssl`][] has several parameterized options that you can set when declaring it. For instance, to enable `mod_ssl` with compression enabled, set the [`ssl_compression`][] parameter to true: + +``` puppet +class { 'apache::mod::ssl': + ssl_compression => true, +} +``` + +Note that some modules have prerequisites, which are documented in their references under [`apache::mod::`][]. + +#### Installing arbitrary modules + +You can pass the name of any module that your operating system's package manager can install to the [`apache::mod`][] defined type to install it. Unlike the specific-module classes, the [`apache::mod`][] defined type doesn't tailor the installation based on other installed modules or with specific parameters---Puppet only grabs and installs the module's package, leaving detailed configuration up to you. + +For example, to install the [`mod_authnz_external`][] Apache module, declare the defined type with the 'mod_authnz_external' name: + +``` puppet +apache::mod { 'mod_authnz_external': } +``` + +There are several optional parameters you can specify when defining Apache modules this way. See the [defined type's reference][`apache::mod`] for details. + +### Configuring FastCGI servers to handle PHP files + +Add the [`apache::fastcgi::server`][] defined type to allow [FastCGI][] servers to handle requests for specific files. For example, the following defines a FastCGI server at 127.0.0.1 (localhost) on port 9000 to handle PHP requests: + +``` puppet +apache::fastcgi::server { 'php': + host => '127.0.0.1:9000', + timeout => 15, + flush => false, + faux_path => '/var/www/php.fcgi', + fcgi_alias => '/php.fcgi', + file_type => 'application/x-httpd-php' +} +``` + +You can then use the [`custom_fragment`][] parameter to configure the virtual host to have the FastCGI server handle the specified file type: + +``` puppet +apache::vhost { 'www': + ... + custom_fragment => 'AddType application/x-httpd-php .php' + ... +} +``` + +### Load balancing examples + +Apache supports load balancing across groups of servers through the [`mod_proxy`][] Apache module. Puppet supports configuring Apache load balancing groups (also known as balancer clusters) through the [`apache::balancer`][] and [`apache::balancermember`][] defined types. + +To enable load balancing with [exported resources][], export the [`apache::balancermember`][] defined type from the load balancer member server: + +``` puppet +@@apache::balancermember { "${::fqdn}-puppet00": + balancer_cluster => 'puppet00', + url => "ajp://${::fqdn}:8009", + options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], +} +``` + +Then, on the proxy server, create the load balancing group: + +``` puppet +apache::balancer { 'puppet00': } +``` + +To enable load balancing without exporting resources, declare the following on the proxy server: + +``` puppet +apache::balancer { 'puppet00': } + +apache::balancermember { "${::fqdn}-puppet00": + balancer_cluster => 'puppet00', + url => "ajp://${::fqdn}:8009", + options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], +} +``` + +Then declare the `apache::balancer` and `apache::balancermember` defined types on the proxy server. + +If you need to use the [ProxySet](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyset) directive on the balancer, use the [`proxy_set`](#proxy_set) parameter of `apache::balancer`: + +``` puppet +apache::balancer { 'puppet01': + proxy_set => { + 'stickysession' => 'JSESSIONID', + }, +} +``` + +## Reference + +- [**Public classes**](#public-classes) + - [Class: apache](#class-apache) + - [Class: apache::dev](#class-apachedev) + - [Classes: apache::mod::*](#classes-apachemodname) +- [**Private classes**](#private-classes) + - [Class: apache::confd::no_accf](#class-apacheconfdno_accf) + - [Class: apache::default_confd_files](#class-apachedefault_confd_files) + - [Class: apache::default_mods](#class-apachedefault_mods) + - [Class: apache::package](#class-apachepackage) + - [Class: apache::params](#class-apacheparams) + - [Class: apache::service](#class-apacheservice) + - [Class: apache::version](#class-apacheversion) +- [**Public defined types**](#public-defined-types) + - [Defined type: apache::balancer](#defined-type-apachebalancer) + - [Defined type: apache::balancermember](#defined-type-apachebalancermember) + - [Defined type: apache::custom_config](#defined-type-apachecustom_config) + - [Defined type: apache::fastcgi::server](#defined-type-fastcgi-server) + - [Defined type: apache::listen](#defined-type-apachelisten) + - [Defined type: apache::mod](#defined-type-apachemod) + - [Defined type: apache::namevirtualhost](#defined-type-apachenamevirtualhost) + - [Defined type: apache::vhost](#defined-type-apachevhost) + - [Defined type: apache::vhost::custom](#defined-type-apachevhostcustom) +- [**Private defined types**](#private-defined-types) + - [Defined type: apache::default_mods::load](#defined-type-default_mods-load) + - [Defined type: apache::peruser::multiplexer](#defined-type-apacheperusermultiplexer) + - [Defined type: apache::peruser::processor](#defined-type-apacheperuserprocessor) + - [Defined type: apache::security::file_link](#defined-type-apachesecurityfile_link) +- [**Templates**](#templates) + +### Public Classes + +#### Class: `apache` + +Guides the basic setup and installation of Apache on your system. + +When this class is declared with the default options, Puppet: + +- Installs the appropriate Apache software package and [required Apache modules](#default_mods) for your operating system. +- Places the required configuration files in a directory, with the [default location](#conf_dir) determined by your operating system. +- Configures the server with a default virtual host and standard port ('80') and address ('*') bindings. +- Creates a document root directory determined by your operating system, typically `/var/www`. +- Starts the Apache service. + +You can simply declare the default `apache` class: + +``` puppet +class { 'apache': } +``` + +You can establish a default virtual host in this class, by using the [`apache::vhost`][] defined type, or both. You can also configure additional specific virtual hosts with the [`apache::vhost`][] defined type. Puppet recommends customizing the `apache` class's declaration with the following parameters, as its default settings are not optimized for production. + +**Parameters within `apache`:** + +##### `allow_encoded_slashes` + +Sets the server default for the [`AllowEncodedSlashes`][] declaration, which modifies the responses to URLs containing '\' and '/' characters. Valid options: 'on', 'off', 'nodecode'. Default: undef, which omits the declaration from the server's configuration and uses Apache's default setting of 'off'. + +##### `apache_version` + +Configures module template behavior, package names, and default Apache modules by defining the version of Apache to use. Default: Determined by your operating system family and release via the [`apache::version`][] class. Puppet recommends against manually configuring this parameter without reason. + +##### `conf_dir` + +Sets the directory where the Apache server's main configuration file is located. Default: Depends on your operating system. + +- **Debian**: `/etc/apache2` +- **FreeBSD**: `/usr/local/etc/apache22` +- **Gentoo**: `/etc/apache2` +- **Red Hat**: `/etc/httpd/conf` + +##### `conf_template` + +Defines the [template][] used for the main Apache configuration file. Default: `apache/httpd.conf.erb`. Modifying this parameter is potentially risky, as the apache Puppet module is designed to use a minimal configuration file customized by `conf.d` entries. + +##### `confd_dir` + +Sets the location of the Apache server's custom configuration directory. Default: Depends on your operating system. + +- **Debian**: `/etc/apache2/conf.d` +- **FreeBSD**: `/usr/local/etc/apache22` +- **Gentoo**: `/etc/apache2/conf.d` +- **Red Hat**: `/etc/httpd/conf.d` + +##### `default_charset` + +Used as the [`AddDefaultCharset`][] directive in the main configuration file. Default: undef. + +##### `default_confd_files` + +Determines whether Puppet generates a default set of includable Apache configuration files in the directory defined by the [`confd_dir`][] parameter. These configuration files correspond to what is typically installed with the Apache package on the server's operating system. Valid options: Boolean. Default: true. + +##### `default_mods` + +Determines whether to configure and enable a set of default [Apache modules][] depending on your operating system. Valid options: true, false, or an array of Apache module names. Default: true. + +If this parameter's value is false, Puppet includes only the Apache modules required to make the HTTP daemon work on your operating system, and you can declare any other modules separately using the [`apache::mod::`][] class or [`apache::mod`][] defined type. + +If true, Puppet installs additional modules, the list of which depends on the operating system as well as the [`apache_version`][] and [`mpm_module`][] parameters' values. As these lists of modules can change frequently, consult the [Puppet module's code][] for up-to-date lists. + +If this parameter contains an array, Puppet instead enables all passed Apache modules. + +##### `default_ssl_ca` + +Sets the default certificate authority for the Apache server. Default: undef. + +While this default value results in a functioning Apache server, you **must** update this parameter with your certificate authority information before deploying this server in a production environment. + +##### `default_ssl_cert` + +Sets the [SSL encryption][] certificate location. Default: Determined by your operating system. + +- **Debian**: `/etc/ssl/certs/ssl-cert-snakeoil.pem` +- **FreeBSD**: `/usr/local/etc/apache22/server.crt` +- **Gentoo**: `/etc/ssl/apache2/server.crt` +- **Red Hat**: `/etc/pki/tls/certs/localhost.crt` + +While the default value results in a functioning Apache server, you **must** update this parameter with your certificate location before deploying this server in a production environment. + +##### `default_ssl_chain` + +Sets the default [SSL chain][] location. Default: undef. + +While this default value results in a functioning Apache server, you **must** update this parameter with your SSL chain before deploying this server in a production environment. + +##### `default_ssl_crl` + +Sets the path of the default [certificate revocation list][] (CRL) file to use. Default: undef. + +While this default value results in a functioning Apache server, you **must** update this parameter with your CRL file's path before deploying this server in a production environment. You can use this parameter with or in place of the [`default_ssl_crl_path`][]. + +##### `default_ssl_crl_path` + +Sets the server's [certificate revocation list path][], which contains your CRLs. Default: undef. + +While this default value results in a functioning Apache server, you **must** update this parameter with the CRL path before deploying this server in a production environment. + +##### `default_ssl_crl_check` + +Sets the default certificate revocation check level via the [`SSLCARevocationCheck`][] directive. Default: undef. + +While this default value results in a functioning Apache server, you **must** specify this parameter when using certificate revocation lists in a production environment. + +This parameter only applies to Apache 2.4 or higher and is ignored on older versions. + +##### `default_ssl_key` + +Sets the [SSL certificate key file][] location. Default: Determined by your operating system. + +- **Debian**: `/etc/ssl/private/ssl-cert-snakeoil.key` +- **FreeBSD**: `/usr/local/etc/apache22/server.key` +- **Gentoo**: `/etc/ssl/apache2/server.key` +- **Red Hat**: `/etc/pki/tls/private/localhost.key` + +While these default values result in a functioning Apache server, you **must** update this parameter with your SSL key's location before deploying this server in a production environment. + +##### `default_ssl_vhost` + +Configures a default [SSL][SSL encryption] virtual host. Valid options: Boolean. Default: false. + +If true, Puppet automatically configures the following virtual host using the [`apache::vhost`][] defined type: + +``` puppet +apache::vhost { 'default-ssl': + port => 443, + ssl => true, + docroot => $docroot, + scriptalias => $scriptalias, + serveradmin => $serveradmin, + access_log_file => "ssl_${access_log_file}", + } +``` + +> **Note**: SSL virtual hosts only respond to HTTPS queries. + +##### `default_type` + +_Apache 2.2 only_. Sets the [MIME `content-type`][] sent if the server cannot otherwise determine an appropriate `content-type`. This directive is deprecated in Apache 2.4 and newer and only exists for backwards compatibility in configuration files. Default: undef. + +##### `default_vhost` + +Configures a default virtual host when the class is declared. Valid options: Boolean. Default: true. + +To configure [customized virtual hosts][Configuring virtual hosts], set this parameter's value to false. + +##### `dev_packages` + +Configures a specific dev package to use. Valid options: A string or array of strings. Default: Depends on the operating system. + +- **Red Hat:** 'httpd-devel' +- **Debian 8/Ubuntu 13.10 or newer:** ['libaprutil1-dev', 'libapr1-dev', 'apache2-dev'] +- **Older Debian/Ubuntu versions:** ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] +- **FreeBSD, Gentoo:** undef +- **Suse:** ['libapr-util1-devel', 'libapr1-devel'] + +Example for using httpd 2.4 from the IUS yum repo: + +``` puppet +include ::apache::dev +class { 'apache': + apache_name => 'httpd24u', + dev_packages => 'httpd24u-devel', +} +``` + +##### `docroot` + +Sets the default [`DocumentRoot`][] location. Default: Determined by your operating system. + +- **Debian**: `/var/www/html` +- **FreeBSD**: `/usr/local/www/apache22/data` +- **Gentoo**: `/var/www/localhost/htdocs` +- **Red Hat**: `/var/www/html` + +##### `error_documents` + +Determines whether to enable [custom error documents][] on the Apache server. Valid options: Boolean. Default: false. + +##### `group` + +Sets the group ID that owns any Apache processes spawned to answer requests. + +By default, Puppet attempts to manage this group as a resource under the `apache` class, determining the group based on the operating system as detected by the [`apache::params`][] class. To to prevent the group resource from being created and use a group created by another Puppet module, set the [`manage_group`][] parameter's value to false. + +> **Note**: Modifying this parameter only changes the group ID that Apache uses to spawn child processes to access resources. It does not change the user that owns the parent server process. + +##### `httpd_dir` + +Sets the Apache server's base configuration directory. This is useful for specially repackaged Apache server builds but might have unintended consequences when combined with the default distribution packages. Default: Determined by your operating system. + +- **Debian**: `/etc/apache2` +- **FreeBSD**: `/usr/local/etc/apache22` +- **Gentoo**: `/etc/apache2` +- **Red Hat**: `/etc/httpd` + +##### `keepalive` + +Determines whether to enable persistent HTTP connections with the [`KeepAlive`][] directive. Valid options: 'Off', 'On'. Default: 'Off'. + +If 'On', use the [`keepalive_timeout`][] and [`max_keepalive_requests`][] parameters to set relevant options. + +##### `keepalive_timeout` + +Sets the [`KeepAliveTimeout`] directive, which determines the amount of time the Apache server waits for subsequent requests on a persistent HTTP connection. Default: '15'. + +This parameter is only relevant if the [`keepalive` parameter][] is enabled. + +##### `max_keepalive_requests` + +Limits the number of requests allowed per connection when the [`keepalive` parameter][] is enabled. Default: '100'. + +##### `lib_path` + +Specifies the location where [Apache module][Apache modules] files are stored. Default: Depends on the operating system. + +- **Debian** and **Gentoo**: `/usr/lib/apache2/modules` +- **FreeBSD**: `/usr/local/libexec/apache24` +- **Red Hat**: `modules` + +> **Note**: Do not configure this parameter manually without special reason. + +##### `loadfile_name` + +Sets the [`LoadFile`] directive's filename. Valid options: Filenames in the format `\*.load`. + +This can be used to set the module load order. + +##### `log_level` + +Changes the error log's verbosity. Valid options: 'alert', 'crit', 'debug', 'emerg', 'error', 'info', 'notice', 'warn'. Default: 'warn'. + +##### `log_formats` + +Define additional [`LogFormat`][] directives. Valid options: A [hash][], such as: + +``` puppet +$log_formats = { vhost_common => '%v %h %l %u %t \"%r\" %>s %b' } +``` + +There are a number of predefined `LogFormats` in the `httpd.conf` that Puppet creates: + +``` httpd +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" forwarded +``` + +If your `log_formats` parameter contains one of those, it will be overwritten with **your** definition. + +##### `logroot` + +Changes the directory of Apache log files for the virtual host. Default: Determined by your operating system. + +- **Debian**: `/var/log/apache2` +- **FreeBSD**: `/var/log/apache22` +- **Gentoo**: `/var/log/apache2` +- **Red Hat**: `/var/log/httpd` + +##### `logroot_mode` + +Overrides the default [`logroot`][] directory's mode. Default: undef. + +> **Note**: Do _not_ grant write access to the directory where the logs are stored without being aware of the consequences. See the [Apache documentation][Log security] for details. + +##### `manage_group` + +When false, stops Puppet from creating the group resource. Valid options: Boolean. Default: true. + +If you have a group created from another Puppet module that you want to use to run Apache, set this to false. Without this parameter, attempting to use a previously established group results in a duplicate resource error. + +##### `manage_user` + +When false, stops Puppet from creating the user resource. Valid options: Boolean. Default: true. + +This is for instances when you have a user, created from another Puppet module, you want to use to run Apache. Without this parameter, attempting to use a previously established user would result in a duplicate resource error. + +##### `mod_dir` + +Sets where Puppet places configuration files for your [Apache modules][]. Default: Determined by your operating system. + +- **Debian**: `/etc/apache2/mods-available` +- **FreeBSD**: `/usr/local/etc/apache22/Modules` +- **Gentoo**: `/etc/apache2/modules.d` +- **Red Hat**: `/etc/httpd/conf.d` + +##### `mpm_module` + +Determines which [multi-processing module][] (MPM) is loaded and configured for the HTTPD process. Valid options: 'event', 'itk', 'peruser', 'prefork', 'worker', or false. Default: Determined by your operating system. + +- **Debian**: 'worker' +- **FreeBSD, Gentoo, and Red Hat**: 'prefork' + +You must set this to false to explicitly declare the following classes with custom parameters: + +- [`apache::mod::event`][] +- [`apache::mod::itk`][] +- [`apache::mod::peruser`][] +- [`apache::mod::prefork`][] +- [`apache::mod::worker`][] + +> **Note**: Switching between different MPMs on FreeBSD is possible but quite difficult. Before changing `mpm_module`, you must uninstall all packages that depend on your installed Apache server. + +##### `package_ensure` + +Controls the `package` resource's [`ensure`][] attribute. Valid options: 'absent', 'installed' (or the equivalent 'present'), or a version string. Default: 'installed'. + +##### `pidfile` + +Allows settting a custom location for the pid file - useful if using a custom built Apache rpm. Default: Depends on operating system. + +- **Debian:** '\${APACHE_PID_FILE}' +- **FreeBSD:** '/var/run/httpd.pid' +- **Red Hat:** 'run/httpd.pid' + +##### `ports_file` + +Sets the path to the file containing Apache ports configuration. Default: '{$conf_dir}/ports.conf'. + +##### `purge_configs` + +Removes all other Apache configs and virtual hosts. Valid options: Boolean. Default: true. + +Setting this to false is a stopgap measure to allow the apache Puppet module to coexist with existing or unmanaged configurations. We recommend moving your configuration to resources within this module. For virtual host configurations, see [`purge_vhost_dir`][]. + +##### `purge_vhost_dir` + +If the [`vhost_dir`][] parameter's value differs from the [`confd_dir`][] parameter's, the Boolean parameter `purge_vhost_dir` determines whether Puppet removes any configurations inside `vhost_dir` _not_ managed by Puppet. Valid options: Boolean. Default: same as [`purge_configs`][]. + +Setting `purge_vhost_dir` to false is a stopgap measure to allow the apache Puppet module to coexist with existing or otherwise unmanaged configurations within `vhost_dir`. + +##### `rewrite_lock` + +Allows setting a custom location for a rewrite lock - considered best practice if using a RewriteMap of type prg in the [`rewrites`][] parameter of your virtual host. Default: undef. + +This parameter only applies to Apache version 2.2 or lower and is ignored on newer versions. + +##### `sendfile` + +Forces Apache to use the Linux kernel's `sendfile` support to serve static files, via the [`EnableSendfile`][] directive. Valid options: 'On', 'Off'. Default: 'On'. + +##### `serveradmin` + +Sets the Apache server administrator's contact information via Apache's [`ServerAdmin`][] directive. Default: 'root@localhost'. + +##### `servername` + +Sets the Apache server name via Apache's [`ServerName`][] directive. Default: the 'fqdn' fact reported by [Facter][]. + +Setting to false will not set ServerName at all. + +##### `server_root` + +Sets the Apache server's root directory via Apache's [`ServerRoot`][] directive. Default: determined by your operating system. + +- **Debian**: `/etc/apache2` +- **FreeBSD**: `/usr/local` +- **Gentoo**: `/var/www` +- **Red Hat**: `/etc/httpd` + +##### `server_signature` + +Configures a trailing footer line to display at the bottom of server-generated documents, such as error documents and output of certain [Apache modules][], via Apache's [`ServerSignature`][] directive. Valid options: 'Off', 'On'. Default: 'On'. + +##### `server_tokens` + +Controls how much information Apache sends to the browser about itself and the operating system, via Apache's [`ServerTokens`][] directive. Default: 'OS'. + +##### `service_enable` + +Determines whether Puppet enables the Apache HTTPD service when the system is booted. Valid options: Boolean. Default: true. + +##### `service_ensure` + +Determines whether Puppet should make sure the service is running. Valid options: 'true' (equivalent to 'running'), 'false' (equivalent to 'stopped'). Default: 'running'. + +The 'false' or 'stopped' values set the 'httpd' service resource's `ensure` parameter to 'false', which is useful when you want to let the service be managed by another application, such as Pacemaker. + +##### `service_name` + +Sets the name of the Apache service. Default: determined by your operating system. + +- **Debian and Gentoo**: 'apache2' +- **FreeBSD**: 'apache22' +- **Red Hat**: 'httpd' + +##### `service_manage` + +Determines whether Puppet manages the HTTPD service's state. Valid options: Boolean. Default: true. + +##### `service_restart` + +Determines whether Puppet should use a specific command to restart the HTTPD service. Valid options: a command to restart the Apache service. Default: undef, which uses the [default Puppet behavior][Service attribute restart]. + +##### `timeout` + +Sets Apache's [`TimeOut`][] directive, which defines the number of seconds Apache waits for certain events before failing a request. Default: 120. + +##### `trace_enable` + +Controls how Apache handles `TRACE` requests (per [RFC 2616][]) via the [`TraceEnable`][] directive. Valid options: 'Off', 'On'. Default: 'On'. + +##### `use_systemd` + +Controls whether the systemd module should be installed on Centos 7 servers, this is especially useful if using custom-built RPMs. Valid options: Boolean. Default: true. + +##### `file_mode` + +Sets the desired permissions mode for config files, in symbolic or numeric notation. Valid options: A string. Default: '0644'. + +##### `vhost_dir` + +Changes your virtual host configuration files' location. Default: determined by your operating system. + +- **Debian**: `/etc/apache2/sites-available` +- **FreeBSD**: `/usr/local/etc/apache22/Vhosts` +- **Gentoo**: `/etc/apache2/vhosts.d` +- **Red Hat**: `/etc/httpd/conf.d` + +##### `vhost_include_pattern` + +Defines the pattern for files included from the `vhost_dir`. Default: '*', also for BC with previous versions of this module. + +However, you might want to set this to a value like '[^.#]\*.conf[^~]' to make sure files accidentally created in this directory (such as files created by version control systems or editor backups) are *not* included in your server configuration. + +Some operating systems ship with a value of '*.conf'. Also note that this module will, by default, create configuration files ending in '.conf'. + +##### `user` + +Changes the user Apache uses to answer requests. Apache's parent process will continue to be run as root, but child processes will access resources as the user defined by this parameter. + +Default: Puppet sets the default value via the [`apache::params`][] class, which manages the user based on your operating system: + +- **Debian**: 'www-data' +- **FreeBSD**: 'www' +- **Gentoo** and **Red Hat**: 'apache' + +To prevent Puppet from managing the user, set the [`manage_user`][] parameter to false. + +##### `apache_name` + +The name of the Apache package to install. Default: Puppet sets the default value via the [`apache::params`][] class, which manages the user based on your operating system: + +The default value is determined by your operating system: + +- **Debian**: 'apache2' +- **FreeBSD**: 'apache24' +- **Gentoo**: 'www-servers/apache' +- **Red Hat**: 'httpd' + +You might need to override this if you are using a non-standard Apache package, such as those from Red Hat's software collections. + +#### Class: `apache::dev` + +Installs Apache development libraries. By default, the package name is defined by the [`dev_packages`][] parameter of the [`apache::params`][] class based on your operating system: + +The default value is determined by your operating system: + +- **Debian** : 'libaprutil1-dev', 'libapr1-dev'; 'apache2-dev' on Ubuntu 13.10 and Debian 8; 'apache2-prefork-dev' on other versions +- **FreeBSD**: 'undef'; see note below +- **Gentoo**: 'undef' +- **Red Hat**: 'httpd-devel' + +> **Note**: On FreeBSD, you must declare the `apache::package` or `apache` classes before declaring `apache::dev`. + +#### Classes: `apache::mod::` + +Enables specific [Apache modules][]. You can enable and configure an Apache module by declaring its class. For example, to install and enable [`mod_alias`][] with no icons, you can declare the [`apache::mod::alias`][] class with the `icons_options` parameter set to 'None': + +``` puppet +class { 'apache::mod::alias': + icons_options => 'None', +} +``` + +The following Apache modules have supported classes, many of which allow for parameterized configuration. You can install other Apache modules with the [`apache::mod`][] defined type. + +* `actions` +* `alias` (see [`apache::mod::alias`][]) +* `auth_basic` +* `auth_cas`* (see [`apache::mod::auth_cas`][]) +* `auth_mellon`* (see [`apache::mod::auth_mellon`][]) +* `auth_kerb` +* `authn_core` +* `authn_file` +* `authnz_ldap`* +* `authz_default` +* `authz_user` +* `autoindex` +* `cache` +* `cgi` +* `cgid` +* `dav` +* `dav_fs` +* `dav_svn`* +* `deflate` +* `dev` +* `dir`* +* `disk_cache` (see [`apache::mod::disk_cache`][]) +* `event` (see [`apache::mod::event`][]) +* `expires` +* `ext_filter` (see [`apache::mod::ext_filter`][]) +* `fastcgi` +* `fcgid` +* `filter` +* `geoip` (see [`apache::mod::geoip`][]) +* `headers` +* `include` +* `info`* +* `itk` +* `ldap` +* `mime` +* `mime_magic`* +* `negotiation` +* `nss`* +* `pagespeed` (see [`apache::mod::pagespeed`][]) +* `passenger`* (see [`apache::mod::passenger`][]) +* `perl` +* `peruser` +* `php` (requires [`mpm_module`][] set to `prefork`) +* `prefork`* +* `proxy`* +* `proxy_ajp` +* `proxy_balancer` +* `proxy_html` +* `proxy_http` +* `python` +* `reqtimeout` +* `remoteip`* +* `rewrite` +* `rpaf`* +* `setenvif` +* `security` +* `shib`* (see [`apache::mod::shib`]) +* `speling` +* `ssl`* (see [`apache::mod::ssl`][]) +* `status`* (see [`apache::mod::status`][]) +* `suphp` +* `userdir`* +* `version` +* `vhost_alias` +* `worker`* +* `wsgi` (see [`apache::mod::wsgi`][]) +* `xsendfile` + +Modules noted with a * indicate that the module has settings and a template that includes parameters to configure the module. Most Apache module class parameters have default values and don't require configuration. For modules with templates, Puppet installs template files with the module; these template files are required for the module to work. + +##### Class: `apache::mod::alias` + +Installs and manages [`mod_alias`][]. + +**Parameters within `apache::mod::alias`**: + +* `icons_options`: Disables directory listings for the icons directory, via Apache [`Options`] directive. Default: 'Indexes MultiViews'. +* `icons_path`: Sets the local path for an `/icons/` Alias. Default: depends on your operating system. + +- **Debian**: `/usr/share/apache2/icons` +- **FreeBSD**: `/usr/local/www/apache24/icons` +- **Gentoo**: `/var/www/icons` +- **Red Hat**: `/var/www/icons`, except on Apache 2.4, where it's `/usr/share/httpd/icons` + +#### Class: `apache::mod::disk_cache` + +Installs and configures [`mod_disk_cache`][] on Apache 2.2, or [`mod_cache_disk`][] on Apache 2.4. The default cache root depends on the Apache version and operating system: + +- **Debian**: `/var/cache/apache2/mod_cache_disk` +- **FreeBSD**: `/var/cache/mod_cache_disk` +- **Red Hat, Apache 2.4**: `/var/cache/httpd/proxy` +- **Red Hat, Apache 2.2**: `/var/cache/mod_proxy` + +You can specify the cache root by passing a path as a string to the `cache_root` parameter. + +``` puppet +class {'::apache::mod::disk_cache': + cache_root => '/path/to/cache', +} +``` + +##### Class: `apache::mod::event` + +Installs and manages [`mod_mpm_event`][]. You can't include both `apache::mod::event` and [`apache::mod::itk`][], [`apache::mod::peruser`][], [`apache::mod::prefork`][], or [`apache::mod::worker`][] on the same server. + +**Parameters within `apache::mod::event`**: + +- `listenbacklog`: Sets the maximum length of the pending connections queue via the module's [`ListenBackLog`][] directive. Default: '511'. +- `maxclients` (_Apache 2.3.12 or older_: `maxrequestworkers`): Sets the maximum number of connections Apache can simultaneously process, via the module's [`MaxRequestWorkers`][] directive. Default: '150'. +- `maxconnectionsperchild` (_Apache 2.3.8 or older_: `maxrequestsperchild`): Limits the number of connections a child server handles during its life, via the module's [`MaxConnectionsPerChild`][] directive. Default: '0'. +- `maxsparethreads` and `minsparethreads`: Sets the maximum and minimum number of idle threads, via the [`MaxSpareThreads`][] and [`MinSpareThreads`][] directives. Default: '75' and '25', respectively. +- `serverlimit`: Limits the configurable number of processes via the [`ServerLimit`][] directive. Default: '25'. +- `startservers`: Sets the number of child server processes created at startup, via the module's [`StartServers`][] directive. Default: '2'. +- `threadlimit`: Limits the number of event threads via the module's [`ThreadLimit`][] directive. Default: '64'. +- `threadsperchild`: Sets the number of threads created by each child process, via the [`ThreadsPerChild`][] directive. Default: '25'. + +##### Class: `apache::mod::auth_cas` + +Installs and manages [`mod_auth_cas`][]. Its parameters share names with the Apache module's directives. + +The `cas_login_url` and `cas_validate_url` parameters are required; several other parameters have 'undef' default values. + +**Parameters within `apache::mod::auth_cas`**: + +- `cas_authoritative`: Determines whether an optional authorization directive is authoritative and binding. Default: undef. +- `cas_certificate_path`: Sets the path to the X509 certificate of the Certificate Authority for the server in `cas_login_url` and `cas_validate_url`. Default: undef. +- `cas_cache_clean_interval`: Sets the minimum number of seconds that must pass between cache cleanings. Default: undef. +- `cas_cookie_domain`: Sets the value of the `Domain=` parameter in the `Set-Cookie` HTTP header. Default: undef. +- `cas_cookie_entropy`: Sets the number of bytes to use when creating session identifiers. Default: undef. +- `cas_cookie_http_only`: Sets the optional `HttpOnly` flag when `mod_auth_cas` issues cookies. Default: undef. +- `cas_debug`: Determines whether to enable the module's debugging mode. Default: 'Off'. +- `cas_idle_timeout`: Default: undef. +- `cas_login_url`: **Required**. Sets the URL to which the module redirects users when they attempt to access a CAS-protected resource and don't have an active session. +- `cas_root_proxied_as`: Sets the URL end users see when access to this Apache server is proxied. Default: undef. +- `cas_timeout`: Limits the number of seconds a `mod_auth_cas` session can remain active. Default: undef. +- `cas_validate_depth`: Limits the depth for chained certificate validation. Default: undef. +- `cas_validate_url`: **Required**. Sets the URL to use when validating a client-presented ticket in an HTTP query string. +- `cas_version`: The CAS protocol version to adhere to. Valid options: '1', '2'. Default: '2'. + +##### Class: `apache::mod::auth_mellon` + +Installs and manages [`mod_auth_mellon`][]. Its parameters share names with the Apache module's directives. + +``` puppet +class{ 'apache::mod::auth_mellon': + mellon_cache_size => 101, +} +``` + +**Parameters within `apache::mod::auth_mellon`**: + +- `mellon_cache_entry_size`: Maximum size for a single session. Default: undef. +- `mellon_cache_size`: Size in megabytes of the mellon cache. Default: 100. +- `mellon_lock_file`: Location of lock file. Default: '`/run/mod_auth_mellon/lock`'. +- `mellon_post_directory`: Full path where post requests are saved. Default: '`/var/cache/apache2/mod_auth_mellon/`' +- `mellon_post_ttl`: Time to keep post requests. Default: undef. +- `mellon_post_size`: Maximum size of post requests. Default: undef. +- `mellon_post_count`: Maximum number of post requests. Default: undef. + +##### Class: `apache::mod::deflate` + +Installs and configures [`mod_deflate`][]. + +**Parameters within `apache::mod::deflate`**: + +- `types`: An [array][] of [MIME types][MIME `content-type`] to be deflated. Default: [ 'text/html text/plain text/xml', 'text/css', 'application/x-javascript application/javascript application/ecmascript', 'application/rss+xml', 'application/json' ]. +- `notes`: A [Hash][] where the key represents the type and the value represents the note name. Default: { 'Input' => 'instream', 'Output' => 'outstream', 'Ratio' => 'ratio' } + +##### Class: `apache::mod::expires` + +Installs [`mod_expires`][] and uses the `expires.conf.erb` template to generate its configuration. + +**Parameters within `apache::mod::expires`**: + +- `expires_active`: Enables generation of `Expires` headers for a document realm. Valid options: Boolean. Default: true. +- `expires_default`: Default algorithm for calculating expiration time using [`ExpiresByType`][] syntax or [interval syntax][]. Default: undef. +- `expires_by_type`: Describes a set of [MIME `content-type`][] and their expiration times. Valid options: An [array][] of [Hashes][Hash], with each Hash's key a valid MIME `content-type` (i.e. 'text/json') and its value following valid [interval syntax][]. Default: undef. + +##### Class: `apache::mod::ext_filter` + +Installs and configures [`mod_ext_filter`][]. + +``` puppet +class { 'apache::mod::ext_filter': + ext_filter_define => { + 'slowdown' => 'mode=output cmd=/bin/cat preservescontentlength', + 'puppetdb-strip' => 'mode=output outtype=application/json cmd="pdb-resource-filter"', + }, +} +``` + +**Parameters within `apache::mod::ext_filter`**: + +- `ext_filter_define`: A hash of filter names and their parameters. Default: undef. + +##### Class: `apache::mod::fcgid` + +Installs and configures [`mod_fcgid`][]. + +The class makes no effort to individually parameterize all available options. Instead, configure `mod_fcgid` using the `options` [hash][]. For example: + +``` puppet +class { 'apache::mod::fcgid': + options => { + 'FcgidIPCDir' => '/var/run/fcgidsock', + 'SharememPath' => '/var/run/fcgid_shm', + 'AddHandler' => 'fcgid-script .fcgi', + }, +} +``` + +For a full list of options, see the [official `mod_fcgid` documentation][`mod_fcgid`]. + +If you include `apache::mod::fcgid`, you can set the [`FcgidWrapper`][] per directory, per virtual host. The module must be loaded first; Puppet will not automatically enable it if you set the `fcgiwrapper` parameter in `apache::vhost`. + +``` puppet +include apache::mod::fcgid + +apache::vhost { 'example.org': + docroot => '/var/www/html', + directories => { + path => '/var/www/html', + fcgiwrapper => { + command => '/usr/local/bin/fcgiwrapper', + } + }, +} +``` + +##### Class: `apache::mod::geoip` + +Installs and manages [`mod_geoip`][]. + +**Parameters within `apache::mod::geoip`**: + +- `db_file`: Sets the path to your GeoIP database file. Valid options: a path, or an [array][] paths for multiple GeoIP database files. Default: `/usr/share/GeoIP/GeoIP.dat`. +- `enable`: Determines whether to globally enable [`mod_geoip`][]. Valid options: Boolean. Default: false. +- `flag`: Sets the GeoIP flag. Valid options: 'CheckCache', 'IndexCache', 'MemoryCache', 'Standard'. Default: 'Standard'. +- `output`: Defines which output variables to use. Valid options: 'All', 'Env', 'Request', 'Notes'. Default: 'All'. +- `enable_utf8`: Changes the output from ISO-8859-1 (Latin-1) to UTF-8. Valid options: Boolean. Default: undef. +- `scan_proxy_headers`: Enables the [GeoIPScanProxyHeaders][] option. Valid options: Boolean. Default: undef. +- `scan_proxy_header_field`: Specifies which header [`mod_geoip`][] should look at to determine the client's IP address. Default: undef. +- `use_last_xforwarededfor_ip` (sic): Determines whether to use the first or last IP address for the client's IP if a comma-separated list of IP addresses is found. Valid options: Boolean. Default: undef. + +##### Class: `apache::mod::info` + +Installs and manages [`mod_info`][], which provides a comprehensive overview of the server configuration. + +**Parameters within `apache::mod::info`**: + +- `allow_from`: Whitelist of IPv4 or IPv6 addresses or ranges that can access `/server-info`. Valid options: One or more octets of an IPv4 address, an IPv6 address or range, or an array of either. Default: ['127.0.0.1','::1']. +- `apache_version`: Apache's version number as a string, such as '2.2' or '2.4'. Default: the value of [`$::apache::apache_version`][`apache_version`]. +- `restrict_access`: Determines whether to enable access restrictions. If false, the `allow_from` whitelist is ignored and any IP address can access `/server-info`. Valid options: Boolean. Default: true. + +##### Class: `apache::mod::passenger` + +Installs and manages [`mod_passenger`][]. + +**Parameters within `apache::mod::passenger`**: + +- `passenger_high_performance` Sets the [`PassengerHighPerformance`](https://www.phusionpassenger.com/library/config/apache/reference/#passengerhighperformance). Valid options: 'on', 'off'. Default: undef. +- `passenger_pool_idle_time` Sets the [`PassengerPoolIdleTime`](https://www.phusionpassenger.com/library/config/apache/reference/#passengerpoolidletime). Default: undef. +- `passenger_max_pool_size` Sets the [`PassengerMaxPoolSize`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxpoolsize). Default: undef. +- `passenger_max_request_queue_size` Sets the [`PassengerMaxRequestQueueSize`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxrequestqueuesize). Default: undef. +- `passenger_max_requests` Sets the [`PassengerMaxRequests`](https://www.phusionpassenger.com/library/config/apache/reference/#passengermaxrequests). Default: undef. + +##### Class: `apache::mod::ldap` + +Installs and configures [`mod_ldap`][], and allows you to modify the +[`LDAPTrustedGlobalCert`](https://httpd.apache.org/docs/current/mod/mod_ldap.html#ldaptrustedglobalcert) Directive: + +``` puppet +class { 'apache::mod::ldap': + ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt', + ldap_trusted_global_cert_type => 'CA_DER', +} +``` + +**Parameters within `apache::mod::ldap`:** + +- `ldap_trusted_global_cert_file`: Path and file name of the trusted CA certificates to use when establishing SSL or TLS connections to an LDAP server. +- `ldap_trusted_global_cert_type`: The global trust certificate format. Default: 'CA_BASE64'. + +##### Class: `apache::mod::negotiation` + +Installs and configures [`mod_negotiation`][]. + +**Parameters within `apache::mod::negotiation`:** + +- `force_language_priority`: Sets the `ForceLanguagePriority` option. Valid option: String. Default: `Prefer Fallback`. +- `language_priority`: An [array][] of languages to set the `LanguagePriority` option of the module. Default: [ 'en', 'ca', 'cs', 'da', 'de', 'el', 'eo', 'es', 'et', 'fr', 'he', 'hr', 'it', 'ja', 'ko', 'ltz', 'nl', 'nn', 'no', 'pl', 'pt', 'pt-BR', 'ru', 'sv', 'zh-CN', 'zh-TW' ] + +##### Class: `apache::mod::pagespeed` + +Installs and manages [`mod_pagespeed`][], a Google module that rewrites web pages to reduce latency and bandwidth. + +While this Apache module requires the `mod-pagespeed-stable` package, Puppet **doesn't** manage the software repositories required to automatically install the package. If you declare this class when the package is either not installed or not available to your package manager, your Puppet run will fail. + +**Parameters within `apache::mod::pagespeed`**: + +- `inherit_vhost_config`: Default: 'on'. +- `filter_xhtml`: Default: false. +- `cache_path`: Default: '/var/cache/mod_pagespeed/'. +- `log_dir`: Default: '/var/log/pagespeed'. +- `memcache_servers`: Default: []. +- `rewrite_level`: Default: 'CoreFilters'. +- `disable_filters`: Default: []. +- `enable_filters`: Default: []. +- `forbid_filters`: Default: []. +- `rewrite_deadline_per_flush_ms`: Default: 10. +- `additional_domains`: Default: undef. +- `file_cache_size_kb`: Default: 102400. +- `file_cache_clean_interval_ms`: Default: 3600000. +- `lru_cache_per_process`: Default: 1024. +- `lru_cache_byte_limit`: Default: 16384. +- `css_flatten_max_bytes`: Default: 2048. +- `css_inline_max_bytes`: Default: 2048. +- `css_image_inline_max_bytes`: Default: 2048. +- `image_inline_max_bytes`: Default: 2048. +- `js_inline_max_bytes`: Default: 2048. +- `css_outline_min_bytes`: Default: 3000. +- `js_outline_min_bytes`: Default: 3000. +- `inode_limit`: Default: 500000. +- `image_max_rewrites_at_once`: Default: 8. +- `num_rewrite_threads`: Default: 4. +- `num_expensive_rewrite_threads`: Default: 4. +- `collect_statistics`: Default: 'on'. +- `statistics_logging`: Default: 'on'. +- `allow_view_stats`: Default: []. +- `allow_pagespeed_console`: Default: []. +- `allow_pagespeed_message`: Default: []. +- `message_buffer_size`: Default: 100000. +- `additional_configuration`: A hash of directive-value pairs or an array of lines to insert at the end of the pagespeed configuration. Default: '{ }'. + +The class's parameters correspond to the module's directives. See the [module's documentation][`mod_pagespeed`] for details. + +##### Class: `apache::mod::php` + +Installs and configures [`mod_php`][]. + +**Parameters within `apache::mod::php`**: + +Default values depend on your operating system. + +> **Note**: This list is incomplete. Most of this class's parameters correspond to `mod_php` directives; see the [module's documentation][`mod_php`] for details. + +- `package_name`: Names the package that installs `mod_php`. +- `path`: Defines the path to the `mod_php` shared object (`.so`) file. +- `source`: Defines the path to the default configuration. Valid options include a `puppet:///` path. +- `template`: Defines the path to the `php.conf` template Puppet uses to generate the configuration file. +- `content`: Adds arbitrary content to `php.conf`. + +##### Class: `apache::mod::reqtimeout` + +Installs and configures [`mod_reqtimeout`][]. + +**Parameters within `apache::mod::reqtimeout`**: + +- `timeouts`: A string or [array][] that sets the [`RequestReadTimeout`][] option. Default: ['header=20-40,MinRate=500', 'body=20,MinRate=500']. + +##### Class: `apache::mod::shib` + +Installs the [Shibboleth](http://shibboleth.net/) Apache module `mod_shib`, which enables SAML2 single sign-on (SSO) authentication by Shibboleth Identity Providers and Shibboleth Federations. This class only installs and configures the Apache components of a web application that consumes Shibboleth SSO identities, also known as a Shibboleth Service Provider. You can manage the Shibboleth configuration manually, with Puppet, or using a [Shibboleth Puppet Module](https://github.com/aethylred/puppet-shibboleth). + +Defining this class enables Shibboleth-specific parameters in `apache::vhost` instances. + +##### Class: `apache::mod::ssl` + +Installs [Apache SSL features][`mod_ssl`] and uses the `ssl.conf.erb` template to generate its configuration. + +**Parameters within `apache::mod::ssl`**: + +- `ssl_cipher`: Default: 'HIGH:MEDIUM:!aNULL:!MD5:!RC4'. +- `ssl_compression`: Default: false. +- `ssl_cryptodevice`: Default: 'builtin'. +- `ssl_honorcipherorder`: Default: 'On'. +- `ssl_openssl_conf_cmd`: Default: undef. +- `ssl_options`: Default: [ 'StdEnvVars' ] +- `ssl_pass_phrase_dialog`: Default: 'builtin'. +- `ssl_protocol`: Default: [ 'all', '-SSLv2', '-SSLv3' ]. +- `ssl_random_seed_bytes`: Valid options: A string. Default: '512'. +- `ssl_sessioncachetimeout`: Valid options: A string. Default: '300'. + +To use SSL with a virtual host, you must either set the [`default_ssl_vhost`][] parameter in `::apache` to true **or** the [`ssl`][] parameter in [`apache::vhost`][] to true. + +##### Class: `apache::mod::status` + +Installs [`mod_status`][] and uses the `status.conf.erb` template to generate its configuration. + +**Parameters within `apache::mod::status`**: + +- `allow_from`: An [array][] of IPv4 or IPv6 addresses that can access `/server-status`. Default: ['127.0.0.1','::1']. +- `extended_status`: Determines whether to track extended status information for each request, via the [`ExtendedStatus`][] directive. Valid options: 'Off', 'On'. Default: 'On'. +- `status_path`: The server location of the status page. Default: '/server-status'. + +##### Class: `apache::mod::version` + +Installs [`mod_version`][] on many operating systems and Apache configurations. + +If Debian and Ubuntu systems with Apache 2.4 are classified with `apache::mod::version`, Puppet warns that `mod_version` is built-in and can't be loaded. + +##### Class: `apache::mod::security` + +Installs and configures Trustwave's [`mod_security`][]. It is enabled and runs by default on all virtual hosts. + +**Parameters within `apache::mod::security`**: + +- `activated_rules`: An [array][] of rules from the `modsec_crs_path` to activate via symlinks. Default: `modsec_default_rules` in [`apache::params`][]. +- `allowed_methods`: A space-separated list of allowed HTTP methods. Default: 'GET HEAD POST OPTIONS'. +- `content_types`: A list of one or more allowed [MIME types][MIME `content-type`]. Default: 'application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf' +- `crs_package`: Names the package that installs CRS rules. Default: `modsec_crs_package` in [`apache::params`][]. +- `modsec_dir`: Defines the path where Puppet installs the modsec configuration and activated rules links. Default: 'On', set by `modsec_dir` in [`apache::params`][]. +${modsec_dir}/activated_rules. +- `modsec_secruleengine`: Configures the modsec rules engine. Valid options: 'On', 'Off', and 'DetectionOnly'. Default: `modsec_secruleengine` in [`apache::params`][]. +- `restricted_extensions`: A space-separated list of prohibited file extensions. Default: '.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/'. +- `restricted_headers`: A list of restricted headers separated by slashes and spaces. Default: 'Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/'. + +##### Class: `apache::mod::wsgi` + +Enables Python support via [`mod_wsgi`][]. + +**Parameters within `apache::mod::wsgi`**: + +- `mod_path`: Defines the path to the `mod_wsgi` shared object (`.so`) file. Default: undef. + - If the `mod_path` parameter doesn't contain `/`, Puppet prefixes it with your operating system's default module path. +Otherwise, Puppet follows it literally. +- `package_name`: Names the package that installs `mod_wsgi`. Default: undef. +- `wsgi_python_home`: Defines the [`WSGIPythonHome`][] directive, such as '/path/to/venv'. Valid options: path. Default: undef. +- `wsgi_python_path`: Defines the [`WSGIPythonPath`][] directive, such as '/path/to/venv/site-packages'. Valid options: path. Default: undef. +- `wsgi_socket_prefix`: Defines the [`WSGISocketPrefix`][] directive, such as "\${APACHE_RUN_DIR}WSGI". Default: `wsgi_socket_prefix` in [`apache::params`][]. + +The class's parameters correspond to the module's directives. See the [module's documentation][`mod_wsgi`] for details. + +### Private Classes + +#### Class: `apache::confd::no_accf` + +Creates the `no-accf.conf` configuration file in `conf.d`, required by FreeBSD's Apache 2.4. + +#### Class: `apache::default_confd_files` + +Includes `conf.d` files for FreeBSD. + +#### Class: `apache::default_mods` + +Installs the Apache modules required to run the default configuration. See the `apache` class's [`default_mods`][] parameter for details. + +#### Class: `apache::package` + +Installs and configures basic Apache packages. + +#### Class: `apache::params` + +Manages Apache parameters for different operating systems. + +#### Class: `apache::service` + +Manages the Apache daemon. + +#### Class: `apache::version` + +Attempts to automatically detect the Apache version based on the operating system. + +### Public defined types + +#### Defined type: `apache::balancer` + +Creates an Apache load balancing group, also known as a balancer cluster, using [`mod_proxy`][]. Each load balancing group needs one or more balancer members, which you can declare in Puppet with the [`apache::balancermember`][] define. + +Declare one `apache::balancer` define for each Apache load balancing group. You can export `apache::balancermember` defined types for all balancer members and collect them on a single Apache load balancer server using [exported resources][]. + +**Parameters within `apache::balancer`**: + +##### `name` + +Sets the title of the balancer cluster and name of the `conf.d` file containing its configuration. + +##### `proxy_set` + +Configures key-value pairs as [`ProxySet`][] lines. Valid options: a [hash][]. Default: '{}'. + +##### `collect_exported` + +Determines whether to use [exported resources][]. Valid options: Boolean. Default: true. + +If you statically declare all of your backend servers, set this parameter to false to rely on existing, declared balancer member resources. Also, use `apache::balancermember` with [array][] arguments. + +To dynamically declare backend servers via exported resources collected on a central node, set this parameter to true to collect the balancer member resources exported by the balancer member nodes. + +If you don't use exported resources, a single Puppet run configures all balancer members. If you use exported resources, Puppet has to run on the balanced nodes first, then run on the balancer. + +#### Defined type: `apache::balancermember` + +Defines members of [`mod_proxy_balancer`][], which sets up a balancer member inside a listening service configuration block in the load balancer's `apache.cfg`. + +**Parameters within `apache::balancermember`**: + +##### `balancer_cluster` + +**Required**. Sets the Apache service's instance name, and must match the name of a declared [`apache::balancer`][] resource. + +##### `url` + +Specifies the URL used to contact the balancer member server. Default: 'http://${::fqdn}/'. + +##### `options` + +Specifies an [array][] of [options](https://httpd.apache.org/docs/current/mod/mod_proxy.html#balancermember) after the URL, and accepts any key-value pairs available to [`ProxyPass`][]. Default: an empty array. + +#### Defined type: `apache::custom_config` + +Adds a custom configuration file to the Apache server's `conf.d` directory. If the file is invalid and this defined type's [`verify_config`][] parameter's value is true, Puppet throws an error during a Puppet run. + +**Parameters within `apache::custom_config`**: + +##### `ensure` + +Specifies whether the configuration file should be present. Valid options: 'absent', 'present'. Default: 'present'. + +##### `confdir` + +Sets the directory in which Puppet places configuration files. Default: the value of [`$::apache::confd_dir`][`confd_dir`]. + +##### `content` + +Sets the configuration file's content. The `content` and [`source`][] parameters are exclusive of each other. + +##### `filename` + +Sets the name of the file under `confdir` in which Puppet stores the configuration. The default behavior is to generate the filename from the `priority` parameter and the resource name. + +##### `priority` + +Sets the configuration file's priority by prefixing its filename with this parameter's numeric value, as Apache processes configuration files in alphanumeric order. Default: '25'. + +To omit the priority prefix in the configuration file's name, set this parameter to false. + +##### `source` + +Points to the configuration file's source. The [`content`][] and `source` parameters are exclusive of each other. + +##### `verify_command` + +Specifies the command Puppet uses to verify the configuration file. Use a fully qualified command. Default: `/usr/sbin/apachectl -t`. + +This parameter is only used if the [`verify_config`][] parameter's value is 'true'. If the `verify_command` fails, the Puppet run deletes the configuration file, does not notify the Apache service, and raises an error. + +##### `verify_config` + +Specifies whether to validate the configuration file before notifying the Apache service. Valid options: Boolean. Default: true. + +#### Defined type: `apache::fastcgi::server` + +Defines one or more external FastCGI servers to handle specific file types. Use this defined type with [`mod_fastcgi`][FastCGI]. + +**Parameters within `apache::fastcgi::server`:** + +##### `host` + +Determines the FastCGI's hostname or IP address and TCP port number (1-65535). + +##### `timeout` + +Sets the number of seconds a [FastCGI][] application can be inactive before aborting the request and logging the event at the error LogLevel. The inactivity timer applies only as long as a connection is pending with the FastCGI application. If a request is queued to an application, but the application doesn't respond by writing and flushing within this period, the request is aborted. If communication is complete with the application but incomplete with the client (the response is buffered), the timeout does not apply. + +##### `flush` + +Forces [`mod_fastcgi`][FastCGI] to write to the client as data is received from the application. By default, `mod_fastcgi` buffers data in order to free the application as quickly as possible. + +##### `faux_path` + +Apache has [FastCGI][] handle URIs that resolve to this filename. The path set in this parameter does not have to exist in the local filesystem. + +##### `alias` + +Internally links actions with the FastCGI server. This alias must be unique. + +##### `file_type` + +Sets the [MIME `content-type`][] of the file to be processed by the FastCGI server. + +#### Defined type: `apache::listen` + +Adds [`Listen`][] directives to `ports.conf` in the Apache configuration directory that define the Apache server's or a virtual host's listening address and port. The [`apache::vhost`][] class uses this defined type, and titles take the form '', ':', or ':'. + +#### Defined type: `apache::mod` + +Installs packages for an Apache module that doesn't have a corresponding [`apache::mod::`][] class, and checks for or places the module's default configuration files in the Apache server's `module` and `enable` directories. The default locations depend on your operating system. + +**Parameters within `apache::mod`**: + +##### `package` + +**Required**. Names the package Puppet uses to install the Apache module. + +##### `package_ensure` + +Determines whether Puppet ensures the Apache module should be installed. Valid options: 'absent', 'present'. Default: 'present'. + +##### `lib` + +Defines the module's shared object name. Its default value is `mod_$name.so`, and it should not be configured manually without special reason. + +##### `lib_path` + +Specifies a path to the module's libraries. Default: the `apache` class's [`lib_path`][] parameter. + +Don't manually set this parameter without special reason. The [`path`][] parameter overrides this value. + +##### `loadfile_name` + +Sets the filename for the module's [`LoadFile`][] directive, which can also set the module load order as Apache processes them in alphanumeric order. Valid options: filenames formatted `\*.load`. Default: the resource's name followed by 'load', as in '$name.load'. + +##### `loadfiles` + +Specifies an array of [`LoadFile`][] directives. Default: undef. + +##### `path` + +Specifies a path to the module. Default: [`lib_path`][]/[`lib`][]. + +> **Note:** Don't manually set this parameter without a specific reason. + +#### Defined type: `apache::namevirtualhost` + +Enables [name-based virtual hosts][] and adds all related directives to the `ports.conf` file in the Apache HTTPD configuration directory. Titles can take the forms '\*', '*:', '\_default_:, '', or ':'. + +#### Defined type: `apache::vhost` + +The Apache module allows a lot of flexibility in the setup and configuration of virtual hosts. This flexibility is due, in part, to `vhost` being a defined resource type, which allows Apache to evaluate it multiple times with different parameters. + +The `apache::vhost` defined type allows you to have specialized configurations for virtual hosts that have requirements outside the defaults. You can set up a default virtual host within the base `::apache` class, as well as set a customized virtual host as the default. Customized virtual hosts have a lower numeric [`priority`][] than the base class's, causing Apache to process the customized virtual host first. + +The `apache::vhost` defined type uses `concat::fragment` to build the configuration file. To inject custom fragments for pieces of the configuration that the defined type doesn't inherently support, add a custom fragment. + +For the custom fragment's `order` parameter, the `apache::vhost` defined type uses multiples of 10, so any `order` that isn't a multiple of 10 should work. + +**Parameters within `apache::vhost`**: + +##### `access_log` + +Determines whether to configure `*_access.log` directives (`*_file`,`*_pipe`, or `*_syslog`). Valid options: Boolean. Default: true. + +##### `access_log_env_var` + +Specifies that only requests with particular environment variables be logged. Default: undef. + +##### `access_log_file` + +Sets the filename of the `*_access.log` placed in [`logroot`][]. Given a virtual host---for instance, example.com---it defaults to 'example.com_ssl.log' for [SSL-encrypted][SSL encryption] virtual hosts and 'example.com_access.log' for unencrypted virtual hosts. + +##### `access_log_format` + +Specifies the use of either a [`LogFormat`][] nickname or a custom-formatted string for the access log. Default: 'combined'. + +##### `access_log_pipe` + +Specifies a pipe where Apache sends access log messages. Default: undef. + +##### `access_log_syslog` + +Sends all access log messages to syslog. Default: undef. + +##### `add_default_charset` + +Sets a default media charset value for the [`AddDefaultCharset`][] directive, which is added to `text/plain` and `text/html` responses. + +##### `add_listen` + +Determines whether the virtual host creates a [`Listen`][] statement. Valid options: Boolean. Default: true. + +Setting `add_listen` to false prevents the virtual host from creating a `Listen` statement. This is important when combining virtual hosts that aren't passed an `ip` parameter with those that are. + +##### `use_optional_includes` + +Specifies whether Apache uses the [`IncludeOptional`][] directive instead of [`Include`][] for `additional_includes` in Apache 2.4 or newer. Valid options: Boolean. Default: false. + +##### `additional_includes` + +Specifies paths to additional static, virtual host-specific Apache configuration files. You can use this parameter to implement a unique, custom configuration not supported by this module. Valid options: a string path or [array][] of them. Default: an empty array. + +##### `aliases` + +Passes a list of [hashes][hash] to the virtual host to create [`Alias`][], [`AliasMatch`][], [`ScriptAlias`][] or [`ScriptAliasMatch`][] directives as per the [`mod_alias`][] documentation. + +For example: + +``` puppet +aliases => [ + { aliasmatch => '^/image/(.*)\.jpg$', + path => '/files/jpg.images/$1.jpg', + }, + { alias => '/image', + path => '/ftp/pub/image', + }, + { scriptaliasmatch => '^/cgi-bin(.*)', + path => '/usr/local/share/cgi-bin$1', + }, + { scriptalias => '/nagios/cgi-bin/', + path => '/usr/lib/nagios/cgi-bin/', + }, + { alias => '/nagios', + path => '/usr/share/nagios/html', + }, +], +``` + +For the `alias`, `aliasmatch`, `scriptalias` and `scriptaliasmatch` keys to work, each needs a corresponding context, such as `` or ``. Puppet creates the directives in the order specified in the `aliases` parameter. As described in the [`mod_alias`][] documentation, add more specific `alias`, `aliasmatch`, `scriptalias` or `scriptaliasmatch` parameters before the more general ones to avoid shadowing. + +> **Note**: Use the `aliases` parameter instead of the `scriptaliases` parameter because you can precisely control the various alias directives' order. Defining `ScriptAliases` using the `scriptaliases` parameter means *all* `ScriptAlias` directives will come after *all* `Alias` directives, which can lead to `Alias` directives shadowing `ScriptAlias` directives. This often causes problems, for example with Nagios. + +If [`apache::mod::passenger`][] is loaded and `PassengerHighPerformance` is 'true', the `Alias` directive might not be able to honor the `PassengerEnabled => off` statement. See [this article](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) for details. + +##### `allow_encoded_slashes` + +Sets the [`AllowEncodedSlashes`][] declaration for the virtual host, overriding the server default. This modifies the virtual host responses to URLs with `\` and `/` characters. Valid options: 'nodecode', 'off', 'on'. Default: undef, which omits the declaration from the server configuration and selects the Apache default setting of `Off`. + +##### `block` + +Specifies the list of things to which Apache blocks access. Valid option: 'scm', which blocks web access to `.svn`, `.git`, and `.bzr` directories. Default: an empty [array][]. + +##### `custom_fragment` + +Passes a string of custom configuration directives to place at the end of the virtual host configuration. Default: undef. + +##### `default_vhost` + +Sets a given `apache::vhost` defined type as the default to serve requests that do not match any other `apache::vhost` defined types. Default: false. + +##### `directories` + +See the [`directories`](#parameter-directories-for-apachevhost) section. + +##### `directoryindex` + +Sets the list of resources to look for when a client requests an index of the directory by specifying a '/' at the end of the directory name. See the [`DirectoryIndex`][] directive documentation for details. Default: undef. + +##### `docroot` + +**Required**. Sets the [`DocumentRoot`][] location, from which Apache serves files. + +If `docroot` and [`manage_docroot`][] are both set to false, no [`DocumentRoot`][] will be set and the accompanying `` block will not be created. + +##### `docroot_group` + +Sets group access to the [`docroot`][] directory. Valid options: A string representing a system group. Default: 'root'. + +##### `docroot_owner` + +Sets individual user access to the [`docroot`][] directory. Valid options: A string representing a user account. Default: 'root'. + +##### `docroot_mode` + +Sets access permissions for the [`docroot`][] directory, in numeric notation. Valid options: A string. Default: undef. + +##### `manage_docroot` + +Determines whether Puppet manages the [`docroot`][] directory. Valid options: Boolean. Default: true. + +##### `error_log` + +Specifies whether `*_error.log` directives should be configured. Valid options: Boolean. Default: true. + +##### `error_log_file` + +Points the virtual host's error logs to a `*_error.log` file. If this parameter is undefined, Puppet checks for values in [`error_log_pipe`][], then [`error_log_syslog`][]. + +If none of these parameters is set, given a virtual host `example.com`, Puppet defaults to '$logroot/example.com_error_ssl.log' for SSL virtual hosts and '$logroot/example.com_error.log' for non-SSL virtual hosts. + +##### `error_log_pipe` + +Specifies a pipe to send error log messages to. Default: undef. + +This parameter has no effect if the [`error_log_file`][] parameter has a value. If neither this parameter nor `error_log_file` has a value, Puppet then checks [`error_log_syslog`][]. + +##### `error_log_syslog` + +Determines whether to send all error log messages to syslog. Valid options: Boolean. Default: undef. + +This parameter has no effect if either of the [`error_log_file`][] or [`error_log_pipe`][] parameters has a value. If none of these parameters has a value, given a virtual host `example.com`, Puppet defaults to '$logroot/example.com_error_ssl.log' for SSL virtual hosts and '$logroot/example.com_error.log' for non-SSL virtual hosts. + +##### `error_documents` + +A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for this virtual host. Default: '[]'. + +An example: + +``` puppet +apache::vhost { 'sample.example.net': + error_documents => [ + { 'error_code' => '503', 'document' => '/service-unavail' }, + { 'error_code' => '407', 'document' => 'https://example.com/proxy/login' }, + ], +} +``` + +##### `ensure` + +Specifies if the virtual host is present or absent. Valid options: 'absent', 'present'. Default: 'present'. + +##### `fallbackresource` + +Sets the [FallbackResource](https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource) directive, which specifies an action to take for any URL that doesn't map to anything in your filesystem and would otherwise return 'HTTP 404 (Not Found)'. Valid options must either begin with a '/' or be 'disabled'. Default: undef. + +##### `filters` + +[Filters](https://httpd.apache.org/docs/current/mod/mod_filter.html) enable smart, context-sensitive configuration of output content filters. + +``` puppet +apache::vhost { "$::fqdn": + filters => [ + 'FilterDeclare COMPRESS', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', + 'FilterChain COMPRESS', + 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', + ], +} +``` + +##### `force_type` + +Sets the [`ForceType`][] directive, which forces Apache to serve all matching files with a [MIME `content-type`][] matching this parameter's value. + +##### `headers` + +Adds lines to replace, merge, or remove response headers. See [Apache's mod_headers documentation](https://httpd.apache.org/docs/current/mod/mod_headers.html#header) for more information. Valid options: A string, an array of strings, or undef. Default: undef. + +##### `ip` + +Sets the IP address the virtual host listens on. Valid options: Strings. Default: undef, which uses Apache's default behavior of listening on all IPs. + +##### `ip_based` + +Enables an [IP-based](https://httpd.apache.org/docs/current/vhosts/ip-based.html) virtual host. This parameter inhibits the creation of a NameVirtualHost directive, since those are used to funnel requests to name-based virtual hosts. Default: false. + +##### `itk` + +Configures [ITK](http://mpm-itk.sesse.net/) in a hash. Keys can be: + +* user + group +* `assignuseridexpr` +* `assigngroupidexpr` +* `maxclientvhost` +* `nice` +* `limituidrange` (Linux 3.5.0 or newer) +* `limitgidrange` (Linux 3.5.0 or newer) + +Usage typically looks like: + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + itk => { + user => 'someuser', + group => 'somegroup', + }, +} +``` + +##### `auth_kerb` + +Enable [`mod_auth_kerb`][] parameters for a virtual host. Valid options: Boolean. Default: false. + +Usage typically looks like: + +``` puppet +apache::vhost { 'sample.example.net': + auth_kerb => true, + krb_method_negotiate => 'on', + krb_auth_realms => ['EXAMPLE.ORG'], + krb_local_user_mapping => 'on', + directories => { + path => '/var/www/html', + auth_name => 'Kerberos Login', + auth_type => 'Kerberos', + auth_require => 'valid-user', + }, +} +``` + +Related parameters follow the names of `mod_auth_kerb` directives: + +- `krb_method_negotiate`: Determines whether to use the Negotiate method. Default: 'on'. +- `krb_method_k5passwd`: Determines whether to use password-based authentication for Kerberos v5. Default: 'on'. +- `krb_authoritative`: If set to 'off', authentication controls can be passed on to another module. Default: 'on'. +- `krb_auth_realms`: Specifies an array of Kerberos realms to use for authentication. Default: '[]'. +- `krb_5keytab`: Specifies the Kerberos v5 keytab file's location. Default: undef. +- `krb_local_user_mapping`: Strips @REALM from usernames for further use. Default: undef. + +##### `krb_verify_kdc` + +This option can be used to disable the verification tickets against local keytab to prevent KDC spoofing attacks. Default: 'on'. + +##### `krb_servicename` + +Specifies the service name that will be used by Apache for authentication. Corresponding key of this name must be stored in the keytab. Default: 'HTTP'. + +##### `krb_save_credentials` + +This option enables credential saving functionality. Default is 'off' + +##### `logroot` + +Specifies the location of the virtual host's logfiles. Default: '/var/log//'. + +##### `$logroot_ensure` + +Determines whether or not to remove the logroot directory for a virtual host. Valid options: 'directory', 'absent'. + +##### `logroot_mode` + +Overrides the mode the logroot directory is set to. Default: undef. Do *not* grant write access to the directory the logs are stored in without being aware of the consequences; for more information, see [Apache's log security documentation](https://httpd.apache.org/docs/2.4/logs.html#security). + +##### `log_level` + +Specifies the verbosity of the error log. Valid options: 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info' or 'debug'. Default: 'warn' for the global server configuration, which can be overridden on a per-virtual host basis. + +###### `modsec_body_limit` + +Configures the maximum request body size (in bytes) ModSecurity will accept for buffering + +###### `modsec_disable_vhost` + +Disables [`mod_security`][] on a virtual host. Only valid if [`apache::mod::security`][] is included. Valid options: Boolean. Default: undef. + +###### `modsec_disable_ids` + +Array of mod_security IDs to remove from the virtual host. Also takes a hash allowing removal of an ID from a specific location. + +``` puppet +apache::vhost { 'sample.example.net': + modsec_disable_ids => [ 90015, 90016 ], +} +``` + +``` puppet +apache::vhost { 'sample.example.net': + modsec_disable_ids => { '/location1' => [ 90015, 90016 ] }, +} +``` + +###### `modsec_disable_ips` + +Specifies an array of IP addresses to exclude from [`mod_security`][] rule matching. Default: undef. + +##### `no_proxy_uris` + +Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with [`proxy_dest`](#proxy_dest). + +##### `no_proxy_uris_match` + +This directive is equivalent to [`no_proxy_uris`][], but takes regular expressions. + +##### `proxy_preserve_host` + +Sets the [ProxyPreserveHost Directive](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypreservehost). Valid options: Boolean. Default: false. + +Setting this parameter to true enables the `Host:` line from an incoming request to be proxied to the host instead of hostname. Setting it to false sets this directive to 'Off'. + +##### `proxy_error_override` + +Sets the [ProxyErrorOverride Directive](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyerroroverride). This directive controls whether Apache should override error pages for proxied content. Default: false. + +##### `options` + +Sets the [`Options`][] for the specified virtual host. Default: ['Indexes','FollowSymLinks','MultiViews'], as demonstrated below: + +``` puppet +apache::vhost { 'site.name.fdqn': + … + options => ['Indexes','FollowSymLinks','MultiViews'], +} +``` + +> **Note**: If you use the [`directories`][] parameter of [`apache::vhost`][], 'Options', 'Override', and 'DirectoryIndex' are ignored because they are parameters within `directories`. + +##### `override` + +Sets the overrides for the specified virtual host. Accepts an array of [AllowOverride](https://httpd.apache.org/docs/current/mod/core.html#allowoverride) arguments. Default: '[none]'. + +##### `passenger_app_root` + +Sets [PassengerRoot](https://www.phusionpassenger.com/library/config/apache/reference/#passengerapproot), the location of the Passenger application root if different from the DocumentRoot. + +##### `passenger_app_env` + +Sets [PassengerAppEnv](https://www.phusionpassenger.com/library/config/apache/reference/#passengerappenv), the environment for the Passenger application. If not specifies, defaults to the global setting or 'production'. + +##### `passenger_log_file` + +By default, Passenger log messages are written to the Apache global error log. With [PassengerLogFile](https://www.phusionpassenger.com/library/config/apache/reference/#passengerlogfile), you can configure those messages to be logged to a different file. This option is only available since Passenger 5.0.5. + +##### `passenger_ruby` + +Sets [PassengerRuby](https://www.phusionpassenger.com/library/config/apache/reference/#passengerruby), the Ruby interpreter to use for the application, on this virtual host. + +##### `passenger_min_instances` + +Sets [PassengerMinInstances](https://www.phusionpassenger.com/library/config/apache/reference/#passengermininstances), the minimum number of application processes to run. + +##### `passenger_start_timeout` + +Sets [PassengerStartTimeout](https://www.phusionpassenger.com/library/config/apache/reference/#passengerstarttimeout), the timeout for the application startup. + +##### `passenger_pre_start` + +Sets [PassengerPreStart](https://www.phusionpassenger.com/library/config/apache/reference/#passengerprestart), the URL of the application if pre-starting is required. + +##### `php_flags & values` + +Allows per-virtual host setting [`php_value`s or `php_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values can be overwritten by a user or an application. Default: '{}'. + +##### `php_admin_flags & values` + +Allows per-virtual host setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user or an application. Default: '{}'. + +##### `port` + +Sets the port the host is configured on. The module's defaults ensure the host listens on port 80 for non-SSL virtual hosts and port 443 for SSL virtual hosts. The host only listens on the port set in this parameter. + +##### `priority` + +Sets the relative load-order for Apache HTTPD VirtualHost configuration files. Default: '25'. + +If nothing matches the priority, the first name-based virtual host is used. Likewise, passing a higher priority causes the alphabetically first name-based virtual host to be used if no other names match. + +> **Note:** You should not need to use this parameter. However, if you do use it, be aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'. + +To omit the priority prefix in file names, pass a priority of false. + +##### `proxy_dest` + +Specifies the destination address of a [ProxyPass](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Default: undef. + +##### `proxy_pass` + +Specifies an array of `path => URI` values for a [ProxyPass](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Default: undef. Parameters and location options can optionally be added as an array. + +``` puppet +apache::vhost { 'site.name.fdqn': + … + proxy_pass => [ + { 'path' => '/a', 'url' => 'http://backend-a/' }, + { 'path' => '/b', 'url' => 'http://backend-b/' }, + { 'path' => '/c', 'url' => 'http://backend-a/c', 'params' => {'max'=>20, 'ttl'=>120, 'retry'=>300}}, + { 'path' => '/c', 'url' => 'http://backend-a/c', + 'options' => {'Require'=>'valid-user', 'AuthType'=>'Kerberos', 'AuthName'=>'Kerberos Login'}}, + { 'path' => '/l', 'url' => 'http://backend-xy', + 'reverse_urls' => ['http://backend-x', 'http://backend-y'] }, + { 'path' => '/d', 'url' => 'http://backend-a/d', + 'params' => { 'retry' => '0', 'timeout' => '5' }, }, + { 'path' => '/e', 'url' => 'http://backend-a/e', + 'keywords' => ['nocanon', 'interpolate'] }, + { 'path' => '/f', 'url' => 'http://backend-f/', + 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1']}, + { 'path' => '/g', 'url' => 'http://backend-g/', + 'reverse_cookies' => [{'path' => '/g', 'url' => 'http://backend-g/',}, {'domain' => 'http://backend-g', 'url' => 'http:://backend-g',},], }, + ], +} +``` + +* `reverse_urls`. *Optional.* This setting is useful when used with `mod_proxy_balancer`. Valid options: an array or string. +* `reverse_cookies`. *Optional.* Sets `ProxyPassReverseCookiePath` and `ProxyPassReverseCookieDomain`. +* `params`. *Optional.* Allows for ProxyPass key-value parameters, such as connection settings. +* `setenv`. *Optional.* Sets [environment variables](https://httpd.apache.org/docs/current/mod/mod_proxy.html#envsettings) for the proxy directive. Valid options: array. + +##### `proxy_dest_match` + +This directive is equivalent to [`proxy_dest`][], but takes regular expressions, see [ProxyPassMatch](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassmatch) for details. + +##### `proxy_dest_reverse_match` + +Allows you to pass a ProxyPassReverse if [`proxy_dest_match`][] is specified. See [ProxyPassReverse](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassreverse) for details. + +##### `proxy_pass_match` + +This directive is equivalent to [`proxy_pass`][], but takes regular expressions, see [ProxyPassMatch](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypassmatch) for details. + +##### `rack_base_uris` + +Specifies the resource identifiers for a rack configuration. The file paths specified are listed as rack application roots for [Phusion Passenger](http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsbaseuri_and_rackbaseuri) in the _rack.erb template. Default: undef. + +#####`passenger_base_uris` + +Used to specify that the given URI is a Phusion Passenger-served application. The file paths specified are listed as passenger application roots for [Phusion Passenger](https://www.phusionpassenger.com/documentation/Users%20guide%20Apache.html#PassengerBaseURI) in the _passenger_base_uris.erb template. Default: undef. + +##### `redirect_dest` + +Specifies the address to redirect to. Default: undef. + +##### `redirect_source` + +Specifies the source URIs that redirect to the destination specified in `redirect_dest`. If more than one item for redirect is supplied, the source and destination must be the same length, and the items are order-dependent. + +``` puppet +apache::vhost { 'site.name.fdqn': + … + redirect_source => ['/images','/downloads'], + redirect_dest => ['http://img.example.com/','http://downloads.example.com/'], +} +``` + +##### `redirect_status` + +Specifies the status to append to the redirect. Default: undef. + +``` puppet +apache::vhost { 'site.name.fdqn': + … + redirect_status => ['temp','permanent'], +} +``` + +##### `redirectmatch_regexp` & `redirectmatch_status` & `redirectmatch_dest` + +Determines which server status should be raised for a given regular expression and where to forward the user to. Entered as arrays. Default: undef. + +``` puppet +apache::vhost { 'site.name.fdqn': + … + redirectmatch_status => ['404','404'], + redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'], + redirectmatch_dest => ['http://www.example.com/1','http://www.example.com/2'], +} +``` + +##### `request_headers` + +Modifies collected [request headers](https://httpd.apache.org/docs/current/mod/mod_headers.html#requestheader) in various ways, including adding additional request headers, removing request headers, etc. Default: undef. + +``` puppet +apache::vhost { 'site.name.fdqn': + … + request_headers => [ + 'append MirrorID "mirror 12"', + 'unset MirrorID', + ], +} +``` +##### `rewrites` + +Creates URL rewrite rules. Expects an array of hashes, and the hash keys can be any of 'comment', 'rewrite_base', 'rewrite_cond', 'rewrite_rule' or 'rewrite_map'. Default: undef. + +For example, you can specify that anyone trying to access index.html is served welcome.html + +``` puppet +apache::vhost { 'site.name.fdqn': + … + rewrites => [ { rewrite_rule => ['^index\.html$ welcome.html'] } ] +} +``` + +The parameter allows rewrite conditions that, when true, execute the associated rule. For instance, if you wanted to rewrite URLs only if the visitor is using IE + +``` puppet +apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'redirect IE', + rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, + ], +} +``` + +You can also apply multiple conditions. For instance, rewrite index.html to welcome.html only when the browser is Lynx or Mozilla (version 1 or 2) + +``` puppet +apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'Lynx or Mozilla v1/2', + rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, + ], +} +``` + +Multiple rewrites and conditions are also possible + +``` puppet +apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'Lynx or Mozilla v1/2', + rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, + { + comment => 'Internet Explorer', + rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], + rewrite_rule => ['^index\.html$ /index.IE.html [L]'], + }, + { + rewrite_base => /apps/, + rewrite_rule => ['^index\.cgi$ index.php', '^index\.html$ index.php', '^index\.asp$ index.html'], + }, + { comment => 'Rewrite to lower case', + rewrite_cond => ['%{REQUEST_URI} [A-Z]'], + rewrite_map => ['lc int:tolower'], + rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'], + }, + ], +} +``` + +Refer to the [`mod_rewrite` documentation][`mod_rewrite`] for more details on what is possible with rewrite rules and conditions. + +##### `scriptalias` + +Defines a directory of CGI scripts to be aliased to the path '/cgi-bin', such as '/usr/scripts'. Default: undef. + +##### `scriptaliases` + +> **Note**: This parameter is deprecated in favor of the `aliases` parameter. + +Passes an array of hashes to the virtual host to create either ScriptAlias or ScriptAliasMatch statements per the [`mod_alias` documentation][`mod_alias`]. + +``` puppet +scriptaliases => [ + { + alias => '/myscript', + path => '/usr/share/myscript', + }, + { + aliasmatch => '^/foo(.*)', + path => '/usr/share/fooscripts$1', + }, + { + aliasmatch => '^/bar/(.*)', + path => '/usr/share/bar/wrapper.sh/$1', + }, + { + alias => '/neatscript', + path => '/usr/share/neatscript', + }, +] +``` + +The ScriptAlias and ScriptAliasMatch directives are created in the order specified. As with [Alias and AliasMatch](#aliases) directives, specify more specific aliases before more general ones to avoid shadowing. + +##### `serveradmin` + +Specifies the email address Apache displays when it renders one of its error pages. Default: undef. + +##### `serveraliases` + +Sets the [ServerAliases](https://httpd.apache.org/docs/current/mod/core.html#serveralias) of the site. Default: '[]'. + +##### `servername` + +Sets the servername corresponding to the hostname you connect to the virtual host at. Default: the title of the resource. + +##### `setenv` + +Used by HTTPD to set environment variables for virtual hosts. Default: '[]'. + +Example: + +``` puppet +apache::vhost { 'setenv.example.com': + setenv => ['SPECIAL_PATH /foo/bin'], +} +``` + +##### `setenvif` + +Used by HTTPD to conditionally set environment variables for virtual hosts. Default: '[]'. + +##### `suphp_addhandler`, `suphp_configpath`, & `suphp_engine` + +Sets up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG). + +* `suphp_addhandler`. Default: 'php5-script' on RedHat and FreeBSD, and 'x-httpd-php' on Debian and Gentoo. +* `suphp_configpath`. Default: undef on RedHat and FreeBSD, and '/etc/php5/apache2' on Debian and Gentoo. +* `suphp_engine`. Valid options: 'on' or 'off'. Default: 'off'. + +An example virtual host configuration with suPHP: + +``` puppet +apache::vhost { 'suphp.example.com': + port => '80', + docroot => '/home/appuser/myphpapp', + suphp_addhandler => 'x-httpd-php', + suphp_engine => 'on', + suphp_configpath => '/etc/php5/apache2', + directories => { path => '/home/appuser/myphpapp', + 'suphp' => { user => 'myappuser', group => 'myappgroup' }, + } +} +``` + +##### `vhost_name` + +Enables name-based virtual hosting. If no IP is passed to the virtual host, but the virtual host is assigned a port, then the virtual host name is 'vhost_name:port'. If the virtual host has no assigned IP or port, the virtual host name is set to the title of the resource. Default: '*'. + +##### `virtual_docroot` + +Sets up a virtual host with a wildcard alias subdomain mapped to a directory with the same name. For example, 'http://example.com' would map to '/var/www/example.com'. Default: false. + +``` puppet +apache::vhost { 'subdomain.loc': + vhost_name => '*', + port => '80', + virtual_docroot => '/var/www/%-2+', + docroot => '/var/www', + serveraliases => ['*.loc',], +} +``` + +##### `wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, `wsgi_script_aliases`, & `wsgi_pass_authorization` + +Sets up a virtual host with [WSGI](https://github.com/GrahamDumpleton/mod_wsgi). + +* `wsgi_daemon_process`: A hash that sets the name of the WSGI daemon, accepting [certain keys](http://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIDaemonProcess.html). Default: undef. +* `wsgi_daemon_process_options`. _Optional._ Default: undef. +* `wsgi_process_group`: Sets the group ID that the virtual host runs under. Default: undef. +* `wsgi_script_aliases`: Requires a hash of web paths to filesystem .wsgi paths. Default: undef. +* `wsgi_pass_authorization`: Uses the WSGI application to handle authorization instead of Apache when set to 'On'. For more information, see [mod_wsgi's WSGIPassAuthorization documentation] (https://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIPassAuthorization.html). Default: undef, leading Apache to use its default value of 'Off'. +* `wsgi_chunked_request`: Enables support for chunked requests. Default: undef. + +An example virtual host configuration with WSGI: + +``` puppet +apache::vhost { 'wsgi.example.com': + port => '80', + docroot => '/var/www/pythonapp', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => + { processes => '2', + threads => '15', + display-name => '%{GROUP}', + }, + wsgi_process_group => 'wsgi', + wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, + wsgi_chunked_request => 'On', +} +``` + +#### Parameter `directories` for `apache::vhost` + +The `directories` parameter within the `apache::vhost` class passes an array of hashes to the virtual host to create [Directory](https://httpd.apache.org/docs/current/mod/core.html#directory), [File](https://httpd.apache.org/docs/current/mod/core.html#files), and [Location](https://httpd.apache.org/docs/current/mod/core.html#location) directive blocks. These blocks take the form, '< Directory /path/to/directory>...< /Directory>'. + +The `path` key sets the path for the directory, files, and location blocks. Its value must be a path for the 'directory', 'files', and 'location' providers, or a regex for the 'directorymatch', 'filesmatch', or 'locationmatch' providers. Each hash passed to `directories` **must** contain `path` as one of the keys. + +The `provider` key is optional. If missing, this key defaults to 'directory'. Valid options: 'directory', 'files', 'proxy', 'location', 'directorymatch', 'filesmatch', 'proxymatch' or 'locationmatch'. If you set `provider` to 'directorymatch', it uses the keyword 'DirectoryMatch' in the Apache config file. + +An example use of `directories`: + +``` puppet +apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { 'path' => '/var/www/files', + 'provider' => 'files', + 'deny' => 'from all', + }, + ], +} +``` + +> **Note:** At least one directory should match the `docroot` parameter. After you start declaring directories, `apache::vhost` assumes that all required Directory blocks will be declared. If not defined, a single default Directory block is created that matches the `docroot` parameter. + +Available handlers, represented as keys, should be placed within the `directory`, `files`, or `location` hashes. This looks like + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ { path => '/path/to/directory', handler => value } ], +} +``` + +Any handlers you do not set in these hashes are considered 'undefined' within Puppet and are not added to the virtual host, resulting in the module using their default values. Supported handlers are: + +###### `addhandlers` + +Sets [AddHandler](https://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler) directives, which map filename extensions to the specified handler. Accepts a list of hashes, with `extensions` serving to list the extensions being managed by the handler, and takes the form: `{ handler => 'handler-name', extensions => ['extension'] }`. + +An example: + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + addhandlers => [{ handler => 'cgi-script', extensions => ['.cgi']}], + }, + ], +} +``` + +###### `allow` + +Sets an [Allow](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + allow => 'from example.org', + }, + ], +} +``` + +###### `allow_override` + +Sets the types of directives allowed in [.htaccess](https://httpd.apache.org/docs/current/mod/core.html#allowoverride) files. Accepts an array. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + allow_override => ['AuthConfig', 'Indexes'], + }, + ], +} +``` + +###### `auth_basic_authoritative` + +Sets the value for [AuthBasicAuthoritative](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicauthoritative), which determines whether authorization and authentication are passed to lower level Apache modules. + +###### `auth_basic_fake` + +Sets the value for [AuthBasicFake](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicfake), which statically configures authorization credentials for a given directive block. + +###### `auth_basic_provider` + +Sets the value for [AuthBasicProvider](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicprovider), which sets the authentication provider for a given location. + +###### `auth_digest_algorithm` + +Sets the value for [AuthDigestAlgorithm](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestalgorithm), which selects the algorithm used to calculate the challenge and response hashes. + +###### `auth_digest_domain` + +Sets the value for [AuthDigestDomain](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestdomain), which allows you to specify one or more URIs in the same protection space for digest authentication. + +###### `auth_digest_nonce_lifetime` + +Sets the value for [AuthDigestNonceLifetime](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestnoncelifetime), which controls how long the server nonce is valid. + +###### `auth_digest_provider` + +Sets the value for [AuthDigestProvider](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestprovider), which sets the authentication provider for a given location. + +###### `auth_digest_qop` + +Sets the value for [AuthDigestQop](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestqop), which determines the quality-of-protection to use in digest authentication. + +###### `auth_digest_shmem_size` + +Sets the value for [AuthAuthDigestShmemSize](https://httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestshmemsize), which defines the amount of shared memory allocated to the server for keeping track of clients. + +###### `auth_group_file` + +Sets the value for [AuthGroupFile](https://httpd.apache.org/docs/current/mod/mod_authz_groupfile.html#authgroupfile), which sets the name of the text file containing the list of user groups for authorization. + +###### `auth_name` + +Sets the value for [AuthName](https://httpd.apache.org/docs/current/mod/mod_authn_core.html#authname), which sets the name of the authorization realm. + +###### `auth_require` + +Sets the entity name you're requiring to allow access. Read more about [Require](https://httpd.apache.org/docs/current/mod/mod_authz_host.html#requiredirectives). + +###### `auth_type` + +Sets the value for [AuthType](https://httpd.apache.org/docs/current/mod/mod_authn_core.html#authtype), which guides the type of user authentication. + +###### `auth_user_file` + +Sets the value for [AuthUserFile](https://httpd.apache.org/docs/current/mod/mod_authn_file.html#authuserfile), which sets the name of the text file containing the users/passwords for authentication. + +###### `custom_fragment` + +Pass a string of custom configuration directives to be placed at the end of the directory configuration. + +``` puppet +apache::vhost { 'monitor': + … + directories => [ + { + path => '/path/to/directory', + custom_fragment => ' + + SetHandler balancer-manager + Order allow,deny + Allow from all + + + SetHandler server-status + Order allow,deny + Allow from all + +ProxyStatus On', + }, + ] +} +``` + +###### `deny` + +Sets a [Deny](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny) directive, specifying which hosts are denied access to the server. **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. You can use it as a single string for one rule or as an array for more than one. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + deny => 'from example.org', + }, + ], +} +``` + +###### `error_documents` + +An array of hashes used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for the directory. + +``` puppet +apache::vhost { 'sample.example.net': + directories => [ + { path => '/srv/www', + error_documents => [ + { 'error_code' => '503', + 'document' => '/service-unavail', + }, + ], + }, + ], +} +``` + +###### `ext_filter_options` + +Sets the [ExtFilterOptions](https://httpd.apache.org/docs/current/mod/mod_ext_filter.html) directive. +Note that you must declare `class { 'apache::mod::ext_filter': }` before using this directive. + +``` puppet +apache::vhost { 'filter.example.org': + docroot => '/var/www/filter', + directories => [ + { path => '/var/www/filter', + ext_filter_options => 'LogStderr Onfail=abort', + }, + ], +} +``` + +###### `geoip_enable` + +Sets the [GeoIPEnable](http://dev.maxmind.com/geoip/legacy/mod_geoip2/#Configuration) directive. +Note that you must declare `class {'apache::mod::geoip': }` before using this directive. + +``` puppet +apache::vhost { 'first.example.com': + docroot => '/var/www/first', + directories => [ + { path => '/var/www/first', + geoip_enable => true, + }, + ], +} +``` + +###### `headers` + +Adds lines for [Header](https://httpd.apache.org/docs/current/mod/mod_headers.html#header) directives. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => { + path => '/path/to/directory', + headers => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', + }, +} +``` + +###### `index_options` + +Allows configuration settings for [directory indexing](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexoptions). + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + directoryindex => 'disabled', # this is needed on Apache 2.4 or mod_autoindex doesn't work + options => ['Indexes','FollowSymLinks','MultiViews'], + index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'], + }, + ], +} +``` + +###### `index_order_default` + +Sets the [default ordering](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexorderdefault) of the directory index. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + order => 'Allow,Deny', + index_order_default => ['Descending', 'Date'], + }, + ], +} +``` + +###### `index_style_sheet` + +Sets the [IndexStyleSheet](https://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexstylesheet), which adds a CSS stylesheet to the directory index. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + options => ['Indexes','FollowSymLinks','MultiViews'], + index_options => ['FancyIndexing'], + index_style_sheet => '/styles/style.css', + }, + ], +} +``` + +###### `mellon_enable` + +Sets the [MellonEnable][`mod_auth_mellon`] directory to enable [`mod_auth_mellon`][]. You can use [`apache::mod::auth_mellon`][] to install `mod_auth_mellon`. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/', + provider => 'directory', + mellon_enable => 'info', + mellon_sp_private_key_file => '/etc/certs/${::fqdn}.key, + mellon_endpoint_path => '/mellon', + mellon_set_env_no_prefix => { 'ADFS_GROUP' => 'http://schemas.xmlsoap.org/claims/Group', + 'ADFS_EMAIL' => 'http://schemas.xmlsoap.org/claims/EmailAddress', }, + mellon_user => 'ADFS_LOGIN', + }, + { path => '/protected', + provider => 'location', + mellon_enable => 'auth', + auth_type => 'Mellon', + auth_require => 'valid-user', + mellon_cond => ['ADFS_LOGIN userA [MAP]','ADFS_LOGIN userB [MAP]'], + }, + ] +} +``` + +Related parameters follow the names of `mod_auth_mellon` directives: + +- `mellon_cond`: Takes an array of mellon conditions that must be met to grant access, and creates a [MellonCond][`mod_auth_mellon`] directive for each item in the array. +- `mellon_endpoint_path`: Sets the [MellonEndpointPath][`mod_auth_mellon`] to set the mellon endpoint path. +- `mellon_idp_metadata_file`: Sets the [MellonIDPMetadataFile][`mod_auth_mellon`] location of the IDP metadata file. +- `mellon_saml_rsponse_dump`: Sets the [MellonSamlResponseDump][`mod_auth_mellon`] directive to enable debug of SAML. +- `mellon_set_env_no_prefix`: Sets the [MellonSetEnvNoPrefix][`mod_auth_mellon`] directive to a hash of attribute names to map +to environment variables. +- `mellon_sp_private_key_file`: Sets the [MellonSPPrivateKeyFile][`mod_auth_mellon`] directive for the private key location of the service provider. +- `mellon_sp_cert_file`: Sets the [MellonSPCertFile][`mod_auth_mellon`] directive for the public key location of the service provider. +- `mellon_user`: Sets the [MellonUser][`mod_auth_mellon`] attribute to use for the username. + +###### `options` + +Lists the [Options](https://httpd.apache.org/docs/current/mod/core.html#options) for the given Directory block. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + options => ['Indexes','FollowSymLinks','MultiViews'], + }, + ], +} +``` + +###### `order` + +Sets the order of processing Allow and Deny statements as per [Apache core documentation](https://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order). **Deprecated:** This parameter is being deprecated due to a change in Apache. It only works with Apache 2.2 and lower. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + order => 'Allow,Deny', + }, + ], +} +``` + +###### `passenger_enabled` + +Sets the value for the [PassengerEnabled](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled) directive to 'on' or 'off'. Requires `apache::mod::passenger` to be included. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + passenger_enabled => 'on', + }, + ], +} +``` + +> **Note:** There is an [issue](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) using the PassengerEnabled directive with the PassengerHighPerformance directive. + +###### `php_value` and `php_flag` + +`php_value` sets the value of the directory, and `php_flag` uses a boolean to configure the directory. Further information can be found [here](http://php.net/manual/en/configuration.changes.php). + +###### `php_admin_value` and `php_admin_flag` + +`php_admin_value` sets the value of the directory, and `php_admin_flag` uses a boolean to configure the directory. Further information can be found [here](http://php.net/manual/en/configuration.changes.php). + + +###### `require` + + +Sets a `Require` directive as per the [Apache Authz documentation](https://httpd.apache.org/docs/current/mod/mod_authz_core.html#require). If no `require` is set, it will default to `Require all granted`. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + require => 'IP 10.17.42.23', + } + ], +} +``` + +If `require` is set to `unmanaged` it will not be set at all. This is useful for complex authentication/authorization requirements which are handled in a custom fragment. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + require => 'unmanaged', + } + ], +} +``` + +###### `satisfy` + +Sets a `Satisfy` directive per the [Apache Core documentation](https://httpd.apache.org/docs/2.2/mod/core.html#satisfy). **Deprecated:** This parameter is deprecated due to a change in Apache and only works with Apache 2.2 and lower. + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + satisfy => 'Any', + } + ], +} +``` + +###### `sethandler` + +Sets a `SetHandler` directive per the [Apache Core documentation](https://httpd.apache.org/docs/2.2/mod/core.html#sethandler). + +``` puppet +apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + sethandler => 'None', + } + ], +} +``` + +###### `set_output_filter` + +Sets a `SetOutputFilter` directive per the [Apache Core documentation](https://httpd.apache.org/docs/current/mod/core.html#setoutputfilter). + +``` puppet +apache::vhost{ 'filter.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + set_output_filter => puppetdb-strip-resource-params, + }, + ], +} +``` + +###### `rewrites` + +Creates URL [`rewrites`](#rewrites) rules in virtual host directories. Expects an array of hashes, and the hash keys can be any of 'comment', 'rewrite_base', 'rewrite_cond', or 'rewrite_rule'. + +``` puppet +apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + rewrites => [ { comment => 'Permalink Rewrites', + rewrite_base => '/' + }, + { rewrite_rule => [ '^index\.php$ - [L]' ] + }, + { rewrite_cond => [ '%{REQUEST_FILENAME} !-f', + '%{REQUEST_FILENAME} !-d', + ], + rewrite_rule => [ '. /index.php [L]' ], + } + ], + }, + ], +} +``` + +> **Note**: If you include rewrites in your directories, also include `apache::mod::rewrite` and consider setting the rewrites using the `rewrites` parameter in `apache::vhost` rather than setting the rewrites in the virtual host's directories. + +###### `shib_request_setting` + +Allows a valid content setting to be set or altered for the application request. This command takes two parameters: the name of the content setting, and the value to set it to. Check the Shibboleth [content setting documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPContentSettings) for valid settings. This key is disabled if `apache::mod::shib` is not defined. Check the [`mod_shib` documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig#NativeSPApacheConfig-Server/VirtualHostOptions) for more details. + +``` puppet +apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + shib_request_settings => { 'requiresession' => 'On' }, + shib_use_headers => 'On', + }, + ], +} +``` + +###### `shib_use_headers` + +When set to 'On', this turns on the use of request headers to publish attributes to applications. Valid options for this key is 'On' or 'Off', and the default value is 'Off'. This key is disabled if `apache::mod::shib` is not defined. Check the [`mod_shib` documentation](https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig#NativeSPApacheConfig-Server/VirtualHostOptions) for more details. + +###### `ssl_options` + +String or list of [SSLOptions](https://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions), which configure SSL engine run-time options. This handler takes precedence over SSLOptions set in the parent block of the virtual host. + +``` puppet +apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + ssl_options => '+ExportCertData', + }, + { path => '/path/to/different/dir', + ssl_options => [ '-StdEnvVars', '+ExportCertData'], + }, + ], +} +``` + +###### `suphp` + +A hash containing the 'user' and 'group' keys for the [suPHP_UserGroup](http://www.suphp.org/DocumentationView.html?file=apache/CONFIG) setting. It must be used with `suphp_engine => on` in the virtual host declaration, and can only be passed within `directories`. + +``` puppet +apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + suphp => { + user => 'myappuser', + group => 'myappgroup', + }, + }, + ], +} +``` + +#### SSL parameters for `apache::vhost` + +All of the SSL parameters for `::vhost` default to whatever is set in the base `apache` class. Use the below parameters to tweak individual SSL settings for specific virtual hosts. + +##### `ssl` + +Enables SSL for the virtual host. SSL virtual hosts only respond to HTTPS queries. Valid options: Boolean. Default: false. + +##### `ssl_ca` + +Specifies the SSL certificate authority. Default: undef. + +##### `ssl_cert` + +Specifies the SSL certification. Defaults are based on your OS: '/etc/pki/tls/certs/localhost.crt' for RedHat, '/etc/ssl/certs/ssl-cert-snakeoil.pem' for Debian, '/usr/local/etc/apache22/server.crt' for FreeBSD, and '/etc/ssl/apache2/server.crt' on Gentoo. + +##### `ssl_protocol` + +Specifies [SSLProtocol](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslprotocol). Expects an array or space separated string of accepted protocols. Defaults: 'all', '-SSLv2', '-SSLv3'. + +##### `ssl_cipher` + +Specifies [SSLCipherSuite](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslciphersuite). Default: 'HIGH:MEDIUM:!aNULL:!MD5'. + +##### `ssl_honorcipherorder` + +Sets [SSLHonorCipherOrder](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslhonorcipherorder), which is used to prefer the server's cipher preference order. Default: 'On' in the base `apache` config. + +##### `ssl_certs_dir` + +Specifies the location of the SSL certification directory. Default: Depends on the operating system. + +- **Debian:** '/etc/ssl/certs' +- **Red Hat:** '/etc/pki/tls/certs' +- **FreeBSD:** '/usr/local/etc/apache22' +- **Gentoo:** '/etc/ssl/apache2' + +##### `ssl_chain` + +Specifies the SSL chain. Default: undef. This default works out of the box, but it must be updated in the base `apache` class with your specific certificate information before being used in production. + +##### `ssl_crl` + +Specifies the certificate revocation list to use. Default: undef. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) + +##### `ssl_crl_path` + +Specifies the location of the certificate revocation list. Default: undef. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) + +##### `ssl_crl_check` + +Sets the certificate revocation check level via the [SSLCARevocationCheck directive](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcarevocationcheck). Default: undef. This default works out of the box but must be specified when using CRLs in production. Only applicable to Apache 2.4 or higher; the value is ignored on older versions. + +##### `ssl_key` + +Specifies the SSL key. Defaults are based on your operating system: '/etc/pki/tls/private/localhost.key' for RedHat, '/etc/ssl/private/ssl-cert-snakeoil.key' for Debian, '/usr/local/etc/apache22/server.key' for FreeBSD, and '/etc/ssl/apache2/server.key' on Gentoo. (This default works out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) + +##### `ssl_verify_client` + +Sets the [SSLVerifyClient](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifyclient) directive, which sets the certificate verification level for client authentication. Valid options are: 'none', 'optional', 'require', and 'optional_no_ca'. Default: undef. + +``` puppet +apache::vhost { 'sample.example.net': + … + ssl_verify_client => 'optional', +} +``` + +##### `ssl_verify_depth` + +Sets the [SSLVerifyDepth](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifydepth) directive, which specifies the maximum depth of CA certificates in client certificate verification. Default: undef. + +``` puppet +apache::vhost { 'sample.example.net': + … + ssl_verify_depth => 1, +} +``` + +##### `ssl_proxy_verify` + +Sets the [SSLProxyVerify](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyverify) directive, which configures certificate verification of the remote server when a proxy is configured to forward requests to a remote SSL server. Default: undef. + +##### `ssl_proxy_machine_cert` + +Sets the [SSLProxyMachineCertificateFile](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxymachinecertificatefile) directive, which specifies an all-in-one file where you keep the certs and keys used for this server to authenticate itself to remote servers. This file should be a concatenation of the PEM-encoded certificate files in order of preference. Default: undef. + +``` puppet +apache::vhost { 'sample.example.net': + … + ssl_proxy_machine_cert => '/etc/httpd/ssl/client_certificate.pem', +} +``` + +##### `ssl_proxy_check_peer_cn` + +Sets the [SSLProxyMachinePeerCN](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxycheckpeercn) directive, which specifies whether the remote server certificate's CN field is compared against the hostname of the request URL. Valid options: 'on', 'off'. Default: undef. + +##### `ssl_proxy_check_peer_name` + +Sets the [SSLProxyMachinePeerName](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxycheckpeername) directive, which specifies whether the remote server certificate's CN field is compared against the hostname of the request URL. Valid options: 'on', 'off'. Default: undef. + +##### `ssl_options` + +Sets the [SSLOptions](https://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions) directive, which configures various SSL engine run-time options. This is the global setting for the given virtual host and can be a string or an array. Default: undef. + +A string: + +``` puppet +apache::vhost { 'sample.example.net': + … + ssl_options => '+ExportCertData', +} +``` + +An array: + +``` puppet +apache::vhost { 'sample.example.net': + … + ssl_options => [ '+StrictRequire', '+ExportCertData' ], +} +``` + +##### `ssl_openssl_conf_cmd` + +Sets the [SSLOpenSSLConfCmd](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslopensslconfcmd) directive, which provides direct configuration of OpenSSL parameters. Default: undef. + +##### `ssl_proxyengine` + +Specifies whether or not to use [SSLProxyEngine](https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyengine). Valid options: Boolean. Default: true. + +#### Defined type: FastCGI Server + +This type is intended for use with mod_fastcgi. It allows you to define one or more external FastCGI servers to handle specific file types. + +** Note ** If using Ubuntu 10.04+, you'll need to manually enable the multiverse repository. + +Ex: + +``` puppet +apache::fastcgi::server { 'php': + host => '127.0.0.1:9000', + timeout => 15, + flush => false, + faux_path => '/var/www/php.fcgi', + fcgi_alias => '/php.fcgi', + file_type => 'application/x-httpd-php' +} +``` + +Within your virtual host, you can then configure the specified file type to be handled by the fastcgi server specified above. + +``` puppet +apache::vhost { 'www': + ... + custom_fragment => 'AddType application/x-httpd-php .php' + ... +} +``` + +##### `host` + +The hostname or IP address and TCP port number (1-65535) of the FastCGI server. + +##### `timeout` + +The number of seconds of FastCGI application inactivity allowed before the request is aborted and the event is logged (at the error LogLevel). The inactivity timer applies only as long as a connection is pending with the FastCGI application. If a request is queued to an application, but the application doesn't respond (by writing and flushing) within this period, the request is aborted. If communication is complete with the application but incomplete with the client (the response is buffered), the timeout does not apply. + +##### `flush` + +Force a write to the client as data is received from the application. By default, mod_fastcgi buffers data in order to free the application as quickly as possible. + +##### `faux_path` + +`faux_path` does not have to exist in the local filesystem. URIs that Apache resolves to this filename are handled by this external FastCGI application. + +##### `alias` + +A unique alias. This is used internally to link the action with the FastCGI server. + +##### `file_type` + +The MIME-type of the file to be processed by the FastCGI server. + +#### Defined type: `apache::vhost::custom` + +The `apache::vhost::custom` defined type is a thin wrapper around the `apache::custom_config` defined type, and simply overrides some of its default settings specifc to the virtual host directory in Apache. + +**Parameters within `apache::vhost::custom`**: + +##### `content` + +Sets the configuration file's content. + +##### `ensure` + +Specifies if the virtual host file is present or absent. Valid options: 'absent', 'present'. Default: 'present'. + +##### `priority` + +Sets the relative load order for Apache HTTPD VirtualHost configuration files. Default: '25'. + +### Private defined types + +#### Defined type: `apache::peruser::multiplexer` + +This defined type checks if an Apache module has a class. If it does, it includes that class. If it does not, it passes the module name to the [`apache::mod`][] defined type. + +#### Defined type: `apache::peruser::multiplexer` + +Enables the [`Peruser`][] module for FreeBSD only. + +#### Defined type: `apache::peruser::processor` + +Enables the [`Peruser`][] module for FreeBSD only. + +#### Defined type: `apache::security::file_link` + +Links the `activated_rules` from [`apache::mod::security`][] to the respective CRS rules on disk. + +### Templates + +The Apache module relies heavily on templates to enable the [`apache::vhost`][] and [`apache::mod`][] defined types. These templates are built based on [Facter][] facts specific to your operating system. Unless explicitly called out, most templates are not meant for configuration. + +## Limitations + +### Ubuntu 10.04 + +The [`apache::vhost::WSGIImportScript`][] parameter creates a statement inside the virtual host that is unsupported on older versions of Apache, causing it to fail. This will be remedied in a future refactoring. + +### RHEL/CentOS 5 + +The [`apache::mod::passenger`][] and [`apache::mod::proxy_html`][] classes are untested since repositories are missing compatible packages. + +### RHEL/CentOS 6 + +The [`apache::mod::passenger`][] class is not installing as the the EL6 repository is missing compatible packages. + +### RHEL/CentOS 7 + +The [`apache::mod::passenger`][] class is untested as the EL7 repository is missing compatible packages, which also blocks us from testing the [`apache::vhost`][] defined type's [`rack_base_uris`][] parameter. + +### General + +This module is CI tested against both [open source Puppet][] and [Puppet Enterprise][] on: + +- CentOS 5 and 6 +- Ubuntu 12.04 and 14.04 +- Debian 7 +- RHEL 5, 6, and 7 + +This module also provides functions for other distributions and operating systems, such as FreeBSD, Gentoo, and Amazon Linux, but is not formally tested on them and are subject to regressions. + +### SELinux and custom paths + +If [SELinux][] is in [enforcing mode][] and you want to use custom paths for `logroot`, `mod_dir`, `vhost_dir`, and `docroot`, you need to manage the files' context yourself. + +You can do this with Puppet: + +``` puppet +exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/custom/path(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package['policycoreutils-python'], +} + +package { 'policycoreutils-python': + ensure => installed, +} + +exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Class['Apache::Service'], + require => Class['apache'], +} + +class { 'apache': } + +host { 'test.server': + ip => '127.0.0.1', +} + +file { '/custom/path': + ensure => directory, +} + +file { '/custom/path/include': + ensure => present, + content => '#additional_includes', +} + +apache::vhost { 'test.server': + docroot => '/custom/path', + additional_includes => '/custom/path/include', +} +``` + +You need to set the contexts using `semanage fcontext` instead of `chcon` because Puppet's `file` resources reset the values' context in the database if the resource doesn't specify it. + +### FreeBSD + +In order to use this module on FreeBSD, you _must_ use apache24-2.4.12 (www/apache24) or newer. + +## Development + +### Contributing + +[Puppet Labs][] modules on the [Puppet Forge][] are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. + +We want to make it as easy as possible to contribute changes so our modules work in your environment, but we also need contributors to follow a few guidelines to help us maintain and improve the modules' quality. + +For more information, please read the complete [module contribution guide][]. + +### Running tests + +This project contains tests for both [rspec-puppet][] and [beaker-rspec][] to verify functionality. For detailed information on using these tools, please see their respective documentation. + +#### Testing quickstart: Ruby > 1.8.7 + +``` +gem install bundler +bundle install +bundle exec rake spec +bundle exec rspec spec/acceptance +RS_DEBUG=yes bundle exec rspec spec/acceptance +``` + +#### Testing quickstart: Ruby = 1.8.7 + +``` +gem install bundler +bundle install --without system_tests +bundle exec rake spec +``` diff --git a/modules/services/unix/http/apache/module/apache/Rakefile b/modules/services/unix/http/apache/module/apache/Rakefile new file mode 100644 index 000000000..416807dad --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/Rakefile @@ -0,0 +1,11 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.send('relative') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.send('disable_only_variable_string') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/modules/services/unix/http/apache/module/apache/checksums.json b/modules/services/unix/http/apache/module/apache/checksums.json new file mode 100644 index 000000000..e8c716b81 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/checksums.json @@ -0,0 +1,310 @@ +{ + "CHANGELOG.md": "b430057266b6271f5fb6d43d655b8039", + "CONTRIBUTING.md": "e2b8e8e433fc76b3798b7fe435f49375", + "Gemfile": "e6e6eb07f0bfc9bb1e328895ca49b3f5", + "LICENSE": "b3f8a01d8699078d82e8c3c992307517", + "README.md": "0c47aec304ff374bceed885f7a7cb164", + "Rakefile": "ed3db0e49f5fcb381a19542c08ec473f", + "examples/apache.pp": "819cf9116ffd349e6757e1926d11ca2f", + "examples/dev.pp": "9f5727f69f536538f8d840fad0852308", + "examples/init.pp": "4eac4a7ef68499854c54a78879e25535", + "examples/mod_load_params.pp": "5981af4d625a906fce1cedeb3f70cb90", + "examples/mods.pp": "0085911ba562b7e56ad8d793099c9240", + "examples/mods_custom.pp": "9afd068edce0538b5c55a3bc19f9c24a", + "examples/php.pp": "60e7939034d531dd6b95af35338bcbe7", + "examples/vhost.pp": "bd91438534d12511b01f31fe8d10cd35", + "examples/vhost_directories.pp": "b4e6b5a596e5bae122233652b9a33e32", + "examples/vhost_filter.pp": "cd8ec7303f3bb508c88a473c43d31f0a", + "examples/vhost_ip_based.pp": "7d9f7b6976de7488ab6ff0a6e647fc73", + "examples/vhost_proxypass.pp": "59b87f88943aa809578288e26b41aade", + "examples/vhost_ssl.pp": "9f3716bc15a9a6760f1d6cc3bf8ce8ac", + "examples/vhosts_without_listen.pp": "a6692104056a56517b4365bcc816e7f4", + "files/httpd": "295f5e924afe6f752d29327e73fe6d0a", + "lib/puppet/parser/functions/bool2httpd.rb": "05d5deeb6e0c31acee7c55b249ec8e06", + "lib/puppet/parser/functions/enclose_ipv6.rb": "581bc163291824909d1700909db96512", + "lib/puppet/parser/functions/validate_apache_log_level.rb": "d75bc4ef17ff5c9a1f94dd3948e733d1", + "lib/puppet/provider/a2mod/a2mod.rb": "d986d8e8373f3f31c97359381c180628", + "lib/puppet/provider/a2mod/gentoo.rb": "2492d446adbb68f678e86a75eb7ff3bd", + "lib/puppet/provider/a2mod/modfix.rb": "b689a1c83c9ccd8590399c67f3e588e5", + "lib/puppet/provider/a2mod/redhat.rb": "c39b80e75e7d0666def31c2a6cdedb0b", + "lib/puppet/provider/a2mod.rb": "03ed73d680787dd126ea37a03be0b236", + "lib/puppet/type/a2mod.rb": "9042ccc045bfeecca28bebb834114f05", + "manifests/balancer.pp": "5c20fa17545bd49375ee6687deb6b6fd", + "manifests/balancermember.pp": "8f44f65124330b7e9b49a7100f86fe6d", + "manifests/confd/no_accf.pp": "406d0ca41c3b90f83740ca218dc3f484", + "manifests/custom_config.pp": "9c27b865b50e815352acbc286cd255fd", + "manifests/default_confd_files.pp": "86fdbe5773abb7c2da26db096973865c", + "manifests/default_mods/load.pp": "bc0b3b65edd1ba6178c09672352f9bce", + "manifests/default_mods.pp": "f6f6ecfaaca79a7eec50335daa9eaf40", + "manifests/dev.pp": "9285af7f4e3b343a8695af3897dfdb07", + "manifests/fastcgi/server.pp": "47549cf3028f78281bcbee5d8492c8ea", + "manifests/init.pp": "9bc0834ae827f8bdb62192926adda0d9", + "manifests/listen.pp": "f7e224cba3b8021f90511af4f43d8b1f", + "manifests/mod/actions.pp": "ec2a5d1cf54790204750f9b67938d230", + "manifests/mod/alias.pp": "b920887e67857a09252c10e30949c85c", + "manifests/mod/auth_basic.pp": "dffef6ff10145393cb78fcaa27220c53", + "manifests/mod/auth_cas.pp": "a20c718cc3ffab32f7c72f42160a5602", + "manifests/mod/auth_kerb.pp": "08d536cb13281db3b9ed9a966ad431fd", + "manifests/mod/auth_mellon.pp": "85e7085a44b3039e4a2c7b463ca8bdb2", + "manifests/mod/authn_core.pp": "4db773ddbc0d875230085782d4521951", + "manifests/mod/authn_file.pp": "eeb11513490beee901574746faaeabdf", + "manifests/mod/authnz_ldap.pp": "e3f91908be35306a488b44c55608b2a0", + "manifests/mod/authz_default.pp": "b7c94cfa4e008155fffd241d35834064", + "manifests/mod/authz_user.pp": "d446c90c44304594206bd2a0112be625", + "manifests/mod/autoindex.pp": "05112ccb06dc218f9a7b937767a6ea2d", + "manifests/mod/cache.pp": "b56d68b9401ba3e02a1f2fe55cdfbcca", + "manifests/mod/cgi.pp": "558a0350d1e8634a706543e0c6e28687", + "manifests/mod/cgid.pp": "f9cea0ad9269bf134637c7c667469842", + "manifests/mod/dav.pp": "9df80d36dd609be9032a8260aa9d10c1", + "manifests/mod/dav_fs.pp": "4528673b6e8d0af6935d9d630028b9f0", + "manifests/mod/dav_svn.pp": "f021fe8048deaa06759cd0b96b450363", + "manifests/mod/deflate.pp": "324c867212f6d9e4593cc4aba392f590", + "manifests/mod/dev.pp": "42673bab60b6fc0f3aa6e2357ec0a27c", + "manifests/mod/dir.pp": "8e577c570ba5e835c4f82232a1c01a4e", + "manifests/mod/disk_cache.pp": "e5b39902f6198d9e0851e551b7a5bf40", + "manifests/mod/event.pp": "d0d35e0fb01aa64c211cbc4afbda7c49", + "manifests/mod/expires.pp": "069783635a7a4f97af535cc149da6589", + "manifests/mod/ext_filter.pp": "ba8f2bb429a0ed12880b80294430ae7e", + "manifests/mod/fastcgi.pp": "237ff6ebc17c35ee2e3c82d2e19cd442", + "manifests/mod/fcgid.pp": "1e57a267408ca82fc258a244299ee15f", + "manifests/mod/filter.pp": "b0039f3ae932b1204994ef2180dd76d2", + "manifests/mod/geoip.pp": "2a963d07231897e8d6928df6dc913676", + "manifests/mod/headers.pp": "ef3de538a0a4c9406236faf43eb89710", + "manifests/mod/include.pp": "a3b66eda88e38d90825c16b834bacd8d", + "manifests/mod/info.pp": "bad325232ff8038449dcafc11ff37ca1", + "manifests/mod/itk.pp": "d1039a503a112a1636659e474070e1f3", + "manifests/mod/ldap.pp": "5b1c9afe7b7048a479f780f57e2f8cd2", + "manifests/mod/mime.pp": "7177378907202b89c88b81f7783e791e", + "manifests/mod/mime_magic.pp": "481e016b74b0649bfdcbb32104a62054", + "manifests/mod/negotiation.pp": "6860ed514001b9f3f6945c78d250fd32", + "manifests/mod/nss.pp": "2ac2830eef417bcd5248dd7553d2fef6", + "manifests/mod/pagespeed.pp": "2638c14081f8065bc8940b8d47782cc3", + "manifests/mod/passenger.pp": "d094fc200d72c46ba11b583eda530a44", + "manifests/mod/perl.pp": "0bc488e1ac33e4e8987e0b07aa909682", + "manifests/mod/peruser.pp": "4bb5f57d14382016f8b7f086046ad8f1", + "manifests/mod/php.pp": "71812033b362bc749be00beaca5f3d5f", + "manifests/mod/prefork.pp": "2a32998b2ecea3a272c9a31631885d0b", + "manifests/mod/proxy.pp": "39e224390d43ffe082ff60fba2b97fc4", + "manifests/mod/proxy_ajp.pp": "073e2406aea7822750d4c21f02d8ac80", + "manifests/mod/proxy_balancer.pp": "6d16440ba6bed5427b331b6c6abf4063", + "manifests/mod/proxy_connect.pp": "574df18a67e478a3be903238ade3d334", + "manifests/mod/proxy_html.pp": "1a8ef7d17e65954aab303e3547e02f22", + "manifests/mod/proxy_http.pp": "0db1b26f8b4036b0d46ba86b7eaac561", + "manifests/mod/python.pp": "15f03d79e45737fdf0afca9665706b88", + "manifests/mod/remoteip.pp": "7fa5b92322df550f58421b24a53dbb01", + "manifests/mod/reqtimeout.pp": "aee3d869e6ca6eed18071c8d2aa97aff", + "manifests/mod/rewrite.pp": "292f2d6ce2078fa9df7f686105ea7b95", + "manifests/mod/rpaf.pp": "4844d717d6577aee8a788a7fbdc5e8dd", + "manifests/mod/security.pp": "10125c8c07389f75a4e5e22bf8c2e7aa", + "manifests/mod/setenvif.pp": "b2ae43541bf1df5374187339e50a081f", + "manifests/mod/shib.pp": "3e2d3b5bf864fd292fa30f7c98d449f6", + "manifests/mod/speling.pp": "fa89a82933d30d2ebfe11e3ad9966bd1", + "manifests/mod/ssl.pp": "3d733329e9f568f68229617cf806b0c1", + "manifests/mod/status.pp": "0b24de931fd8d54b2db0e3d16f0d0d8c", + "manifests/mod/suexec.pp": "2a8671856a0ece597e9b57867dc35e76", + "manifests/mod/suphp.pp": "6905059571fa21b7de957fd90540acff", + "manifests/mod/userdir.pp": "bbe716e8ff38815a51cc4eaaa0c1e4df", + "manifests/mod/version.pp": "6cb31057ebffa796f95642cc95f9499d", + "manifests/mod/vhost_alias.pp": "ee1225a748daaf50aca39a6d93fb8470", + "manifests/mod/worker.pp": "f6ec99efec5fcdf49bf22f98351884a5", + "manifests/mod/wsgi.pp": "0377fe287e51f4a396bd15b47f2628cc", + "manifests/mod/xsendfile.pp": "fba06f05a19c466654aca5ecaa705bf0", + "manifests/mod.pp": "aa769aad02f4af7cdfbbf9e356111a4d", + "manifests/mpm.pp": "a68ddf7dd7ba745c0497bd755d971a4f", + "manifests/namevirtualhost.pp": "67618d40112e4ddc1b46f64af2a5e875", + "manifests/package.pp": "90f8e969c4f920a1e898ae2f6420e438", + "manifests/params.pp": "920b932a31d65f05d71825fd0877461f", + "manifests/peruser/multiplexer.pp": "0ea75341b7a93e55bcfb431a93b1a6c9", + "manifests/peruser/processor.pp": "62f0ad5ed2ec36dadc7f40ad2a9e1bb9", + "manifests/php.pp": "9c9d07e12bf5d112b0b54f5bd69046fc", + "manifests/proxy.pp": "7c8515b88406922e148322ee15044b29", + "manifests/python.pp": "ddef4cd73850fdc2dc126d4579c30adf", + "manifests/security/rule_link.pp": "4635131018b0c5cd5f57ecea9f708b65", + "manifests/service.pp": "e0821dac17ef2bc00068ceae06bc17d9", + "manifests/ssl.pp": "173f3d6a7fd2b5f4100c4ff03d84e13b", + "manifests/version.pp": "bcc947740e4357cbdc9a1d54f44305c7", + "manifests/vhost/custom.pp": "cd51ccfa746809b18324a129d141ae39", + "manifests/vhost.pp": "f8af2035fdd86328cf9026962a12589c", + "metadata.json": "f3990d6a47bb183d80cb1bd86e063ba7", + "spec/acceptance/apache_parameters_spec.rb": "5b95e67d474cc8a132c45f6e91714037", + "spec/acceptance/apache_ssl_spec.rb": "d336538c230a6791746895e6624289c3", + "spec/acceptance/class_spec.rb": "4c66cb0d877d636db1c362fb71982ca6", + "spec/acceptance/custom_config_spec.rb": "61e03d814d0671d194dd40e6b1ad5c9b", + "spec/acceptance/default_mods_spec.rb": "371aae3d37d8cce04e60a4c2534532b1", + "spec/acceptance/itk_spec.rb": "812c855013c08ebb13e642dc5199b41a", + "spec/acceptance/mod_dav_svn_spec.rb": "c70f239472813adcd5710c9b60ebc24c", + "spec/acceptance/mod_deflate_spec.rb": "dd39bfb069e0233bf134caaeb1dc6fe6", + "spec/acceptance/mod_fcgid_spec.rb": "ef0e3368ea14247c05ff43217b5856ee", + "spec/acceptance/mod_mime_spec.rb": "0869792d98c1b2577f02d97c92f1765e", + "spec/acceptance/mod_negotiation_spec.rb": "017f6b0cc1496c25aa9b8a33ef8dbbb3", + "spec/acceptance/mod_pagespeed_spec.rb": "03a32f1018d01e8816f73f237c02cc08", + "spec/acceptance/mod_passenger_spec.rb": "82092218b8346033b3e0c74d88213c43", + "spec/acceptance/mod_php_spec.rb": "65d047d50bba4c17ab9dbdfa0dc4932b", + "spec/acceptance/mod_proxy_html_spec.rb": "3b34027b521dcd06ddffdba7da1cd25d", + "spec/acceptance/mod_security_spec.rb": "ea746c9837c1454a0c50005a989452c0", + "spec/acceptance/mod_suphp_spec.rb": "390a6bcb3cfd120a69c0c1f4fbb78b4f", + "spec/acceptance/nodesets/centos-70-x64.yml": "0ae796256280ca157abc98f7cb492ea4", + "spec/acceptance/nodesets/debian-607-x64.yml": "52f42f3b8fc507a5fc825977d62665a3", + "spec/acceptance/nodesets/debian-70rc1-x64.yml": "717aa92150ebe3fca718807c7c93126f", + "spec/acceptance/nodesets/debian-73-i386.yml": "40aeb7ceab29148bb98a1e2bd51aba86", + "spec/acceptance/nodesets/debian-73-x64.yml": "df78f357e1bd0f7f9818d552eeb35026", + "spec/acceptance/nodesets/debian-82-x64.yml": "05b593024541be6972914aa2e84678f6", + "spec/acceptance/nodesets/default.yml": "40a4f108ab83030fdfdcc230ecaaed9a", + "spec/acceptance/nodesets/fedora-18-x64.yml": "9c907e4416a5fd487ff30a672a6b1c9e", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", + "spec/acceptance/nodesets/ubuntu-server-1310-x64.yml": "9deb39279e104d765179b471c6ebb3a2", + "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", + "spec/acceptance/prefork_worker_spec.rb": "1570eefe61d667a1b43824adc0b2bb78", + "spec/acceptance/service_spec.rb": "341f157cb33fa48d5166d2274ad3bc65", + "spec/acceptance/version.rb": "5a739645e123c5d10351ec5de4e68921", + "spec/acceptance/vhost_spec.rb": "3a31e855eb237f6ad55415d711ef1bb2", + "spec/classes/apache_spec.rb": "53c6ab619681fe83e39b985e27d8b8c9", + "spec/classes/dev_spec.rb": "6bc9ff7cffb77aac52c5bd3acc157d2d", + "spec/classes/mod/alias_spec.rb": "cb7fa1744b0624ec6d04d6dba80bccda", + "spec/classes/mod/auth_cas_spec.rb": "34af1e2489fe7f805c760c40b2bc3f5b", + "spec/classes/mod/auth_kerb_spec.rb": "56066a4060352f76efdad26fe51b2e20", + "spec/classes/mod/auth_mellon_spec.rb": "7f2cfeb9221fc8eac02a2c18a9986bb0", + "spec/classes/mod/authnz_ldap_spec.rb": "ce2f5fb517d4cc760c913fe131b1550f", + "spec/classes/mod/dav_svn_spec.rb": "6cf5fbd5e73c455f0f5afa01561cc704", + "spec/classes/mod/deflate_spec.rb": "a5b6afd416cbad17f21d5c86c83c3485", + "spec/classes/mod/dev_spec.rb": "78d215d7ef3a8e2df3e8789eb75fc4ca", + "spec/classes/mod/dir_spec.rb": "555e4b21a18422034b8b16560a1034a1", + "spec/classes/mod/disk_cache.rb": "50f464d34fda0d1e07248b3f7ff0cfef", + "spec/classes/mod/event_spec.rb": "d8d0bd5dee8a4bf2dcd709326dfdd4e2", + "spec/classes/mod/expires_spec.rb": "a9ff97bcca20bb17102efd88ea0462e6", + "spec/classes/mod/ext_filter_spec.rb": "00ca122b3f697a73f57f81ad9c67de7d", + "spec/classes/mod/fastcgi_spec.rb": "76ac8328da6c2fe1e126d8dcdcdb5519", + "spec/classes/mod/fcgid_spec.rb": "5baa913ba69842771fab4b58c8677544", + "spec/classes/mod/info_spec.rb": "39a67732875c7e43bf1e45b3603d782c", + "spec/classes/mod/itk_spec.rb": "622f23a1346383846cbc98e38388034d", + "spec/classes/mod/ldap_spec.rb": "4c3546f9976ac25b63888fd62b136d5f", + "spec/classes/mod/mime_magic_spec.rb": "8291c37b89f9d50f58fa94ab9cbb1bfe", + "spec/classes/mod/mime_spec.rb": "5e527739b595f9b0638ce384648c3187", + "spec/classes/mod/negotiation_spec.rb": "f1b10fe931b96f72f5d0eaf86354fce9", + "spec/classes/mod/pagespeed_spec.rb": "afd7639e9acfaf1c22ba1149cf7dc763", + "spec/classes/mod/passenger_spec.rb": "d24e6c252592a50ef4eb15a2092481cb", + "spec/classes/mod/perl_spec.rb": "11fb2ae842e64d467ccf70813ef3de7d", + "spec/classes/mod/peruser_spec.rb": "c379ce85a997789856b12c27957bf994", + "spec/classes/mod/php_spec.rb": "4c02498c30a0f7fc77ef126288930acf", + "spec/classes/mod/prefork_spec.rb": "d82f0f25691ba019b912cd000dbb845f", + "spec/classes/mod/proxy_connect_spec.rb": "bc0d0d6328288cd91d84ac9de66e9019", + "spec/classes/mod/proxy_html_spec.rb": "893bfa8dba37e63a24229e28cc74d073", + "spec/classes/mod/python_spec.rb": "45736e6305ca541ba29f997b8e7dd0ef", + "spec/classes/mod/remoteip_spec.rb": "e8840c791f3561c6d466040b888551ed", + "spec/classes/mod/reqtimeout_spec.rb": "cee7de04531d3fb49d75f8f8a7c2b493", + "spec/classes/mod/rpaf_spec.rb": "1845e640c44f8daeeffb13b29a26da84", + "spec/classes/mod/security_spec.rb": "f5a8dcdd5057bc58fc4c2b5120428761", + "spec/classes/mod/shib_spec.rb": "f80ed9a256a9b8f9cb3beaba4b93e32b", + "spec/classes/mod/speling_spec.rb": "4727fbb92f074e0cf3911e6cffe3322f", + "spec/classes/mod/ssl_spec.rb": "ce2114982774840242ab652f5fa985c3", + "spec/classes/mod/status_spec.rb": "1c7520050c8bed47492acd51588be52d", + "spec/classes/mod/suphp_spec.rb": "0c4d625a64124e7c9c14ea2b68dc7ebe", + "spec/classes/mod/worker_spec.rb": "c326e36fbcfe9f0c59dc1db389a33926", + "spec/classes/mod/wsgi_spec.rb": "532da8779e878372ff29b51dfaefceea", + "spec/classes/params_spec.rb": "7bb6270f0338de41e1c34bd77cd844b7", + "spec/classes/service_spec.rb": "d23f6cd3eac018e368e0ba32cbf95f11", + "spec/defines/balancermember_spec.rb": "6071ddc9a56be6ecccfade6e233fb34b", + "spec/defines/custom_config_spec.rb": "a7e3392933cabc8ed6bb57deaebb36d9", + "spec/defines/fastcgi_server_spec.rb": "5798af8e6380d05f3ab38f4788b5c47c", + "spec/defines/mod_spec.rb": "a10e5b2570419737c03cd0f6347cc985", + "spec/defines/modsec_link_spec.rb": "3421b21f8234637dd1c32ebcf89e44c3", + "spec/defines/vhost_custom_spec.rb": "d5596a7a0c239d4c0ed8bebbb6a124ab", + "spec/defines/vhost_spec.rb": "b9b90663d227f504a6eefe4fed1399d9", + "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", + "spec/spec_helper.rb": "86e537c02437cf6b6875ee65a10f5f98", + "spec/spec_helper_acceptance.rb": "9f1a9850e558b22d4d2f8fa555cf582a", + "spec/unit/provider/a2mod/gentoo_spec.rb": "4d46c6755d98216aacf8b5d0b8021140", + "spec/unit/puppet/parser/functions/bool2httpd_spec.rb": "0c9bca53eb43b5fc888126514b2a174c", + "spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb": "0145a78254ea716e5e7600d9464318a8", + "spec/unit/puppet/parser/functions/validate_apache_log_level.rb": "8f558fd81d1655e9ab20896152eca512", + "templates/confd/no-accf.conf.erb": "a614f28c4b54370e4fa88403dfe93eb0", + "templates/fastcgi/server.erb": "482ce7a72a08f21e3592e584178d5917", + "templates/httpd.conf.erb": "93bd1cbfae5a922dc8dcb1ffc7c266ee", + "templates/listen.erb": "6286aa08f9e28caee54b1e1ee031b9d6", + "templates/mod/alias.conf.erb": "71028c659b7d1784c0e9f373846c8457", + "templates/mod/auth_cas.conf.erb": "74595985c3b0f9df1aaa0ad5dd7a7906", + "templates/mod/auth_mellon.conf.erb": "4e17d22a8f1bc312e976e8513199c945", + "templates/mod/authnz_ldap.conf.erb": "12c9a1482694ddad3143e5eef03fb531", + "templates/mod/autoindex.conf.erb": "2421a3c6df32c7e38c2a7a22afdf5728", + "templates/mod/cgid.conf.erb": "f8ce27d60bc495bab16de2696ebb2fd0", + "templates/mod/dav_fs.conf.erb": "10c1131168e35319e22b3fbfe51aebfd", + "templates/mod/deflate.conf.erb": "e866ecf2bfe8e42ea984267f569723db", + "templates/mod/dir.conf.erb": "2485da78a2506c14bf51dde38dd03360", + "templates/mod/disk_cache.conf.erb": "48d1b54ec1dedea7f68451bc0774790e", + "templates/mod/event.conf.erb": "469ef574b0ae1728203002a52f3d5a3b", + "templates/mod/expires.conf.erb": "7a77f8b1d50c53ee77a6cb798c51a2b9", + "templates/mod/ext_filter.conf.erb": "4e4e4143ab402a9f9d51301b1a192202", + "templates/mod/fastcgi.conf.erb": "2404caa7d91dea083fc4f8b6f18acd24", + "templates/mod/geoip.conf.erb": "93b95f44ec733ee8231be82381e02782", + "templates/mod/info.conf.erb": "dd434aca2b3693c425a2c252a2c39f46", + "templates/mod/itk.conf.erb": "eff84b78e4f2f8c5c3a2e9fc4b8aad16", + "templates/mod/ldap.conf.erb": "72701fa36054b1d3c5333feb804fd2ba", + "templates/mod/load.erb": "01132434e6101080c41548b0ba7e57d8", + "templates/mod/mime.conf.erb": "785632ed912d7206098c10765c980858", + "templates/mod/mime_magic.conf.erb": "db7ac6bbf365d016852744d339c12d16", + "templates/mod/mpm_event.conf.erb": "80097a19d063a4f973465d9ef5c0c0bf", + "templates/mod/negotiation.conf.erb": "a2f0fb40cd038cb17bedc2b84d9f48ea", + "templates/mod/nss.conf.erb": "1470720436c1f1d3dddb79cb90355b2c", + "templates/mod/pagespeed.conf.erb": "da52f6012cd513d2f9c1e410005187fb", + "templates/mod/passenger.conf.erb": "e6d25300be83bd7658c4a100ecc493b5", + "templates/mod/peruser.conf.erb": "c4f4054aee899249ea6fef5a9e5c14ff", + "templates/mod/php5.conf.erb": "38abd949e9df2c4961cf400fd5ad928b", + "templates/mod/prefork.conf.erb": "f9ec5a7eaea78a19b04fa69f8acd8a84", + "templates/mod/proxy.conf.erb": "7eef34af57278ea572b267cff9fb6631", + "templates/mod/proxy_html.conf.erb": "69c9ce9b7f24e1337065f1ce26b057a0", + "templates/mod/remoteip.conf.erb": "5e3fae3bb4532d351d3860652215af92", + "templates/mod/reqtimeout.conf.erb": "314ef068b786ae5afded290a8b6eab15", + "templates/mod/rpaf.conf.erb": "5447539c083ae54f3a9e93c1ac8c988b", + "templates/mod/security.conf.erb": "e708c110f4bfe2fe6fdb9fc61e8498e4", + "templates/mod/security_crs.conf.erb": "0533f947d1d418774213bc9eb0444358", + "templates/mod/setenvif.conf.erb": "c7ede4173da1915b7ec088201f030c28", + "templates/mod/ssl.conf.erb": "5009e83ef1b9c626e04fe6e469f35a05", + "templates/mod/status.conf.erb": "9e959900ac58c8de34783886efeebce7", + "templates/mod/suphp.conf.erb": "05bb7b3ea23976b032ce405bfd4edd18", + "templates/mod/unixd_fcgid.conf.erb": "1780c7808bb3811deaf0007c890df4dc", + "templates/mod/userdir.conf.erb": "efd4cb18056690f2bddc4332c88bdd94", + "templates/mod/worker.conf.erb": "923ce06f97c04e548a438025b81abf50", + "templates/mod/wsgi.conf.erb": "9a416fa3b71be0795679069809686300", + "templates/namevirtualhost.erb": "fbfca19a639e18e6c477e191344ac8ae", + "templates/ports_header.erb": "afe35cb5747574b700ebaa0f0b3a626e", + "templates/vhost/_access_log.erb": "a0c804cb6fc03e5c573f9bfbcf73d9c6", + "templates/vhost/_action.erb": "a004dfcac2e63cef65cf8aa0e270b636", + "templates/vhost/_additional_includes.erb": "10e9c0056e962c49459839a1576b082e", + "templates/vhost/_aliases.erb": "6412f695e911feac18986da38f290dae", + "templates/vhost/_allow_encoded_slashes.erb": "37dee0b6fe9287342a10b533955dff81", + "templates/vhost/_auth_kerb.erb": "3d0de0c3066440dffcbc75215174705b", + "templates/vhost/_block.erb": "cab4365316621b4e06cd1258abeb1d23", + "templates/vhost/_charsets.erb": "d152b6a7815e9edc0fe9bf9acbe2f1ec", + "templates/vhost/_custom_fragment.erb": "325ff48cefc06db035daa3491c391a88", + "templates/vhost/_directories.erb": "36d90f161866bbdfde942c69279dafbc", + "templates/vhost/_docroot.erb": "65d882a3c9d6b6bdd2f9b771f378035a", + "templates/vhost/_error_document.erb": "81d3007c1301a5c5f244c082cfee9de2", + "templates/vhost/_fallbackresource.erb": "e6c103bee7f6f76b10f244fc9fd1cd3b", + "templates/vhost/_fastcgi.erb": "d07c41eae32671b38b5dba14724c14cc", + "templates/vhost/_file_footer.erb": "e27b2525783e590ca1820f1e2118285d", + "templates/vhost/_file_header.erb": "6bf5dd9f0cdf4e436ba4379d0ff246c9", + "templates/vhost/_filters.erb": "597b9de5ae210af9182a1c95172115e7", + "templates/vhost/_header.erb": "9eb9d4075f288183d8224ddec5b2f126", + "templates/vhost/_itk.erb": "8bf90b9855a9277f7a665b10f6c57fe9", + "templates/vhost/_logging.erb": "5bc4cbb1bc8a292acc0ba0420f96ca4e", + "templates/vhost/_passenger.erb": "6b8f937fffe27e65f9aa72e950c4dbfc", + "templates/vhost/_passenger_base_uris.erb": "c8d7f4da1434078e856c72671942dcd8", + "templates/vhost/_php.erb": "0be13b20951791db0f09c328e13b7eaf", + "templates/vhost/_php_admin.erb": "107a57e9e7b3f86d1abcf743f672a292", + "templates/vhost/_proxy.erb": "5832dab1efcad5421a0cd4fe9a7f4f49", + "templates/vhost/_rack.erb": "ebe187c1bdc81eec9c8e0d9026120b18", + "templates/vhost/_redirect.erb": "639e170cafa9e703ab38797c8fc3030b", + "templates/vhost/_requestheader.erb": "db1b0cdda069ae809b5b83b0871ef991", + "templates/vhost/_rewrite.erb": "63a86545cd1c1a8e9e8518dd270deb3e", + "templates/vhost/_scriptalias.erb": "98713f33cca15b22c749bd35ea9a7b41", + "templates/vhost/_security.erb": "58cd0f606e104be456dea0b5d52212e8", + "templates/vhost/_serveralias.erb": "95fed45853629924467aefc271d5b396", + "templates/vhost/_serversignature.erb": "9bf5a458783ab459e5043e1cdf671fa7", + "templates/vhost/_setenv.erb": "818f65d2936be12a24e59079e28f8f47", + "templates/vhost/_ssl.erb": "cd872142f50ffd80a242346ee75111a3", + "templates/vhost/_sslproxy.erb": "00843c237dcbc359b7c78512905baed5", + "templates/vhost/_suexec.erb": "f2b3f9b9ff8fbac4e468e02cd824675a", + "templates/vhost/_suphp.erb": "a1c4a5e4461adbfce870df0abd158b59", + "templates/vhost/_wsgi.erb": "c4ea9a97580489edc6b589ac46816462" +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/apache/manifests/init.pp b/modules/services/unix/http/apache/module/apache/manifests/init.pp new file mode 100644 index 000000000..13eb5f717 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/init.pp @@ -0,0 +1,413 @@ +# Class: apache +# +# This class installs Apache +# +# Parameters: +# +# Actions: +# - Install Apache +# - Manage Apache service +# +# Requires: +# +# Sample Usage: +# +class apache ( + $apache_name = $::apache::params::apache_name, + $service_name = $::apache::params::service_name, + $default_mods = true, + $default_vhost = true, + $default_charset = undef, + $default_confd_files = true, + $default_ssl_vhost = false, + $default_ssl_cert = $::apache::params::default_ssl_cert, + $default_ssl_key = $::apache::params::default_ssl_key, + $default_ssl_chain = undef, + $default_ssl_ca = undef, + $default_ssl_crl_path = undef, + $default_ssl_crl = undef, + $default_ssl_crl_check = undef, + $default_type = 'none', + $dev_packages = $::apache::params::dev_packages, + $ip = undef, + $service_enable = true, + $service_manage = true, + $service_ensure = 'running', + $service_restart = undef, + $purge_configs = true, + $purge_vhost_dir = undef, + $purge_vdir = false, + $serveradmin = 'root@localhost', + $sendfile = 'On', + $error_documents = false, + $timeout = '120', + $httpd_dir = $::apache::params::httpd_dir, + $server_root = $::apache::params::server_root, + $conf_dir = $::apache::params::conf_dir, + $confd_dir = $::apache::params::confd_dir, + $vhost_dir = $::apache::params::vhost_dir, + $vhost_enable_dir = $::apache::params::vhost_enable_dir, + $vhost_include_pattern = $::apache::params::vhost_include_pattern, + $mod_dir = $::apache::params::mod_dir, + $mod_enable_dir = $::apache::params::mod_enable_dir, + $mpm_module = $::apache::params::mpm_module, + $lib_path = $::apache::params::lib_path, + $conf_template = $::apache::params::conf_template, + $servername = $::apache::params::servername, + $pidfile = $::apache::params::pidfile, + $rewrite_lock = undef, + $manage_user = true, + $manage_group = true, + $user = $::apache::params::user, + $group = $::apache::params::group, + $keepalive = $::apache::params::keepalive, + $keepalive_timeout = $::apache::params::keepalive_timeout, + $max_keepalive_requests = $::apache::params::max_keepalive_requests, + $limitreqfieldsize = '8190', + $logroot = $::apache::params::logroot, + $logroot_mode = $::apache::params::logroot_mode, + $log_level = $::apache::params::log_level, + $log_formats = {}, + $ports_file = $::apache::params::ports_file, + $docroot = $::apache::params::docroot, + $apache_version = $::apache::version::default, + $server_tokens = 'OS', + $server_signature = 'On', + $trace_enable = 'On', + $allow_encoded_slashes = undef, + $package_ensure = 'installed', + $use_optional_includes = $::apache::params::use_optional_includes, + $use_systemd = $::apache::params::use_systemd, + $mime_types_additional = $::apache::params::mime_types_additional, + $file_mode = $::apache::params::file_mode, +) inherits ::apache::params { + validate_bool($default_vhost) + validate_bool($default_ssl_vhost) + validate_bool($default_confd_files) + # true/false is sufficient for both ensure and enable + validate_bool($service_enable) + validate_bool($service_manage) + validate_bool($use_optional_includes) + + $valid_mpms_re = $apache_version ? { + '2.4' => '(event|itk|peruser|prefork|worker)', + default => '(event|itk|prefork|worker)' + } + + if $mpm_module and $mpm_module != 'false' { # lint:ignore:quoted_booleans + validate_re($mpm_module, $valid_mpms_re) + } + + if $allow_encoded_slashes { + validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.") + } + + # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package. + # NOTE: the same strategy may be introduced for other OSes. For this, you + # should delete the 'if' block below and modify all MPM modules' manifests + # such that they include apache::package class (currently event.pp, itk.pp, + # peruser.pp, prefork.pp, worker.pp). + if $::osfamily != 'FreeBSD' { + package { 'httpd': + ensure => $package_ensure, + name => $apache_name, + notify => Class['Apache::Service'], + } + } + validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ]) + + # declare the web server user and group + # Note: requiring the package means the package ought to create them and not puppet + validate_bool($manage_user) + if $manage_user { + user { $user: + ensure => present, + gid => $group, + require => Package['httpd'], + } + } + validate_bool($manage_group) + if $manage_group { + group { $group: + ensure => present, + require => Package['httpd'] + } + } + + validate_apache_log_level($log_level) + + class { '::apache::service': + service_name => $service_name, + service_enable => $service_enable, + service_manage => $service_manage, + service_ensure => $service_ensure, + service_restart => $service_restart, + } + + # Deprecated backwards-compatibility + if $purge_vdir { + warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs') + $purge_confd = $purge_vdir + } else { + $purge_confd = $purge_configs + } + + # Set purge vhostd appropriately + if $purge_vhost_dir == undef { + $purge_vhostd = $purge_confd + } else { + $purge_vhostd = $purge_vhost_dir + } + + Exec { + path => '/bin:/sbin:/usr/bin:/usr/sbin', + } + + exec { "mkdir ${confd_dir}": + creates => $confd_dir, + require => Package['httpd'], + } + file { $confd_dir: + ensure => directory, + recurse => true, + purge => $purge_confd, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + + if ! defined(File[$mod_dir]) { + exec { "mkdir ${mod_dir}": + creates => $mod_dir, + require => Package['httpd'], + } + # Don't purge available modules if an enable dir is used + $purge_mod_dir = $purge_configs and !$mod_enable_dir + file { $mod_dir: + ensure => directory, + recurse => true, + purge => $purge_mod_dir, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + } + + if $mod_enable_dir and ! defined(File[$mod_enable_dir]) { + $mod_load_dir = $mod_enable_dir + exec { "mkdir ${mod_enable_dir}": + creates => $mod_enable_dir, + require => Package['httpd'], + } + file { $mod_enable_dir: + ensure => directory, + recurse => true, + purge => $purge_configs, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + } else { + $mod_load_dir = $mod_dir + } + + if ! defined(File[$vhost_dir]) { + exec { "mkdir ${vhost_dir}": + creates => $vhost_dir, + require => Package['httpd'], + } + file { $vhost_dir: + ensure => directory, + recurse => true, + purge => $purge_vhostd, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + } + + if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) { + $vhost_load_dir = $vhost_enable_dir + exec { "mkdir ${vhost_load_dir}": + creates => $vhost_load_dir, + require => Package['httpd'], + } + file { $vhost_enable_dir: + ensure => directory, + recurse => true, + purge => $purge_vhostd, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + } else { + $vhost_load_dir = $vhost_dir + } + + concat { $ports_file: + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + notify => Class['Apache::Service'], + require => Package['httpd'], + } + concat::fragment { 'Apache ports header': + ensure => present, + target => $ports_file, + content => template('apache/ports_header.erb') + } + + if $::apache::conf_dir and $::apache::params::conf_file { + case $::osfamily { + 'debian': { + $error_log = 'error.log' + $scriptalias = '/usr/lib/cgi-bin' + $access_log_file = 'access.log' + } + 'redhat': { + $error_log = 'error_log' + $scriptalias = '/var/www/cgi-bin' + $access_log_file = 'access_log' + } + 'freebsd': { + $error_log = 'httpd-error.log' + $scriptalias = '/usr/local/www/apache24/cgi-bin' + $access_log_file = 'httpd-access.log' + } 'gentoo': { + $error_log = 'error.log' + $error_documents_path = '/usr/share/apache2/error' + $scriptalias = '/var/www/localhost/cgi-bin' + $access_log_file = 'access.log' + + if is_array($default_mods) { + if versioncmp($apache_version, '2.4') >= 0 { + if defined('apache::mod::ssl') { + ::portage::makeconf { 'apache2_modules': + content => concat($default_mods, [ 'authz_core', 'socache_shmcb' ]), + } + } else { + ::portage::makeconf { 'apache2_modules': + content => concat($default_mods, 'authz_core'), + } + } + } else { + ::portage::makeconf { 'apache2_modules': + content => $default_mods, + } + } + } + + file { [ + '/etc/apache2/modules.d/.keep_www-servers_apache-2', + '/etc/apache2/vhosts.d/.keep_www-servers_apache-2' + ]: + ensure => absent, + require => Package['httpd'], + } + } + 'Suse': { + $error_log = 'error.log' + $scriptalias = '/usr/lib/cgi-bin' + $access_log_file = 'access.log' + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } + + $apxs_workaround = $::osfamily ? { + 'freebsd' => true, + default => false + } + + if $rewrite_lock { + validate_absolute_path($rewrite_lock) + } + + # Template uses: + # - $pidfile + # - $user + # - $group + # - $logroot + # - $error_log + # - $sendfile + # - $mod_dir + # - $ports_file + # - $confd_dir + # - $vhost_dir + # - $error_documents + # - $error_documents_path + # - $apxs_workaround + # - $keepalive + # - $keepalive_timeout + # - $max_keepalive_requests + # - $server_root + # - $server_tokens + # - $server_signature + # - $trace_enable + # - $rewrite_lock + file { "${::apache::conf_dir}/${::apache::params::conf_file}": + ensure => file, + content => template($conf_template), + notify => Class['Apache::Service'], + require => [Package['httpd'], Concat[$ports_file]], + } + + # preserve back-wards compatibility to the times when default_mods was + # only a boolean value. Now it can be an array (too) + if is_array($default_mods) { + class { '::apache::default_mods': + all => false, + mods => $default_mods, + } + } else { + class { '::apache::default_mods': + all => $default_mods, + } + } + class { '::apache::default_confd_files': + all => $default_confd_files + } + if $mpm_module and $mpm_module != 'false' { # lint:ignore:quoted_booleans + class { "::apache::mod::${mpm_module}": } + } + + $default_vhost_ensure = $default_vhost ? { + true => 'present', + false => 'absent' + } + $default_ssl_vhost_ensure = $default_ssl_vhost ? { + true => 'present', + false => 'absent' + } + + ::apache::vhost { 'default': + ensure => $default_vhost_ensure, + port => 80, + docroot => $docroot, + scriptalias => $scriptalias, + serveradmin => $serveradmin, + access_log_file => $access_log_file, + priority => '15', + ip => $ip, + logroot_mode => $logroot_mode, + manage_docroot => $default_vhost, + } + $ssl_access_log_file = $::osfamily ? { + 'freebsd' => $access_log_file, + default => "ssl_${access_log_file}", + } + ::apache::vhost { 'default-ssl': + ensure => $default_ssl_vhost_ensure, + port => 443, + ssl => true, + docroot => $docroot, + scriptalias => $scriptalias, + serveradmin => $serveradmin, + access_log_file => $ssl_access_log_file, + priority => '15', + ip => $ip, + logroot_mode => $logroot_mode, + manage_docroot => $default_ssl_vhost, + } + } + + # This anchor can be used as a reference point for things that need to happen *after* + # all modules have been put in place. + anchor { '::apache::modules_set_up': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/listen.pp b/modules/services/unix/http/apache/module/apache/manifests/listen.pp new file mode 100644 index 000000000..e6a8a3c76 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/listen.pp @@ -0,0 +1,10 @@ +define apache::listen { + $listen_addr_port = $name + + # Template uses: $listen_addr_port + concat::fragment { "Listen ${listen_addr_port}": + ensure => present, + target => $::apache::ports_file, + content => template('apache/listen.erb'), + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/params.pp b/modules/services/unix/http/apache/module/apache/manifests/params.pp new file mode 100644 index 000000000..99f1a72e8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/params.pp @@ -0,0 +1,545 @@ +# Class: apache::params +# +# This class manages Apache parameters +# +# Parameters: +# - The $user that Apache runs as +# - The $group that Apache runs as +# - The $apache_name is the name of the package and service on the relevant +# distribution +# - The $php_package is the name of the package that provided PHP +# - The $ssl_package is the name of the Apache SSL package +# - The $apache_dev is the name of the Apache development libraries package +# - The $conf_contents is the contents of the Apache configuration file +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +class apache::params inherits ::apache::version { + if($::fqdn) { + $servername = $::fqdn + } else { + $servername = $::hostname + } + + # The default error log level + $log_level = 'warn' + $use_optional_includes = false + + # Default mime types settings + $mime_types_additional = { + 'AddHandler' => { + 'type-map' => 'var' + }, + 'AddType' => { + 'text/html' => '.shtml' + }, + 'AddOutputFilter' => { + 'INCLUDES' => '.shtml' + }, + } + + # should we use systemd module? + $use_systemd = true + + # Default mode for files + $file_mode = '0644' + + $vhost_include_pattern = '*' + + if $::operatingsystem == 'Ubuntu' and $::lsbdistrelease == '10.04' { + $verify_command = '/usr/sbin/apache2ctl -t' + } else { + $verify_command = '/usr/sbin/apachectl -t' + } + if $::osfamily == 'RedHat' or $::operatingsystem =~ /^[Aa]mazon$/ { + $user = 'apache' + $group = 'apache' + $root_group = 'root' + $apache_name = 'httpd' + $service_name = 'httpd' + $httpd_dir = '/etc/httpd' + $server_root = '/etc/httpd' + $conf_dir = "${httpd_dir}/conf" + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = $::apache::version::distrelease ? { + '7' => "${httpd_dir}/conf.modules.d", + default => "${httpd_dir}/conf.d", + } + $mod_enable_dir = undef + $vhost_dir = "${httpd_dir}/conf.d" + $vhost_enable_dir = undef + $conf_file = 'httpd.conf' + $ports_file = "${conf_dir}/ports.conf" + $pidfile = 'run/httpd.pid' + $logroot = '/var/log/httpd' + $logroot_mode = undef + $lib_path = 'modules' + $mpm_module = 'prefork' + $dev_packages = 'httpd-devel' + $default_ssl_cert = '/etc/pki/tls/certs/localhost.crt' + $default_ssl_key = '/etc/pki/tls/private/localhost.key' + $ssl_certs_dir = '/etc/pki/tls/certs' + $passenger_conf_file = 'passenger_extra.conf' + $passenger_conf_package_file = 'passenger.conf' + $passenger_root = undef + $passenger_ruby = undef + $passenger_default_ruby = undef + $suphp_addhandler = 'php5-script' + $suphp_engine = 'off' + $suphp_configpath = undef + # NOTE: The module for Shibboleth is not available to RH/CentOS without an additional repository. http://wiki.aaf.edu.au/tech-info/sp-install-guide + # NOTE: The auth_cas module isn't available to RH/CentOS without enabling EPEL. + $mod_packages = { + 'auth_cas' => 'mod_auth_cas', + 'auth_kerb' => 'mod_auth_kerb', + 'auth_mellon' => 'mod_auth_mellon', + 'authnz_ldap' => $::apache::version::distrelease ? { + '7' => 'mod_ldap', + default => 'mod_authz_ldap', + }, + 'fastcgi' => 'mod_fastcgi', + 'fcgid' => 'mod_fcgid', + 'geoip' => 'mod_geoip', + 'ldap' => $::apache::version::distrelease ? { + '7' => 'mod_ldap', + default => undef, + }, + 'pagespeed' => 'mod-pagespeed-stable', + 'passenger' => 'mod_passenger', + 'perl' => 'mod_perl', + 'php5' => $::apache::version::distrelease ? { + '5' => 'php53', + default => 'php', + }, + 'proxy_html' => 'mod_proxy_html', + 'python' => 'mod_python', + 'security' => 'mod_security', + 'shibboleth' => 'shibboleth', + 'ssl' => 'mod_ssl', + 'wsgi' => 'mod_wsgi', + 'dav_svn' => 'mod_dav_svn', + 'suphp' => 'mod_suphp', + 'xsendfile' => 'mod_xsendfile', + 'nss' => 'mod_nss', + 'shib2' => 'shibboleth', + } + $mod_libs = { + 'php5' => 'libphp5.so', + 'nss' => 'libmodnss.so', + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = undef + $mime_support_package = 'mailcap' + $mime_types_config = '/etc/mime.types' + $docroot = '/var/www/html' + $alias_icons_path = $::apache::version::distrelease ? { + '7' => '/usr/share/httpd/icons', + default => '/var/www/icons', + } + $error_documents_path = $::apache::version::distrelease ? { + '7' => '/usr/share/httpd/error', + default => '/var/www/error' + } + if $::osfamily == 'RedHat' { + $wsgi_socket_prefix = '/var/run/wsgi' + } else { + $wsgi_socket_prefix = undef + } + $cas_cookie_path = '/var/cache/mod_auth_cas/' + $mellon_lock_file = '/run/mod_auth_mellon/lock' + $mellon_cache_size = 100 + $mellon_post_directory = undef + $modsec_crs_package = 'mod_security_crs' + $modsec_crs_path = '/usr/lib/modsecurity.d' + $modsec_dir = '/etc/httpd/modsecurity.d' + $modsec_secruleengine = 'On' + $modsec_default_rules = [ + 'base_rules/modsecurity_35_bad_robots.data', + 'base_rules/modsecurity_35_scanners.data', + 'base_rules/modsecurity_40_generic_attacks.data', + 'base_rules/modsecurity_41_sql_injection_attacks.data', + 'base_rules/modsecurity_50_outbound.data', + 'base_rules/modsecurity_50_outbound_malware.data', + 'base_rules/modsecurity_crs_20_protocol_violations.conf', + 'base_rules/modsecurity_crs_21_protocol_anomalies.conf', + 'base_rules/modsecurity_crs_23_request_limits.conf', + 'base_rules/modsecurity_crs_30_http_policy.conf', + 'base_rules/modsecurity_crs_35_bad_robots.conf', + 'base_rules/modsecurity_crs_40_generic_attacks.conf', + 'base_rules/modsecurity_crs_41_sql_injection_attacks.conf', + 'base_rules/modsecurity_crs_41_xss_attacks.conf', + 'base_rules/modsecurity_crs_42_tight_security.conf', + 'base_rules/modsecurity_crs_45_trojans.conf', + 'base_rules/modsecurity_crs_47_common_exceptions.conf', + 'base_rules/modsecurity_crs_49_inbound_blocking.conf', + 'base_rules/modsecurity_crs_50_outbound.conf', + 'base_rules/modsecurity_crs_59_outbound_blocking.conf', + 'base_rules/modsecurity_crs_60_correlation.conf' + ] + } elsif $::osfamily == 'Debian' { + $user = 'www-data' + $group = 'www-data' + $root_group = 'root' + $apache_name = 'apache2' + $service_name = 'apache2' + $httpd_dir = '/etc/apache2' + $server_root = '/etc/apache2' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = "${httpd_dir}/mods-available" + $mod_enable_dir = "${httpd_dir}/mods-enabled" + $vhost_dir = "${httpd_dir}/sites-available" + $vhost_enable_dir = "${httpd_dir}/sites-enabled" + $conf_file = 'apache2.conf' + $ports_file = "${conf_dir}/ports.conf" + $pidfile = "\${APACHE_PID_FILE}" + $logroot = '/var/log/apache2' + $logroot_mode = undef + $lib_path = '/usr/lib/apache2/modules' + $mpm_module = 'worker' + $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' + $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' + $ssl_certs_dir = '/etc/ssl/certs' + $suphp_addhandler = 'x-httpd-php' + $suphp_engine = 'off' + $suphp_configpath = '/etc/php5/apache2' + $mod_packages = { + 'auth_cas' => 'libapache2-mod-auth-cas', + 'auth_kerb' => 'libapache2-mod-auth-kerb', + 'auth_mellon' => 'libapache2-mod-auth-mellon', + 'dav_svn' => 'libapache2-svn', + 'fastcgi' => 'libapache2-mod-fastcgi', + 'fcgid' => 'libapache2-mod-fcgid', + 'geoip' => 'libapache2-mod-geoip', + 'nss' => 'libapache2-mod-nss', + 'pagespeed' => 'mod-pagespeed-stable', + 'passenger' => 'libapache2-mod-passenger', + 'perl' => 'libapache2-mod-perl2', + 'php5' => 'libapache2-mod-php5', + 'proxy_html' => 'libapache2-mod-proxy-html', + 'python' => 'libapache2-mod-python', + 'rpaf' => 'libapache2-mod-rpaf', + 'security' => 'libapache2-modsecurity', + 'shib2' => 'libapache2-mod-shib2', + 'suphp' => 'libapache2-mod-suphp', + 'wsgi' => 'libapache2-mod-wsgi', + 'xsendfile' => 'libapache2-mod-xsendfile', + 'shib2' => 'libapache2-mod-shib2', + } + if $::osfamily == 'Debian' and versioncmp($::operatingsystemrelease, '8') < 0 { + $shib2_lib = 'mod_shib_22.so' + } else { + $shib2_lib = 'mod_shib2.so' + } + $mod_libs = { + 'php5' => 'libphp5.so', + 'shib2' => $shib2_lib + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = '/var/lib/apache2/fastcgi' + $mime_support_package = 'mime-support' + $mime_types_config = '/etc/mime.types' + if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0) or ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8') >= 0) { + $docroot = '/var/www/html' + } else { + $docroot = '/var/www' + } + $cas_cookie_path = '/var/cache/apache2/mod_auth_cas/' + $mellon_lock_file = undef + $mellon_cache_size = undef + $mellon_post_directory = '/var/cache/apache2/mod_auth_mellon/' + $modsec_crs_package = 'modsecurity-crs' + $modsec_crs_path = '/usr/share/modsecurity-crs' + $modsec_dir = '/etc/modsecurity' + $modsec_secruleengine = 'On' + $modsec_default_rules = [ + 'base_rules/modsecurity_35_bad_robots.data', + 'base_rules/modsecurity_35_scanners.data', + 'base_rules/modsecurity_40_generic_attacks.data', + 'base_rules/modsecurity_41_sql_injection_attacks.data', + 'base_rules/modsecurity_50_outbound.data', + 'base_rules/modsecurity_50_outbound_malware.data', + 'base_rules/modsecurity_crs_20_protocol_violations.conf', + 'base_rules/modsecurity_crs_21_protocol_anomalies.conf', + 'base_rules/modsecurity_crs_23_request_limits.conf', + 'base_rules/modsecurity_crs_30_http_policy.conf', + 'base_rules/modsecurity_crs_35_bad_robots.conf', + 'base_rules/modsecurity_crs_40_generic_attacks.conf', + 'base_rules/modsecurity_crs_41_sql_injection_attacks.conf', + 'base_rules/modsecurity_crs_41_xss_attacks.conf', + 'base_rules/modsecurity_crs_42_tight_security.conf', + 'base_rules/modsecurity_crs_45_trojans.conf', + 'base_rules/modsecurity_crs_47_common_exceptions.conf', + 'base_rules/modsecurity_crs_49_inbound_blocking.conf', + 'base_rules/modsecurity_crs_50_outbound.conf', + 'base_rules/modsecurity_crs_59_outbound_blocking.conf', + 'base_rules/modsecurity_crs_60_correlation.conf' + ] + $alias_icons_path = '/usr/share/apache2/icons' + $error_documents_path = '/usr/share/apache2/error' + if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0) or ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8') >= 0) { + $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-dev'] + } else { + $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] + } + + # + # Passenger-specific settings + # + + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + + case $::operatingsystem { + 'Ubuntu': { + case $::lsbdistrelease { + '12.04': { + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + } + '14.04': { + $passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' + $passenger_ruby = undef + $passenger_default_ruby = '/usr/bin/ruby' + } + default: { + # The following settings may or may not work on Ubuntu releases not + # supported by this module. + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + } + } + } + 'Debian': { + case $::lsbdistcodename { + 'wheezy': { + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + } + 'jessie': { + $passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' + $passenger_ruby = undef + $passenger_default_ruby = '/usr/bin/ruby' + } + default: { + # The following settings may or may not work on Debian releases not + # supported by this module. + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + } + } + } + } + $wsgi_socket_prefix = undef + } elsif $::osfamily == 'FreeBSD' { + $user = 'www' + $group = 'www' + $root_group = 'wheel' + $apache_name = 'apache24' + $service_name = 'apache24' + $httpd_dir = '/usr/local/etc/apache24' + $server_root = '/usr/local' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/Includes" + $mod_dir = "${httpd_dir}/Modules" + $mod_enable_dir = undef + $vhost_dir = "${httpd_dir}/Vhosts" + $vhost_enable_dir = undef + $conf_file = 'httpd.conf' + $ports_file = "${conf_dir}/ports.conf" + $pidfile = '/var/run/httpd.pid' + $logroot = '/var/log/apache24' + $logroot_mode = undef + $lib_path = '/usr/local/libexec/apache24' + $mpm_module = 'prefork' + $dev_packages = undef + $default_ssl_cert = '/usr/local/etc/apache24/server.crt' + $default_ssl_key = '/usr/local/etc/apache24/server.key' + $ssl_certs_dir = '/usr/local/etc/apache24' + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + $passenger_root = '/usr/local/lib/ruby/gems/2.0/gems/passenger-4.0.58' + $passenger_ruby = '/usr/local/bin/ruby' + $passenger_default_ruby = undef + $suphp_addhandler = 'php5-script' + $suphp_engine = 'off' + $suphp_configpath = undef + $mod_packages = { + # NOTE: I list here only modules that are not included in www/apache24 + # NOTE: 'passenger' needs to enable APACHE_SUPPORT in make config + # NOTE: 'php' needs to enable APACHE option in make config + # NOTE: 'dav_svn' needs to enable MOD_DAV_SVN make config + # NOTE: not sure where the shibboleth should come from + 'auth_kerb' => 'www/mod_auth_kerb2', + 'fcgid' => 'www/mod_fcgid', + 'passenger' => 'www/rubygem-passenger', + 'perl' => 'www/mod_perl2', + 'php5' => 'www/mod_php5', + 'proxy_html' => 'www/mod_proxy_html', + 'python' => 'www/mod_python3', + 'wsgi' => 'www/mod_wsgi', + 'dav_svn' => 'devel/subversion', + 'xsendfile' => 'www/mod_xsendfile', + 'rpaf' => 'www/mod_rpaf2', + 'shib2' => 'security/shibboleth2-sp', + } + $mod_libs = { + 'php5' => 'libphp5.so', + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = undef # TODO: revisit + $mime_support_package = 'misc/mime-support' + $mime_types_config = '/usr/local/etc/mime.types' + $wsgi_socket_prefix = undef + $docroot = '/usr/local/www/apache24/data' + $alias_icons_path = '/usr/local/www/apache24/icons' + $error_documents_path = '/usr/local/www/apache24/error' + } elsif $::osfamily == 'Gentoo' { + $user = 'apache' + $group = 'apache' + $root_group = 'wheel' + $apache_name = 'www-servers/apache' + $service_name = 'apache2' + $httpd_dir = '/etc/apache2' + $server_root = '/var/www' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = "${httpd_dir}/modules.d" + $mod_enable_dir = undef + $vhost_dir = "${httpd_dir}/vhosts.d" + $vhost_enable_dir = undef + $conf_file = 'httpd.conf' + $ports_file = "${conf_dir}/ports.conf" + $logroot = '/var/log/apache2' + $logroot_mode = undef + $lib_path = '/usr/lib/apache2/modules' + $mpm_module = 'prefork' + $dev_packages = undef + $default_ssl_cert = '/etc/ssl/apache2/server.crt' + $default_ssl_key = '/etc/ssl/apache2/server.key' + $ssl_certs_dir = '/etc/ssl/apache2' + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + $passenger_default_ruby = undef + $suphp_addhandler = 'x-httpd-php' + $suphp_engine = 'off' + $suphp_configpath = '/etc/php5/apache2' + $mod_packages = { + # NOTE: I list here only modules that are not included in www-servers/apache + 'auth_kerb' => 'www-apache/mod_auth_kerb', + 'authnz_external' => 'www-apache/mod_authnz_external', + 'fcgid' => 'www-apache/mod_fcgid', + 'passenger' => 'www-apache/passenger', + 'perl' => 'www-apache/mod_perl', + 'php5' => 'dev-lang/php', + 'proxy_html' => 'www-apache/mod_proxy_html', + 'proxy_fcgi' => 'www-apache/mod_proxy_fcgi', + 'python' => 'www-apache/mod_python', + 'wsgi' => 'www-apache/mod_wsgi', + 'dav_svn' => 'dev-vcs/subversion', + 'xsendfile' => 'www-apache/mod_xsendfile', + 'rpaf' => 'www-apache/mod_rpaf', + 'xml2enc' => 'www-apache/mod_xml2enc', + } + $mod_libs = { + 'php5' => 'libphp5.so', + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = undef # TODO: revisit + $mime_support_package = 'app-misc/mime-types' + $mime_types_config = '/etc/mime.types' + $wsgi_socket_prefix = undef + $docroot = '/var/www/localhost/htdocs' + $alias_icons_path = '/usr/share/apache2/icons' + $error_documents_path = '/usr/share/apache2/error' + } elsif $::osfamily == 'Suse' { + $user = 'wwwrun' + $group = 'wwwrun' + $root_group = 'root' + $apache_name = 'apache2' + $service_name = 'apache2' + $httpd_dir = '/etc/apache2' + $server_root = '/etc/apache2' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = "${httpd_dir}/mods-available" + $mod_enable_dir = "${httpd_dir}/mods-enabled" + $vhost_dir = "${httpd_dir}/sites-available" + $vhost_enable_dir = "${httpd_dir}/sites-enabled" + $conf_file = 'httpd.conf' + $ports_file = "${conf_dir}/ports.conf" + $pidfile = '/var/run/httpd2.pid' + $logroot = '/var/log/apache2' + $logroot_mode = undef + $lib_path = '/usr/lib64/apache2-prefork/' + $mpm_module = 'prefork' + $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' + $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' + $ssl_certs_dir = '/etc/ssl/certs' + $suphp_addhandler = 'x-httpd-php' + $suphp_engine = 'off' + $suphp_configpath = '/etc/php5/apache2' + $mod_packages = { + 'auth_kerb' => 'apache2-mod_auth_kerb', + 'fcgid' => 'apache2-mod_fcgid', + 'perl' => 'apache2-mod_perl', + 'php5' => 'apache2-mod_php53', + 'python' => 'apache2-mod_python', + } + $mod_libs = { + 'php5' => 'libphp5.so', + } + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 + $max_keepalive_requests = 100 + $fastcgi_lib_path = '/var/lib/apache2/fastcgi' + $mime_support_package = 'aaa_base' + $mime_types_config = '/etc/mime.types' + $docroot = '/srv/www' + $cas_cookie_path = '/var/cache/apache2/mod_auth_cas/' + $mellon_lock_file = undef + $mellon_cache_size = undef + $mellon_post_directory = undef + $alias_icons_path = '/usr/share/apache2/icons' + $error_documents_path = '/usr/share/apache2/error' + $dev_packages = ['libapr-util1-devel', 'libapr1-devel'] + + # + # Passenger-specific settings + # + + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + + $passenger_root = '/usr' + $passenger_ruby = '/usr/bin/ruby' + $passenger_default_ruby = undef + $wsgi_socket_prefix = undef + + } else { + fail("Class['apache::params']: Unsupported osfamily: ${::osfamily}") + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/ssl.pp b/modules/services/unix/http/apache/module/apache/manifests/ssl.pp new file mode 100644 index 000000000..d0b36593d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/ssl.pp @@ -0,0 +1,18 @@ +# Class: apache::ssl +# +# This class installs Apache SSL capabilities +# +# Parameters: +# - The $ssl_package name from the apache::params class +# +# Actions: +# - Install Apache SSL capabilities +# +# Requires: +# +# Sample Usage: +# +class apache::ssl { + warning('apache::ssl is deprecated; please use apache::mod::ssl') + include ::apache::mod::ssl +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/vhost.pp b/modules/services/unix/http/apache/module/apache/manifests/vhost.pp new file mode 100644 index 000000000..8b5422e5a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/vhost.pp @@ -0,0 +1,999 @@ +# See README.md for usage information +define apache::vhost( + $docroot, + $manage_docroot = true, + $virtual_docroot = false, + $port = undef, + $ip = undef, + $ip_based = false, + $add_listen = true, + $docroot_owner = 'root', + $docroot_group = $::apache::params::root_group, + $docroot_mode = undef, + $serveradmin = undef, + $ssl = false, + $ssl_cert = $::apache::default_ssl_cert, + $ssl_key = $::apache::default_ssl_key, + $ssl_chain = $::apache::default_ssl_chain, + $ssl_ca = $::apache::default_ssl_ca, + $ssl_crl_path = $::apache::default_ssl_crl_path, + $ssl_crl = $::apache::default_ssl_crl, + $ssl_crl_check = $::apache::default_ssl_crl_check, + $ssl_certs_dir = $::apache::params::ssl_certs_dir, + $ssl_protocol = undef, + $ssl_cipher = undef, + $ssl_honorcipherorder = undef, + $ssl_verify_client = undef, + $ssl_verify_depth = undef, + $ssl_proxy_verify = undef, + $ssl_proxy_check_peer_cn = undef, + $ssl_proxy_check_peer_name = undef, + $ssl_proxy_machine_cert = undef, + $ssl_options = undef, + $ssl_openssl_conf_cmd = undef, + $ssl_proxyengine = false, + $priority = undef, + $default_vhost = false, + $servername = $name, + $serveraliases = [], + $options = ['Indexes','FollowSymLinks','MultiViews'], + $override = ['None'], + $directoryindex = '', + $vhost_name = '*', + $logroot = $::apache::logroot, + $logroot_ensure = 'directory', + $logroot_mode = undef, + $log_level = undef, + $access_log = true, + $access_log_file = false, + $access_log_pipe = false, + $access_log_syslog = false, + $access_log_format = false, + $access_log_env_var = false, + $access_logs = undef, + $aliases = undef, + $directories = undef, + $error_log = true, + $error_log_file = undef, + $error_log_pipe = undef, + $error_log_syslog = undef, + $error_documents = [], + $fallbackresource = undef, + $scriptalias = undef, + $scriptaliases = [], + $proxy_dest = undef, + $proxy_dest_match = undef, + $proxy_dest_reverse_match = undef, + $proxy_pass = undef, + $proxy_pass_match = undef, + $suphp_addhandler = $::apache::params::suphp_addhandler, + $suphp_engine = $::apache::params::suphp_engine, + $suphp_configpath = $::apache::params::suphp_configpath, + $php_flags = {}, + $php_values = {}, + $php_admin_flags = {}, + $php_admin_values = {}, + $no_proxy_uris = [], + $no_proxy_uris_match = [], + $proxy_preserve_host = false, + $proxy_error_override = false, + $redirect_source = '/', + $redirect_dest = undef, + $redirect_status = undef, + $redirectmatch_status = undef, + $redirectmatch_regexp = undef, + $redirectmatch_dest = undef, + $rack_base_uris = undef, + $passenger_base_uris = undef, + $headers = undef, + $request_headers = undef, + $filters = undef, + $rewrites = undef, + $rewrite_base = undef, + $rewrite_rule = undef, + $rewrite_cond = undef, + $setenv = [], + $setenvif = [], + $block = [], + $ensure = 'present', + $wsgi_application_group = undef, + $wsgi_daemon_process = undef, + $wsgi_daemon_process_options = undef, + $wsgi_import_script = undef, + $wsgi_import_script_options = undef, + $wsgi_process_group = undef, + $wsgi_script_aliases = undef, + $wsgi_pass_authorization = undef, + $wsgi_chunked_request = undef, + $custom_fragment = undef, + $itk = undef, + $action = undef, + $fastcgi_server = undef, + $fastcgi_socket = undef, + $fastcgi_dir = undef, + $additional_includes = [], + $use_optional_includes = $::apache::use_optional_includes, + $apache_version = $::apache::apache_version, + $allow_encoded_slashes = undef, + $suexec_user_group = undef, + $passenger_app_root = undef, + $passenger_app_env = undef, + $passenger_ruby = undef, + $passenger_min_instances = undef, + $passenger_start_timeout = undef, + $passenger_pre_start = undef, + $add_default_charset = undef, + $modsec_disable_vhost = undef, + $modsec_disable_ids = undef, + $modsec_disable_ips = undef, + $modsec_body_limit = undef, + $auth_kerb = false, + $krb_method_negotiate = 'on', + $krb_method_k5passwd = 'on', + $krb_authoritative = 'on', + $krb_auth_realms = [], + $krb_5keytab = undef, + $krb_local_user_mapping = undef, + $krb_verify_kdc = 'on', + $krb_servicename = 'HTTP', + $krb_save_credentials = 'off', +) { + # The base class must be included first because it is used by parameter defaults + if ! defined(Class['apache']) { + fail('You must include the apache base class before using any apache defined resources') + } + + $apache_name = $::apache::apache_name + + validate_re($ensure, '^(present|absent)$', + "${ensure} is not supported for ensure. + Allowed values are 'present' and 'absent'.") + validate_re($suphp_engine, '^(on|off)$', + "${suphp_engine} is not supported for suphp_engine. + Allowed values are 'on' and 'off'.") + validate_bool($ip_based) + validate_bool($access_log) + validate_bool($error_log) + validate_bool($ssl) + validate_bool($default_vhost) + validate_bool($ssl_proxyengine) + if $rewrites { + validate_array($rewrites) + unless empty($rewrites) { + validate_hash($rewrites[0]) + } + } + + # Input validation begins + + if $suexec_user_group { + validate_re($suexec_user_group, '^[\w-]+ [\w-]+$', + "${suexec_user_group} is not supported for suexec_user_group. Must be 'user group'.") + } + + if $wsgi_pass_authorization { + validate_re(downcase($wsgi_pass_authorization), '^(on|off)$', + "${wsgi_pass_authorization} is not supported for wsgi_pass_authorization. + Allowed values are 'on' and 'off'.") + } + + # Deprecated backwards-compatibility + if $rewrite_base { + warning('Apache::Vhost: parameter rewrite_base is deprecated in favor of rewrites') + } + if $rewrite_rule { + warning('Apache::Vhost: parameter rewrite_rule is deprecated in favor of rewrites') + } + if $rewrite_cond { + warning('Apache::Vhost parameter rewrite_cond is deprecated in favor of rewrites') + } + + if $wsgi_script_aliases { + validate_hash($wsgi_script_aliases) + } + if $wsgi_daemon_process_options { + validate_hash($wsgi_daemon_process_options) + } + if $wsgi_import_script_options { + validate_hash($wsgi_import_script_options) + } + if $itk { + validate_hash($itk) + } + + validate_re($logroot_ensure, '^(directory|absent)$', + "${logroot_ensure} is not supported for logroot_ensure. + Allowed values are 'directory' and 'absent'.") + + if $log_level { + validate_apache_log_level($log_level) + } + + if $access_log_file and $access_log_pipe { + fail("Apache::Vhost[${name}]: 'access_log_file' and 'access_log_pipe' cannot be defined at the same time") + } + + if $error_log_file and $error_log_pipe { + fail("Apache::Vhost[${name}]: 'error_log_file' and 'error_log_pipe' cannot be defined at the same time") + } + + if $fallbackresource { + validate_re($fallbackresource, '^/|disabled', 'Please make sure fallbackresource starts with a / (or is "disabled")') + } + + if $custom_fragment { + validate_string($custom_fragment) + } + + if $allow_encoded_slashes { + validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.") + } + + validate_bool($auth_kerb) + + # Validate the docroot as a string if: + # - $manage_docroot is true + if $manage_docroot { + validate_string($docroot) + } + + if $ssl_proxy_verify { + validate_re($ssl_proxy_verify,'^(none|optional|require|optional_no_ca)$',"${ssl_proxy_verify} is not permitted for ssl_proxy_verify. Allowed values are 'none', 'optional', 'require' or 'optional_no_ca'.") + } + + if $ssl_proxy_check_peer_cn { + validate_re($ssl_proxy_check_peer_cn,'(^on$|^off$)',"${ssl_proxy_check_peer_cn} is not permitted for ssl_proxy_check_peer_cn. Allowed values are 'on' or 'off'.") + } + if $ssl_proxy_check_peer_name { + validate_re($ssl_proxy_check_peer_name,'(^on$|^off$)',"${ssl_proxy_check_peer_name} is not permitted for ssl_proxy_check_peer_name. Allowed values are 'on' or 'off'.") + } + + # Input validation ends + + if $ssl and $ensure == 'present' { + include ::apache::mod::ssl + # Required for the AddType lines. + include ::apache::mod::mime + } + + if $auth_kerb and $ensure == 'present' { + include ::apache::mod::auth_kerb + } + + if $virtual_docroot { + include ::apache::mod::vhost_alias + } + + if $wsgi_daemon_process { + include ::apache::mod::wsgi + } + + if $suexec_user_group { + include ::apache::mod::suexec + } + + if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start { + include ::apache::mod::passenger + } + + # Configure the defaultness of a vhost + if $priority { + $priority_real = "${priority}-" + } elsif $priority == false { + $priority_real = '' + } elsif $default_vhost { + $priority_real = '10-' + } else { + $priority_real = '25-' + } + + ## Apache include does not always work with spaces in the filename + $filename = regsubst($name, ' ', '_', 'G') + + # This ensures that the docroot exists + # But enables it to be specified across multiple vhost resources + if $manage_docroot and $docroot and ! defined(File[$docroot]) { + file { $docroot: + ensure => directory, + owner => $docroot_owner, + group => $docroot_group, + mode => $docroot_mode, + require => Package['httpd'], + before => Concat["${priority_real}${filename}.conf"], + } + } + + # Same as above, but for logroot + if ! defined(File[$logroot]) { + file { $logroot: + ensure => $logroot_ensure, + mode => $logroot_mode, + require => Package['httpd'], + before => Concat["${priority_real}${filename}.conf"], + } + } + + + # Is apache::mod::passenger enabled (or apache::mod['passenger']) + $passenger_enabled = defined(Apache::Mod['passenger']) + + # Is apache::mod::shib enabled (or apache::mod['shib2']) + $shibboleth_enabled = defined(Apache::Mod['shib2']) + + if $access_log and !$access_logs { + if $access_log_file { + $_logs_dest = "${logroot}/${access_log_file}" + } elsif $access_log_pipe { + $_logs_dest = $access_log_pipe + } elsif $access_log_syslog { + $_logs_dest = $access_log_syslog + } else { + $_logs_dest = undef + } + $_access_logs = [{ + 'file' => $access_log_file, + 'pipe' => $access_log_pipe, + 'syslog' => $access_log_syslog, + 'format' => $access_log_format, + 'env' => $access_log_env_var + }] + } elsif $access_logs { + if !is_array($access_logs) { + fail("Apache::Vhost[${name}]: access_logs must be an array of hashes") + } + $_access_logs = $access_logs + } + + if $error_log_file { + $error_log_destination = "${logroot}/${error_log_file}" + } elsif $error_log_pipe { + $error_log_destination = $error_log_pipe + } elsif $error_log_syslog { + $error_log_destination = $error_log_syslog + } else { + if $ssl { + $error_log_destination = "${logroot}/${name}_error_ssl.log" + } else { + $error_log_destination = "${logroot}/${name}_error.log" + } + } + + if $ip { + $_ip = enclose_ipv6($ip) + if $port { + $listen_addr_port = suffix(any2array($_ip),":${port}") + $nvh_addr_port = suffix(any2array($_ip),":${port}") + } else { + $listen_addr_port = undef + $nvh_addr_port = $_ip + if ! $servername and ! $ip_based { + fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters for name-based vhosts") + } + } + } else { + if $port { + $listen_addr_port = $port + $nvh_addr_port = "${vhost_name}:${port}" + } else { + $listen_addr_port = undef + $nvh_addr_port = $name + if ! $servername { + fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters, and/or 'servername' parameter") + } + } + } + if $add_listen { + if $ip and defined(Apache::Listen["${port}"]) { + fail("Apache::Vhost[${name}]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this") + } + if $listen_addr_port and $ensure == 'present' { + ensure_resource('apache::listen', $listen_addr_port) + } + } + if ! $ip_based { + if $ensure == 'present' and (versioncmp($apache_version, '2.4') < 0) { + ensure_resource('apache::namevirtualhost', $nvh_addr_port) + } + } + + # Load mod_rewrite if needed and not yet loaded + if $rewrites or $rewrite_cond { + if ! defined(Class['apache::mod::rewrite']) { + include ::apache::mod::rewrite + } + } + + # Load mod_alias if needed and not yet loaded + if ($scriptalias or $scriptaliases != []) or ($aliases and $aliases != []) or ($redirect_source and $redirect_dest) { + if ! defined(Class['apache::mod::alias']) and ($ensure == 'present') { + include ::apache::mod::alias + } + } + + # Load mod_proxy if needed and not yet loaded + if ($proxy_dest or $proxy_pass or $proxy_pass_match or $proxy_dest_match) { + if ! defined(Class['apache::mod::proxy']) { + include ::apache::mod::proxy + } + if ! defined(Class['apache::mod::proxy_http']) { + include ::apache::mod::proxy_http + } + } + + # Load mod_passenger if needed and not yet loaded + if $rack_base_uris { + if ! defined(Class['apache::mod::passenger']) { + include ::apache::mod::passenger + } + } + + # Load mod_passenger if needed and not yet loaded + if $passenger_base_uris { + include ::apache::mod::passenger + } + + # Load mod_fastci if needed and not yet loaded + if $fastcgi_server and $fastcgi_socket { + if ! defined(Class['apache::mod::fastcgi']) { + include ::apache::mod::fastcgi + } + } + + # Check if mod_headers is required to process $headers/$request_headers + if $headers or $request_headers { + if ! defined(Class['apache::mod::headers']) { + include ::apache::mod::headers + } + } + + # Check if mod_filter is required to process $filters + if $filters { + if ! defined(Class['apache::mod::filter']) { + include ::apache::mod::filter + } + } + + if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { + if ! defined(Class['apache::mod::setenvif']) { + include ::apache::mod::setenvif + } + } + + ## Create a default directory list if none defined + if $directories { + if !is_hash($directories) and !(is_array($directories) and is_hash($directories[0])) { + fail("Apache::Vhost[${name}]: 'directories' must be either a Hash or an Array of Hashes") + } + $_directories = $directories + } elsif $docroot { + $_directory = { + provider => 'directory', + path => $docroot, + options => $options, + allow_override => $override, + directoryindex => $directoryindex, + } + + if versioncmp($apache_version, '2.4') >= 0 { + $_directory_version = { + require => 'all granted', + } + } else { + $_directory_version = { + order => 'allow,deny', + allow => 'from all', + } + } + + $_directories = [ merge($_directory, $_directory_version) ] + } + + ## Create a global LocationMatch if locations aren't defined + if $modsec_disable_ids { + if is_hash($modsec_disable_ids) { + $_modsec_disable_ids = $modsec_disable_ids + } elsif is_array($modsec_disable_ids) { + $_modsec_disable_ids = { '.*' => $modsec_disable_ids } + } else { + fail("Apache::Vhost[${name}]: 'modsec_disable_ids' must be either a Hash of location/IDs or an Array of IDs") + } + } + + concat { "${priority_real}${filename}.conf": + ensure => $ensure, + path => "${::apache::vhost_dir}/${priority_real}${filename}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + order => 'numeric', + require => Package['httpd'], + notify => Class['apache::service'], + } + # NOTE(pabelanger): This code is duplicated in ::apache::vhost::custom and + # needs to be converted into something generic. + if $::apache::vhost_enable_dir { + $vhost_enable_dir = $::apache::vhost_enable_dir + $vhost_symlink_ensure = $ensure ? { + present => link, + default => $ensure, + } + file{ "${priority_real}${filename}.conf symlink": + ensure => $vhost_symlink_ensure, + path => "${vhost_enable_dir}/${priority_real}${filename}.conf", + target => "${::apache::vhost_dir}/${priority_real}${filename}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => Concat["${priority_real}${filename}.conf"], + notify => Class['apache::service'], + } + } + + # Template uses: + # - $nvh_addr_port + # - $servername + # - $serveradmin + concat::fragment { "${name}-apache-header": + target => "${priority_real}${filename}.conf", + order => 0, + content => template('apache/vhost/_file_header.erb'), + } + + # Template uses: + # - $virtual_docroot + # - $docroot + if $docroot { + concat::fragment { "${name}-docroot": + target => "${priority_real}${filename}.conf", + order => 10, + content => template('apache/vhost/_docroot.erb'), + } + } + + # Template uses: + # - $aliases + if $aliases and ! empty($aliases) { + concat::fragment { "${name}-aliases": + target => "${priority_real}${filename}.conf", + order => 20, + content => template('apache/vhost/_aliases.erb'), + } + } + + # Template uses: + # - $itk + # - $::kernelversion + if $itk and ! empty($itk) { + concat::fragment { "${name}-itk": + target => "${priority_real}${filename}.conf", + order => 30, + content => template('apache/vhost/_itk.erb'), + } + } + + # Template uses: + # - $fallbackresource + if $fallbackresource { + concat::fragment { "${name}-fallbackresource": + target => "${priority_real}${filename}.conf", + order => 40, + content => template('apache/vhost/_fallbackresource.erb'), + } + } + + # Template uses: + # - $allow_encoded_slashes + if $allow_encoded_slashes { + concat::fragment { "${name}-allow_encoded_slashes": + target => "${priority_real}${filename}.conf", + order => 50, + content => template('apache/vhost/_allow_encoded_slashes.erb'), + } + } + + # Template uses: + # - $_directories + # - $docroot + # - $apache_version + # - $suphp_engine + # - $shibboleth_enabled + if $_directories and ! empty($_directories) { + concat::fragment { "${name}-directories": + target => "${priority_real}${filename}.conf", + order => 60, + content => template('apache/vhost/_directories.erb'), + } + } + + # Template uses: + # - $additional_includes + if $additional_includes and ! empty($additional_includes) { + concat::fragment { "${name}-additional_includes": + target => "${priority_real}${filename}.conf", + order => 70, + content => template('apache/vhost/_additional_includes.erb'), + } + } + + # Template uses: + # - $error_log + # - $log_level + # - $error_log_destination + # - $log_level + if $error_log or $log_level { + concat::fragment { "${name}-logging": + target => "${priority_real}${filename}.conf", + order => 80, + content => template('apache/vhost/_logging.erb'), + } + } + + # Template uses no variables + concat::fragment { "${name}-serversignature": + target => "${priority_real}${filename}.conf", + order => 90, + content => template('apache/vhost/_serversignature.erb'), + } + + # Template uses: + # - $access_log + # - $_access_log_env_var + # - $access_log_destination + # - $_access_log_format + # - $_access_log_env_var + # - $access_logs + if $access_log or $access_logs { + concat::fragment { "${name}-access_log": + target => "${priority_real}${filename}.conf", + order => 100, + content => template('apache/vhost/_access_log.erb'), + } + } + + # Template uses: + # - $action + if $action { + concat::fragment { "${name}-action": + target => "${priority_real}${filename}.conf", + order => 110, + content => template('apache/vhost/_action.erb'), + } + } + + # Template uses: + # - $block + # - $apache_version + if $block and ! empty($block) { + concat::fragment { "${name}-block": + target => "${priority_real}${filename}.conf", + order => 120, + content => template('apache/vhost/_block.erb'), + } + } + + # Template uses: + # - $error_documents + if $error_documents and ! empty($error_documents) { + concat::fragment { "${name}-error_document": + target => "${priority_real}${filename}.conf", + order => 130, + content => template('apache/vhost/_error_document.erb'), + } + } + + # Template uses: + # - $headers + if $headers and ! empty($headers) { + concat::fragment { "${name}-header": + target => "${priority_real}${filename}.conf", + order => 140, + content => template('apache/vhost/_header.erb'), + } + } + + # Template uses: + # - $request_headers + if $request_headers and ! empty($request_headers) { + concat::fragment { "${name}-requestheader": + target => "${priority_real}${filename}.conf", + order => 150, + content => template('apache/vhost/_requestheader.erb'), + } + } + + # Template uses: + # - $proxy_dest + # - $proxy_pass + # - $proxy_pass_match + # - $proxy_preserve_host + # - $no_proxy_uris + if $proxy_dest or $proxy_pass or $proxy_pass_match or $proxy_dest_match { + concat::fragment { "${name}-proxy": + target => "${priority_real}${filename}.conf", + order => 160, + content => template('apache/vhost/_proxy.erb'), + } + } + + # Template uses: + # - $rack_base_uris + if $rack_base_uris { + concat::fragment { "${name}-rack": + target => "${priority_real}${filename}.conf", + order => 170, + content => template('apache/vhost/_rack.erb'), + } + } + + # Template uses: + # - $passenger_base_uris + if $passenger_base_uris { + concat::fragment { "${name}-passenger_uris": + target => "${priority_real}${filename}.conf", + order => 175, + content => template('apache/vhost/_passenger_base_uris.erb'), + } + } + + # Template uses: + # - $redirect_source + # - $redirect_dest + # - $redirect_status + # - $redirect_dest_a + # - $redirect_source_a + # - $redirect_status_a + # - $redirectmatch_status + # - $redirectmatch_regexp + # - $redirectmatch_dest + # - $redirectmatch_status_a + # - $redirectmatch_regexp_a + # - $redirectmatch_dest + if ($redirect_source and $redirect_dest) or ($redirectmatch_status and $redirectmatch_regexp and $redirectmatch_dest) { + concat::fragment { "${name}-redirect": + target => "${priority_real}${filename}.conf", + order => 180, + content => template('apache/vhost/_redirect.erb'), + } + } + + # Template uses: + # - $rewrites + # - $rewrite_base + # - $rewrite_rule + # - $rewrite_cond + # - $rewrite_map + if $rewrites or $rewrite_rule { + concat::fragment { "${name}-rewrite": + target => "${priority_real}${filename}.conf", + order => 190, + content => template('apache/vhost/_rewrite.erb'), + } + } + + # Template uses: + # - $scriptaliases + # - $scriptalias + if ( $scriptalias or $scriptaliases != [] ) { + concat::fragment { "${name}-scriptalias": + target => "${priority_real}${filename}.conf", + order => 200, + content => template('apache/vhost/_scriptalias.erb'), + } + } + + # Template uses: + # - $serveraliases + if $serveraliases and ! empty($serveraliases) { + concat::fragment { "${name}-serveralias": + target => "${priority_real}${filename}.conf", + order => 210, + content => template('apache/vhost/_serveralias.erb'), + } + } + + # Template uses: + # - $setenv + # - $setenvif + if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { + concat::fragment { "${name}-setenv": + target => "${priority_real}${filename}.conf", + order => 220, + content => template('apache/vhost/_setenv.erb'), + } + } + + # Template uses: + # - $ssl + # - $ssl_cert + # - $ssl_key + # - $ssl_chain + # - $ssl_certs_dir + # - $ssl_ca + # - $ssl_crl_path + # - $ssl_crl + # - $ssl_crl_check + # - $ssl_protocol + # - $ssl_cipher + # - $ssl_honorcipherorder + # - $ssl_verify_client + # - $ssl_verify_depth + # - $ssl_options + # - $ssl_openssl_conf_cmd + # - $apache_version + if $ssl { + concat::fragment { "${name}-ssl": + target => "${priority_real}${filename}.conf", + order => 230, + content => template('apache/vhost/_ssl.erb'), + } + } + + # Template uses: + # - $ssl_proxyengine + # - $ssl_proxy_verify + # - $ssl_proxy_check_peer_cn + # - $ssl_proxy_check_peer_name + # - $ssl_proxy_machine_cert + if $ssl_proxyengine { + concat::fragment { "${name}-sslproxy": + target => "${priority_real}${filename}.conf", + order => 230, + content => template('apache/vhost/_sslproxy.erb'), + } + } + + # Template uses: + # - $auth_kerb + # - $krb_method_negotiate + # - $krb_method_k5passwd + # - $krb_authoritative + # - $krb_auth_realms + # - $krb_5keytab + # - $krb_local_user_mapping + if $auth_kerb { + concat::fragment { "${name}-auth_kerb": + target => "${priority_real}${filename}.conf", + order => 230, + content => template('apache/vhost/_auth_kerb.erb'), + } + } + + # Template uses: + # - $suphp_engine + # - $suphp_addhandler + # - $suphp_configpath + if $suphp_engine == 'on' { + concat::fragment { "${name}-suphp": + target => "${priority_real}${filename}.conf", + order => 240, + content => template('apache/vhost/_suphp.erb'), + } + } + + # Template uses: + # - $php_values + # - $php_flags + if ($php_values and ! empty($php_values)) or ($php_flags and ! empty($php_flags)) { + concat::fragment { "${name}-php": + target => "${priority_real}${filename}.conf", + order => 240, + content => template('apache/vhost/_php.erb'), + } + } + + # Template uses: + # - $php_admin_values + # - $php_admin_flags + if ($php_admin_values and ! empty($php_admin_values)) or ($php_admin_flags and ! empty($php_admin_flags)) { + concat::fragment { "${name}-php_admin": + target => "${priority_real}${filename}.conf", + order => 250, + content => template('apache/vhost/_php_admin.erb'), + } + } + + # Template uses: + # - $wsgi_application_group + # - $wsgi_daemon_process + # - $wsgi_daemon_process_options + # - $wsgi_import_script + # - $wsgi_import_script_options + # - $wsgi_process_group + # - $wsgi_script_aliases + # - $wsgi_pass_authorization + if $wsgi_application_group or $wsgi_daemon_process or ($wsgi_import_script and $wsgi_import_script_options) or $wsgi_process_group or ($wsgi_script_aliases and ! empty($wsgi_script_aliases)) or $wsgi_pass_authorization { + concat::fragment { "${name}-wsgi": + target => "${priority_real}${filename}.conf", + order => 260, + content => template('apache/vhost/_wsgi.erb'), + } + } + + # Template uses: + # - $custom_fragment + if $custom_fragment { + concat::fragment { "${name}-custom_fragment": + target => "${priority_real}${filename}.conf", + order => 270, + content => template('apache/vhost/_custom_fragment.erb'), + } + } + + # Template uses: + # - $fastcgi_server + # - $fastcgi_socket + # - $fastcgi_dir + # - $apache_version + if $fastcgi_server or $fastcgi_dir { + concat::fragment { "${name}-fastcgi": + target => "${priority_real}${filename}.conf", + order => 280, + content => template('apache/vhost/_fastcgi.erb'), + } + } + + # Template uses: + # - $suexec_user_group + if $suexec_user_group { + concat::fragment { "${name}-suexec": + target => "${priority_real}${filename}.conf", + order => 290, + content => template('apache/vhost/_suexec.erb'), + } + } + + # Template uses: + # - $passenger_app_root + # - $passenger_app_env + # - $passenger_ruby + # - $passenger_min_instances + # - $passenger_start_timeout + # - $passenger_pre_start + if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start { + concat::fragment { "${name}-passenger": + target => "${priority_real}${filename}.conf", + order => 300, + content => template('apache/vhost/_passenger.erb'), + } + } + + # Template uses: + # - $add_default_charset + if $add_default_charset { + concat::fragment { "${name}-charsets": + target => "${priority_real}${filename}.conf", + order => 310, + content => template('apache/vhost/_charsets.erb'), + } + } + + # Template uses: + # - $modsec_disable_vhost + # - $modsec_disable_ids + # - $modsec_disable_ips + # - $modsec_body_limit + if $modsec_disable_vhost or $modsec_disable_ids or $modsec_disable_ips { + concat::fragment { "${name}-security": + target => "${priority_real}${filename}.conf", + order => 320, + content => template('apache/vhost/_security.erb') + } + } + + # Template uses: + # - $filters + if $filters and ! empty($filters) { + concat::fragment { "${name}-filters": + target => "${priority_real}${filename}.conf", + order => 330, + content => template('apache/vhost/_filters.erb'), + } + } + + # Template uses no variables + concat::fragment { "${name}-file_footer": + target => "${priority_real}${filename}.conf", + order => 999, + content => template('apache/vhost/_file_footer.erb'), + } +} diff --git a/modules/services/unix/http/apache/module/apache/metadata.json b/modules/services/unix/http/apache/module/apache/metadata.json new file mode 100644 index 000000000..9ef58c8c9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/metadata.json @@ -0,0 +1,81 @@ +{ + "name": "puppetlabs-apache", + "version": "1.8.1", + "author": "puppetlabs", + "summary": "Installs, configures, and manages Apache virtual hosts, web services, and modules.", + "license": "Apache-2.0", + "source": "git://github.com/puppetlabs/puppetlabs-apache.git", + "project_page": "https://github.com/puppetlabs/puppetlabs-apache", + "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">= 2.4.0 < 5.0.0"}, + {"name":"puppetlabs/concat","version_requirement":">= 1.1.1 < 3.0.0"} + ], + "data_provider": null, + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7", + "8" + ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "11 SP1" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": ">= 3.7.0 < 2015.4.0" + }, + { + "name": "puppet", + "version_requirement": ">= 3.0.0 < 5.0.0" + } + ], + "description": "Module for Apache configuration" +} diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/apache_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/apache_spec.rb new file mode 100644 index 000000000..34d56ba4f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/apache_spec.rb @@ -0,0 +1,884 @@ +require 'spec_helper' + +describe 'apache', :type => :class do + context "on a Debian OS" do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("httpd").with( + 'notify' => 'Class[Apache::Service]', + 'ensure' => 'installed' + ) + } + it { is_expected.to contain_user("www-data") } + it { is_expected.to contain_group("www-data") } + it { is_expected.to contain_class("apache::service") } + it { is_expected.to contain_file("/var/www").with( + 'ensure' => 'directory' + ) + } + it { is_expected.to contain_file("/etc/apache2/sites-enabled").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) + } + it { is_expected.to contain_file("/etc/apache2/mods-enabled").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) + } + it { is_expected.to contain_file("/etc/apache2/mods-available").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'false', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) + } + it { is_expected.to contain_concat("/etc/apache2/ports.conf").with( + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'notify' => 'Class[Apache::Service]' + ) + } + # Assert that load files are placed and symlinked for these mods, but no conf file. + [ + 'auth_basic', + 'authn_file', + 'authz_default', + 'authz_groupfile', + 'authz_host', + 'authz_user', + 'dav', + 'env' + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with( + 'path' => "/etc/apache2/mods-available/#{modname}.load", + 'ensure' => 'file' + ) } + it { is_expected.to contain_file("#{modname}.load symlink").with( + 'path' => "/etc/apache2/mods-enabled/#{modname}.load", + 'ensure' => 'link', + 'target' => "/etc/apache2/mods-available/#{modname}.load" + ) } + it { is_expected.not_to contain_file("#{modname}.conf") } + it { is_expected.not_to contain_file("#{modname}.conf symlink") } + end + + context "with Apache version < 2.4" do + let :params do + { :apache_version => '2.2' } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^Include "/etc/apache2/conf\.d/\*\.conf"$} } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + :use_optional_includes => true + } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^IncludeOptional "/etc/apache2/conf\.d/\*\.conf"$} } + end + + context "when specifying slash encoding behaviour" do + let :params do + { :allow_encoded_slashes => 'nodecode' } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^AllowEncodedSlashes nodecode$} } + end + + context "when specifying default character set" do + let :params do + { :default_charset => 'none' } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^AddDefaultCharset none$} } + end + + # Assert that both load files and conf files are placed and symlinked for these mods + [ + 'alias', + 'autoindex', + 'dav_fs', + 'deflate', + 'dir', + 'mime', + 'negotiation', + 'setenvif', + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with( + 'path' => "/etc/apache2/mods-available/#{modname}.load", + 'ensure' => 'file' + ) } + it { is_expected.to contain_file("#{modname}.load symlink").with( + 'path' => "/etc/apache2/mods-enabled/#{modname}.load", + 'ensure' => 'link', + 'target' => "/etc/apache2/mods-available/#{modname}.load" + ) } + it { is_expected.to contain_file("#{modname}.conf").with( + 'path' => "/etc/apache2/mods-available/#{modname}.conf", + 'ensure' => 'file' + ) } + it { is_expected.to contain_file("#{modname}.conf symlink").with( + 'path' => "/etc/apache2/mods-enabled/#{modname}.conf", + 'ensure' => 'link', + 'target' => "/etc/apache2/mods-available/#{modname}.conf" + ) } + end + + describe "Check default type" do + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + context "when default_type => 'none'" do + let :params do + { :default_type => 'none' } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^DefaultType none$} } + end + context "when default_type => 'text/plain'" do + let :params do + { :default_type => 'text/plain' } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^DefaultType text/plain$} } + end + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^DefaultType [.]*$} } + end + end + + describe "Don't create user resource" do + context "when parameter manage_user is false" do + let :params do + { :manage_user => false } + end + + it { is_expected.not_to contain_user('www-data') } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^User www-data\n} } + end + end + describe "Don't create group resource" do + context "when parameter manage_group is false" do + let :params do + { :manage_group => false } + end + + it { is_expected.not_to contain_group('www-data') } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^Group www-data\n} } + end + end + + describe "Add extra LogFormats" do + context "When parameter log_formats is a hash" do + let :params do + { :log_formats => { + 'vhost_common' => "%v %h %l %u %t \"%r\" %>s %b", + 'vhost_combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" + } } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" vhost_combined\n} } + end + end + + describe "Override existing LogFormats" do + context "When parameter log_formats is a hash" do + let :params do + { :log_formats => { + 'common' => "%v %h %l %u %t \"%r\" %>s %b", + 'combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" + } } + end + + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" common\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + it { is_expected.to contain_file("/etc/apache2/apache2.conf").without_content %r{^LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-agent\}i\"" combined\n} } + end + end + + context "8" do + let :facts do + super().merge({ + :lsbdistcodename => 'jessie', + :operatingsystemrelease => '8' + }) + end + it { is_expected.to contain_file("/var/www/html").with( + 'ensure' => 'directory' + ) + } + end + context "on Ubuntu" do + let :facts do + super().merge({ + :operatingsystem => 'Ubuntu' + }) + end + + context "14.04" do + let :facts do + super().merge({ + :lsbdistrelease => '14.04', + :operatingsystemrelease => '14.04' + }) + end + it { is_expected.to contain_file("/var/www/html").with( + 'ensure' => 'directory' + ) + } + end + context "13.10" do + let :facts do + super().merge({ + :lsbdistrelease => '13.10', + :operatingsystemrelease => '13.10' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.4') } + end + context "12.04" do + let :facts do + super().merge({ + :lsbdistrelease => '12.04', + :operatingsystemrelease => '12.04' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.2') } + end + context "13.04" do + let :facts do + super().merge({ + :lsbdistrelease => '13.04', + :operatingsystemrelease => '13.04' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.2') } + end + end + end + context "on a RedHat 5 OS" do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '5', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("httpd").with( + 'notify' => 'Class[Apache::Service]', + 'ensure' => 'installed' + ) + } + it { is_expected.to contain_user("apache") } + it { is_expected.to contain_group("apache") } + it { is_expected.to contain_class("apache::service") } + it { is_expected.to contain_file("/var/www/html").with( + 'ensure' => 'directory' + ) + } + it { is_expected.to contain_file("/etc/httpd/conf.d").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) + } + it { is_expected.to contain_concat("/etc/httpd/conf/ports.conf").with( + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'notify' => 'Class[Apache::Service]' + ) + } + describe "Alternate confd/mod/vhosts directory" do + let :params do + { + :vhost_dir => '/etc/httpd/site.d', + :confd_dir => '/etc/httpd/conf.d', + :mod_dir => '/etc/httpd/mod.d', + } + end + + ['mod.d','site.d','conf.d'].each do |dir| + it { is_expected.to contain_file("/etc/httpd/#{dir}").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + end + + # Assert that load files are placed for these mods, but no conf file. + [ + 'auth_basic', + 'authn_file', + 'authz_default', + 'authz_groupfile', + 'authz_host', + 'authz_user', + 'dav', + 'env', + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with_path( + "/etc/httpd/mod.d/#{modname}.load" + ) } + it { is_expected.not_to contain_file("#{modname}.conf").with_path( + "/etc/httpd/mod.d/#{modname}.conf" + ) } + end + + # Assert that both load files and conf files are placed for these mods + [ + 'alias', + 'autoindex', + 'dav_fs', + 'deflate', + 'dir', + 'mime', + 'negotiation', + 'setenvif', + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with_path( + "/etc/httpd/mod.d/#{modname}.load" + ) } + it { is_expected.to contain_file("#{modname}.conf").with_path( + "/etc/httpd/mod.d/#{modname}.conf" + ) } + end + + context "with Apache version < 2.4" do + let :params do + { :apache_version => '2.2' } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + :use_optional_includes => true + } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^IncludeOptional "/etc/httpd/conf\.d/\*\.conf"$} } + end + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + :rewrite_lock => '/var/lock/subsys/rewrite-lock' + } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^RewriteLock /var/lock/subsys/rewrite-lock$} } + end + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2' + } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^RewriteLock [.]*$} } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + :rewrite_lock => '/var/lock/subsys/rewrite-lock' + } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^RewriteLock [.]*$} } + end + + context "when specifying slash encoding behaviour" do + let :params do + { :allow_encoded_slashes => 'nodecode' } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^AllowEncodedSlashes nodecode$} } + end + + context "when specifying default character set" do + let :params do + { :default_charset => 'none' } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^AddDefaultCharset none$} } + end + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + context "when default_type => 'none'" do + let :params do + { :default_type => 'none' } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^DefaultType none$} } + end + context "when default_type => 'text/plain'" do + let :params do + { :default_type => 'text/plain' } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^DefaultType text/plain$} } + end + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").without_content %r{^DefaultType [.]*$} } + end + + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/site\.d/\*"$} } + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.conf"$} } + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.load"$} } + end + + describe "Alternate conf directory" do + let :params do + { :conf_dir => '/opt/rh/root/etc/httpd/conf' } + end + + it { is_expected.to contain_file("/opt/rh/root/etc/httpd/conf/httpd.conf").with( + 'ensure' => 'file', + 'notify' => 'Class[Apache::Service]', + 'require' => ['Package[httpd]', 'Concat[/etc/httpd/conf/ports.conf]'], + ) } + end + + describe "Alternate conf.d directory" do + let :params do + { :confd_dir => '/etc/httpd/special_conf.d' } + end + + it { is_expected.to contain_file("/etc/httpd/special_conf.d").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + end + + describe "Alternate mpm_modules" do + context "when declaring mpm_module is false" do + let :params do + { :mpm_module => false } + end + it 'should not declare mpm modules' do + is_expected.not_to contain_class('apache::mod::event') + is_expected.not_to contain_class('apache::mod::itk') + is_expected.not_to contain_class('apache::mod::peruser') + is_expected.not_to contain_class('apache::mod::prefork') + is_expected.not_to contain_class('apache::mod::worker') + end + end + context "when declaring mpm_module => prefork" do + let :params do + { :mpm_module => 'prefork' } + end + it { is_expected.to contain_class('apache::mod::prefork') } + it { is_expected.not_to contain_class('apache::mod::event') } + it { is_expected.not_to contain_class('apache::mod::itk') } + it { is_expected.not_to contain_class('apache::mod::peruser') } + it { is_expected.not_to contain_class('apache::mod::worker') } + end + context "when declaring mpm_module => worker" do + let :params do + { :mpm_module => 'worker' } + end + it { is_expected.to contain_class('apache::mod::worker') } + it { is_expected.not_to contain_class('apache::mod::event') } + it { is_expected.not_to contain_class('apache::mod::itk') } + it { is_expected.not_to contain_class('apache::mod::peruser') } + it { is_expected.not_to contain_class('apache::mod::prefork') } + end + context "when declaring mpm_module => breakme" do + let :params do + { :mpm_module => 'breakme' } + end + it { expect { catalogue }.to raise_error Puppet::Error, /does not match/ } + end + end + + describe "different templates for httpd.conf" do + context "with default" do + let :params do + { :conf_template => 'apache/httpd.conf.erb' } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^# Security\n} } + end + context "with non-default" do + let :params do + { :conf_template => 'site_apache/fake.conf.erb' } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Fake template for rspec.$} } + end + end + + describe "default mods" do + context "without" do + let :params do + { :default_mods => false } + end + + it { is_expected.to contain_apache__mod('authz_host') } + it { is_expected.not_to contain_apache__mod('env') } + end + context "custom" do + let :params do + { :default_mods => [ + 'info', + 'alias', + 'mime', + 'env', + 'setenv', + 'expires', + ]} + end + + it { is_expected.to contain_apache__mod('authz_host') } + it { is_expected.to contain_apache__mod('env') } + it { is_expected.to contain_class('apache::mod::info') } + it { is_expected.to contain_class('apache::mod::mime') } + end + end + describe "Don't create user resource" do + context "when parameter manage_user is false" do + let :params do + { :manage_user => false } + end + + it { is_expected.not_to contain_user('apache') } + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^User apache\n} } + end + end + describe "Don't create group resource" do + context "when parameter manage_group is false" do + let :params do + { :manage_group => false } + end + + it { is_expected.not_to contain_group('apache') } + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Group apache\n} } + + end + end + describe "sendfile" do + context "with invalid value" do + let :params do + { :sendfile => 'foo' } + end + it "should fail" do + expect do + catalogue + end.to raise_error(Puppet::Error, /"foo" does not match/) + end + end + context "On" do + let :params do + { :sendfile => 'On' } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile On\n} } + end + context "Off" do + let :params do + { :sendfile => 'Off' } + end + it { is_expected.to contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile Off\n} } + end + end + context "on Fedora" do + let :facts do + super().merge({ + :operatingsystem => 'Fedora' + }) + end + + context "21" do + let :facts do + super().merge({ + :lsbdistrelease => '21', + :operatingsystemrelease => '21' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.4') } + end + context "Rawhide" do + let :facts do + super().merge({ + :lsbdistrelease => 'Rawhide', + :operatingsystemrelease => 'Rawhide' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.4') } + end + # kinda obsolete + context "17" do + let :facts do + super().merge({ + :lsbdistrelease => '17', + :operatingsystemrelease => '17' + }) + end + it { is_expected.to contain_class('apache').with_apache_version('2.2') } + end + end + end + context "on a FreeBSD OS" do + let :facts do + { + :id => 'root', + :kernel => 'FreeBSD', + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '10', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::package").with({'ensure' => 'present'}) } + it { is_expected.to contain_user("www") } + it { is_expected.to contain_group("www") } + it { is_expected.to contain_class("apache::service") } + it { is_expected.to contain_file("/usr/local/www/apache24/data").with( + 'ensure' => 'directory' + ) + } + it { is_expected.to contain_file("/usr/local/etc/apache24/Vhosts").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + it { is_expected.to contain_file("/usr/local/etc/apache24/Modules").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + it { is_expected.to contain_concat("/usr/local/etc/apache24/ports.conf").with( + 'owner' => 'root', + 'group' => 'wheel', + 'mode' => '0644', + 'notify' => 'Class[Apache::Service]' + ) } + # Assert that load files are placed for these mods, but no conf file. + [ + 'auth_basic', + 'authn_core', + 'authn_file', + 'authz_groupfile', + 'authz_host', + 'authz_user', + 'dav', + 'env' + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with( + 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", + 'ensure' => 'file' + ) } + it { is_expected.not_to contain_file("#{modname}.conf") } + end + + # Assert that both load files and conf files are placed for these mods + [ + 'alias', + 'autoindex', + 'dav_fs', + 'deflate', + 'dir', + 'mime', + 'negotiation', + 'setenvif', + ].each do |modname| + it { is_expected.to contain_file("#{modname}.load").with( + 'path' => "/usr/local/etc/apache24/Modules/#{modname}.load", + 'ensure' => 'file' + ) } + it { is_expected.to contain_file("#{modname}.conf").with( + 'path' => "/usr/local/etc/apache24/Modules/#{modname}.conf", + 'ensure' => 'file' + ) } + end + end + context "on a Gentoo OS" do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_user("apache") } + it { is_expected.to contain_group("apache") } + it { is_expected.to contain_class("apache::service") } + it { is_expected.to contain_file("/var/www/localhost/htdocs").with( + 'ensure' => 'directory' + ) + } + it { is_expected.to contain_file("/etc/apache2/vhosts.d").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + it { is_expected.to contain_file("/etc/apache2/modules.d").with( + 'ensure' => 'directory', + 'recurse' => 'true', + 'purge' => 'true', + 'notify' => 'Class[Apache::Service]', + 'require' => 'Package[httpd]' + ) } + it { is_expected.to contain_concat("/etc/apache2/ports.conf").with( + 'owner' => 'root', + 'group' => 'wheel', + 'mode' => '0644', + 'notify' => 'Class[Apache::Service]' + ) } + end + context 'on all OSes' do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'with a custom apache_name parameter' do + let :params do { + :apache_name => 'httpd24-httpd' + } + end + it { is_expected.to contain_package("httpd").with( + 'notify' => 'Class[Apache::Service]', + 'ensure' => 'installed', + 'name' => 'httpd24-httpd' + ) + } + end + context 'with a custom file_mode parameter' do + let :params do { + :file_mode => '0640' + } + end + it { is_expected.to contain_concat("/etc/httpd/conf/ports.conf").with( + 'mode' => '0640', + ) + } + end + context 'default vhost defaults' do + it { is_expected.to contain_apache__vhost('default').with_ensure('present') } + it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('absent') } + end + context 'without default non-ssl vhost' do + let :params do { + :default_vhost => false + } + end + it { is_expected.to contain_apache__vhost('default').with_ensure('absent') } + it { is_expected.not_to contain_file('/var/www/html') } + end + context 'with default ssl vhost' do + let :params do { + :default_ssl_vhost => true + } + end + it { is_expected.to contain_apache__vhost('default-ssl').with_ensure('present') } + it { is_expected.to contain_file('/var/www/html') } + end + end + context 'with unsupported osfamily' do + let :facts do + { :osfamily => 'Darwin', + :operatingsystemrelease => '13.1.0', + :concat_basedir => '/dne', + :is_pe => false, + } + end + + it do + expect { + catalogue + }.to raise_error(Puppet::Error, /Unsupported osfamily/) + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/spec_helper.rb b/modules/services/unix/http/apache/module/apache/spec/spec_helper.rb new file mode 100644 index 000000000..475b72c07 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/spec_helper.rb @@ -0,0 +1,23 @@ +require 'puppetlabs_spec_helper/module_spec_helper' + +RSpec.configure do |c| + c.before :each do + # Ensure that we don't accidentally cache facts and environment + # between test cases. + Facter::Util::Loader.any_instance.stubs(:load_all) + Facter.clear + Facter.clear_messages + + # Store any environment variables away to be restored later + @old_env = {} + ENV.each_key {|k| @old_env[k] = ENV[k]} + + if ENV['STRICT_VARIABLES'] == 'yes' + Puppet.settings[:strict_variables]=true + end + end +end + +shared_examples :compile, :compile => true do + it { should compile.with_all_deps } +end diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile deleted file mode 100644 index f8ddad569..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Gemfile +++ /dev/null @@ -1,18 +0,0 @@ -source 'https://rubygems.org' - -puppetversion = ENV['PUPPET_VERSION'] - -is_ruby18 = RUBY_VERSION.start_with? '1.8' - -if is_ruby18 - gem 'rspec', "~> 3.1.0", :require => false -end -gem 'puppet', puppetversion, :require => false -gem 'puppet-lint' -gem 'puppetlabs_spec_helper', '>= 0.1.0' -gem 'rspec-puppet' -gem 'metadata-json-lint' - -group :development do - gem 'puppet-blacksmith' -end diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md b/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md deleted file mode 100644 index 5ee018ea6..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/README.md +++ /dev/null @@ -1,236 +0,0 @@ -# Puppet module: apache - -This is a Puppet apache module from the second generation of Example42 Puppet Modules. - -Made by Alessandro Franceschi / Lab42 - -Official site: http://www.example42.com - -Official git repository: http://github.com/example42/puppet-apache - -Released under the terms of Apache 2 License. - -This module requires functions provided by the Example42 Puppi module. - -For detailed info about the logic and usage patterns of Example42 modules read README.usage on Example42 main modules set. - -## USAGE - Module specific usage - -* Install apache with a custom httpd.conf template and some virtual hosts - - class { 'apache': - template => 'example42/apache/httpd.conf.erb', - } - - apache::vhost { 'mysite': - docroot => '/path/to/docroot', - template => 'example42/apache/vhost/mysite.com.erb', - } - - -* Install mod ssl - - include apache::ssl - - -* Manage basic auth users (Here user joe is created with the $crypt_password on the defined htpasswd_file - - apache::htpasswd { 'joe': - crypt_password => 'B5dPQYYjf.jjA', - htpasswd_file => '/etc/httpd/users.passwd', - } - - -* Manage custom configuration files (created in conf.d, source or content can be defined) - - apache::dotconf { 'trac': - content => template("site/trac/apache.conf.erb") - } - - -* Add other listening ports (a relevant NameVirtualHost directive is automatically created) - - apache::listen { '8080': } - - -* Add other listening ports without creating a relevant NameVirtualHost directive - - apache::listen { '8080': - $namevirtualhost = false, - } - - -* Add an apache module and manage its configuraton - - apache::module { 'proxy': - templatefile => 'site/apache/module/proxy.conf.erb', - } - - -* Install mod passenger - - include apache::passenger - - -## USAGE - Basic management - -* Install apache with default settings - - class { "apache": } - -* Disable apache service. - - class { "apache": - disable => true - } - -* Disable apache service at boot time, but don't stop if is running. - - class { "apache": - disableboot => true - } - -* Remove apache package - - class { "apache": - absent => true - } - -* Enable auditing without making changes on existing apache configuration files - - class { "apache": - audit_only => true - } - -* Install apache with a specific version - - class { "apache": - version => '2.2.22' - } - - -## USAGE - Default server management - -* Simple way to manage default apache configuration - - apache::vhost { 'default': - docroot => '/var/www/document_root', - server_name => false, - priority => '', - template => 'apache/virtualhost/vhost.conf.erb', - } - -* Using a source file to create the vhost - - apache::vhost { 'default': - source => 'puppet:///files/web/default.conf', - template => '', - } - - -## USAGE - Overrides and Customizations - -* Use custom sources for main config file - - class { "apache": - source => [ "puppet:///modules/lab42/apache/apache.conf-${hostname}" , "puppet:///modules/lab42/apache/apache.conf" ], - } - - -* Use custom source directory for the whole configuration dir - - class { "apache": - source_dir => "puppet:///modules/lab42/apache/conf/", - source_dir_purge => false, # Set to true to purge any existing file not present in $source_dir - } - -* Use custom template for main config file - - class { "apache": - template => "example42/apache/apache.conf.erb", - } - -* Define custom options that can be used in a custom template without the - need to add parameters to the apache class - - class { "apache": - template => "example42/apache/apache.conf.erb", - options => { - 'LogLevel' => 'INFO', - 'UsePAM' => 'yes', - }, - } - -* Automaticallly include a custom subclass - - class { "apache:" - my_class => 'apache::example42', - } - -## USAGE - Hiera Support -* Manage apache configuration using Hiera - -```yaml -apache::template: 'modules/apache/apache2.conf.erb' -apache::options: - timeout: '300' - keepalive: 'On' - maxkeepaliverequests: '100' - keepalivetimeout: '5' -``` - -* Defining Apache resources using Hiera - -```yaml -apache::virtualhost_hash: - 'mysite.com': - documentroot: '/var/www/mysite.com' - aliases: 'www.mysite.com' -apache::htpasswd_hash: - 'myuser': - crypt_password: 'password1' - htpasswd_file: '/etc/apache2/users.passwd' -apache::listen_hash: - '8080': - namevirtualhost: '*' -apache::module_hash: - 'status': - ensure: present -``` - -## USAGE - Example42 extensions management -* Activate puppi (recommended, but disabled by default) - Note that this option requires the usage of Example42 puppi module - - class { "apache": - puppi => true, - } - -* Activate puppi and use a custom puppi_helper template (to be provided separately with - a puppi::helper define ) to customize the output of puppi commands - - class { "apache": - puppi => true, - puppi_helper => "myhelper", - } - -* Activate automatic monitoring (recommended, but disabled by default) - This option requires the usage of Example42 monitor and relevant monitor tools modules - - class { "apache": - monitor => true, - monitor_tool => [ "nagios" , "monit" , "munin" ], - } - -* Activate automatic firewalling - This option requires the usage of Example42 firewall and relevant firewall tools modules - - class { "apache": - firewall => true, - firewall_tool => "iptables", - firewall_src => "10.42.0.0/24", - firewall_dst => "$ipaddress_eth0", - } - - -[![Build Status](https://travis-ci.org/example42/puppet-apache.png?branch=master)](https://travis-ci.org/example42/puppet-apache) diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile b/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile deleted file mode 100644 index d7a2a69fd..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/Rakefile +++ /dev/null @@ -1,12 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint' -PuppetLint.configuration.send("disable_80chars") -PuppetLint.configuration.send('disable_class_parameter_defaults') - -# Blacksmith -begin - require 'puppet_blacksmith/rake_tasks' -rescue LoadError - puts "Blacksmith needed only to push to the Forge" -end diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json b/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json deleted file mode 100644 index 7672aee84..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/checksums.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "Gemfile": "08b4b449407602e452a4d939c92d8fd2", - "LICENSE": "a300b604c66de62cf6e923cca89c9d83", - "README.md": "eda04faa84f9fdd551768ae1653ffb94", - "Rakefile": "beb946c8ed36b603d578cc9ca17ca85d", - "manifests/dotconf.pp": "575cab47757dcf509f1e1e8ac11b644b", - "manifests/htpasswd.pp": "b61c60bf0ff48b8fae5ae74370eec18e", - "manifests/init.pp": "3f856f760da332ae66429de7b2e3ac1c", - "manifests/listen.pp": "b2e74f8aa59829c0644b836a8d0e4c2d", - "manifests/module.pp": "8cd0fcdb5495ac1df21d8d4bf14f2782", - "manifests/params.pp": "b708a3a8faa792f25fa36232982c091d", - "manifests/passenger.pp": "471b18ed8769eb16b1fbeb955e3d28c9", - "manifests/redhat.pp": "7bf95178474b51eb75a37931e4ec4d2f", - "manifests/spec.pp": "27b6dcd653caef771ac053e2df3260e9", - "manifests/ssl.pp": "7a2feb658749e0cb8414893da77565f1", - "manifests/vhost.pp": "cead2da83f4059f8236c9acbfc6b97ec", - "manifests/virtualhost.pp": "caba8b56341d8a765f5ad136ddaa45fe", - "metadata.json": "b3fa4d5d439ae3641593797312250da0", - "spec/classes/apache_spec.rb": "8b9164190257524c21ffe86c08678dfd", - "spec/defines/apache_virtualhost_spec.rb": "ae7bd850a64d89233675385c1f605ab8", - "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", - "templates/00-NameVirtualHost.conf.erb": "a410a82e9c65d36c7537bfb36a7a3041", - "templates/listen.conf.erb": "47fe4e9a45f066ac5bd9cbbfe1fd0bd2", - "templates/module/proxy.conf.erb": "2eccd5a67ff4070bdd6ed8cd98b4bbda", - "templates/spec.erb": "055d4f22a02a677753cf922108b6e50c", - "templates/virtualhost/vhost.conf.erb": "4e6d66668b21c1cf28c11f6fcf536f18", - "templates/virtualhost/virtualhost.conf.erb": "a6f72c70e83bec34a85071b9bbef3b3d", - "tests/vhost.pp": "a2ee77862630ba4f7e0fdfb10a8dca79" -} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp deleted file mode 100644 index accb8be78..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/init.pp +++ /dev/null @@ -1,528 +0,0 @@ - -# = Class: apache -# -# This is the main apache class -# -# -# == Parameters -# -# Standard class parameters -# Define the general class behaviour and customizations -# -# [*my_class*] -# Name of a custom class to autoload to manage module's customizations -# If defined, apache class will automatically "include $my_class" -# Can be defined also by the (top scope) variable $apache_myclass -# -# [*source*] -# Sets the content of source parameter for main configuration file -# If defined, apache main config file will have the param: source => $source -# Can be defined also by the (top scope) variable $apache_source -# -# [*source_dir*] -# If defined, the whole apache configuration directory content is retrieved -# recursively from the specified source -# (source => $source_dir , recurse => true) -# Can be defined also by the (top scope) variable $apache_source_dir -# -# [*source_dir_purge*] -# If set to true (default false) the existing configuration directory is -# mirrored with the content retrieved from source_dir -# (source => $source_dir , recurse => true , purge => true) -# Can be defined also by the (top scope) variable $apache_source_dir_purge -# -# [*template*] -# Sets the path to the template to use as content for main configuration file -# If defined, apache main config file has: content => content("$template") -# Note source and template parameters are mutually exclusive: don't use both -# Can be defined also by the (top scope) variable $apache_template -# -# [*options*] -# An hash of custom options to be used in templates for arbitrary settings. -# Can be defined also by the (top scope) variable $apache_options -# -# [*service_autorestart*] -# Automatically restarts the apache service when there is a change in -# configuration files. Default: true, Set to false if you don't want to -# automatically restart the service. -# -# [*service_requires*] -# Overwrites the service dependencies, which are by default: Package['apache']. -# Set this parameter to a custom set of requirements, if you want to let the -# Apache service depend on more than just the package dependency. -# -# [*absent*] -# Set to 'true' to remove package(s) installed by module -# Can be defined also by the (top scope) variable $apache_absent -# -# [*disable*] -# Set to 'true' to disable service(s) managed by module -# Can be defined also by the (top scope) variable $apache_disable -# -# [*disableboot*] -# Set to 'true' to disable service(s) at boot, without checks if it's running -# Use this when the service is managed by a tool like a cluster software -# Can be defined also by the (top scope) variable $apache_disableboot -# -# [*monitor*] -# Set to 'true' to enable monitoring of the services provided by the module -# Can be defined also by the (top scope) variables $apache_monitor -# and $monitor -# -# [*monitor_tool*] -# Define which monitor tools (ad defined in Example42 monitor module) -# you want to use for apache checks -# Can be defined also by the (top scope) variables $apache_monitor_tool -# and $monitor_tool -# -# [*monitor_target*] -# The Ip address or hostname to use as a target for monitoring tools. -# Default is the fact $ipaddress -# Can be defined also by the (top scope) variables $apache_monitor_target -# and $monitor_target -# -# [*puppi*] -# Set to 'true' to enable creation of module data files that are used by puppi -# Can be defined also by the (top scope) variables $apache_puppi and $puppi -# -# [*puppi_helper*] -# Specify the helper to use for puppi commands. The default for this module -# is specified in params.pp and is generally a good choice. -# You can customize the output of puppi commands for this module using another -# puppi helper. Use the define puppi::helper to create a new custom helper -# Can be defined also by the (top scope) variables $apache_puppi_helper -# and $puppi_helper -# -# [*firewall*] -# Set to 'true' to enable firewalling of the services provided by the module -# Can be defined also by the (top scope) variables $apache_firewall -# and $firewall -# -# [*firewall_tool*] -# Define which firewall tool(s) (ad defined in Example42 firewall module) -# you want to use to open firewall for apache port(s) -# Can be defined also by the (top scope) variables $apache_firewall_tool -# and $firewall_tool -# -# [*firewall_src*] -# Define which source ip/net allow for firewalling apache. Default: 0.0.0.0/0 -# Can be defined also by the (top scope) variables $apache_firewall_src -# and $firewall_src -# -# [*firewall_dst*] -# Define which destination ip to use for firewalling. Default: $ipaddress -# Can be defined also by the (top scope) variables $apache_firewall_dst -# and $firewall_dst -# -# [*debug*] -# Set to 'true' to enable modules debugging -# Can be defined also by the (top scope) variables $apache_debug and $debug -# -# [*audit_only*] -# Set to 'true' if you don't intend to override existing configuration files -# and want to audit the difference between existing files and the ones -# managed by Puppet. -# Can be defined also by the (top scope) variables $apache_audit_only -# and $audit_only -# -# Default class params - As defined in apache::params. -# Note that these variables are mostly defined and used in the module itself, -# overriding the default values might not affected all the involved components. -# Set and override them only if you know what you're doing. -# Note also that you can't override/set them via top scope variables. -# -# [*package*] -# The name of apache package -# -# [*service*] -# The name of apache service -# -# [*service_status*] -# If the apache service init script supports status argument -# -# [*process*] -# The name of apache process -# -# [*process_args*] -# The name of apache arguments. Used by puppi and monitor. -# Used only in case the apache process name is generic (java, ruby...) -# -# [*process_user*] -# The name of the user apache runs with. Used by puppi and monitor. -# -# [*config_dir*] -# Main configuration directory. Used by puppi -# -# [*config_file*] -# Main configuration file path -# -# [*config_file_mode*] -# Main configuration file path mode -# -# [*config_file_owner*] -# Main configuration file path owner -# -# [*config_file_group*] -# Main configuration file path group -# -# [*config_file_init*] -# Path of configuration file sourced by init script -# -# [*config_file_default_purge*] -# Set to 'true' to purge the default configuration file -# -# [*pid_file*] -# Path of pid file. Used by monitor -# -# [*data_dir*] -# Path of application data directory. Used by puppi -# -# [*log_dir*] -# Base logs directory. Used by puppi -# -# [*log_file*] -# Log file(s). Used by puppi -# -# [*port*] -# The listening port, if any, of the service. -# This is used by monitor, firewall and puppi (optional) components -# Note: This doesn't necessarily affect the service configuration file -# Can be defined also by the (top scope) variable $apache_port -# -# [*ssl_port*] -# The ssl port, used if apache::ssl is included and monitor/firewall -# are enabled -# -# [*protocol*] -# The protocol used by the the service. -# This is used by monitor, firewall and puppi (optional) components -# Can be defined also by the (top scope) variable $apache_protocol -# -# [*version*] -# The version of apache package to be installed -# -# -# == Examples -# -# You can use this class in 2 ways: -# - Set variables (at top scope level on in a ENC) and "include apache" -# - Call apache as a parametrized class -# -# See README for details. -# -# -# == Author -# Alessandro Franceschi -# -class apache ( - $my_class = params_lookup( 'my_class' ), - $source = params_lookup( 'source' ), - $source_dir = params_lookup( 'source_dir' ), - $source_dir_purge = params_lookup( 'source_dir_purge' ), - $template = params_lookup( 'template' ), - $service_autorestart = params_lookup( 'service_autorestart' , 'global' ), - $options = params_lookup( 'options' ), - $absent = params_lookup( 'absent' ), - $disable = params_lookup( 'disable' ), - $disableboot = params_lookup( 'disableboot' ), - $monitor = params_lookup( 'monitor' , 'global' ), - $monitor_tool = params_lookup( 'monitor_tool' , 'global' ), - $monitor_target = params_lookup( 'monitor_target' , 'global' ), - $puppi = params_lookup( 'puppi' , 'global' ), - $puppi_helper = params_lookup( 'puppi_helper' , 'global' ), - $firewall = params_lookup( 'firewall' , 'global' ), - $firewall_tool = params_lookup( 'firewall_tool' , 'global' ), - $firewall_src = params_lookup( 'firewall_src' , 'global' ), - $firewall_dst = params_lookup( 'firewall_dst' , 'global' ), - $debug = params_lookup( 'debug' , 'global' ), - $audit_only = params_lookup( 'audit_only' , 'global' ), - $package = params_lookup( 'package' ), - $service = params_lookup( 'service' ), - $service_status = params_lookup( 'service_status' ), - $service_requires = params_lookup( 'service_requires' ), - $process = params_lookup( 'process' ), - $process_args = params_lookup( 'process_args' ), - $process_user = params_lookup( 'process_user' ), - $config_dir = params_lookup( 'config_dir' ), - $config_file = params_lookup( 'config_file' ), - $config_file_mode = params_lookup( 'config_file_mode' ), - $config_file_owner = params_lookup( 'config_file_owner' ), - $config_file_group = params_lookup( 'config_file_group' ), - $config_file_init = params_lookup( 'config_file_init' ), - $config_file_default_purge = params_lookup( 'config_file_default_purge'), - $pid_file = params_lookup( 'pid_file' ), - $data_dir = params_lookup( 'data_dir' ), - $log_dir = params_lookup( 'log_dir' ), - $log_file = params_lookup( 'log_file' ), - $port = params_lookup( 'port' ), - $ssl_port = params_lookup( 'ssl_port' ), - $protocol = params_lookup( 'protocol' ), - $version = params_lookup( 'version' ), - $dotconf_hash = params_lookup( 'dotconf_hash'), - $htpasswd_hash = params_lookup( 'htpasswd_hash'), - $listen_hash = params_lookup( 'listen_hash'), - $module_hash = params_lookup( 'module_hash'), - $vhost_hash = params_lookup( 'vhost_hash'), - $virtualhost_hash = params_lookup( 'virtualhost_hash'), - ) inherits apache::params { - - $bool_source_dir_purge=any2bool($source_dir_purge) - $bool_service_autorestart=any2bool($service_autorestart) - $bool_absent=any2bool($absent) - $bool_disable=any2bool($disable) - $bool_disableboot=any2bool($disableboot) - $bool_monitor=any2bool($monitor) - $bool_puppi=any2bool($puppi) - $bool_firewall=any2bool($firewall) - $bool_debug=any2bool($debug) - $bool_audit_only=any2bool($audit_only) - - ## Integration with Hiera - if $dotconf_hash != {} { - validate_hash($dotconf_hash) - create_resources('apache::dotconf', $dotconf_hash) - } - if $htpasswd_hash != {} { - validate_hash($htpasswd_hash) - create_resources('apache::htpasswd', $htpasswd_hash) - } - if $listen_hash != {} { - validate_hash($listen_hash) - create_resources('apache::listen', $listen_hash) - } - if $module_hash != {} { - validate_hash($module_hash) - create_resources('apache::module', $module_hash) - } - if $vhost_hash != {} { - validate_hash($vhost_hash) - create_resources('apache::vhost', $vhost_hash) - } - if $virtualhost_hash != {} { - validate_hash($virtualhost_hash) - create_resources('apache::virtualhost', $virtualhost_hash) - } - - ### Calculation of variables that dependes on arguments - $vdir = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => "${apache::config_dir}/sites-available", - SLES => "${apache::config_dir}/vhosts.d", - default => "${apache::config_dir}/conf.d", - } - - case $::operatingsystem { - /(?i:Ubuntu)/ : { - case $::lsbmajdistrelease { - /14/ : { - $dotconf_dir = "${apache::config_dir}/conf-available" - } - default: { - $dotconf_dir = "${apache::config_dir}/conf.d" - } - } - } - /(?i:Debian)/ : { - case $::lsbmajdistrelease { - /8/ : { - $dotconf_dir = "${apache::config_dir}/conf-available" - } - default: { - $dotconf_dir = "${apache::config_dir}/conf.d" - } - } - } - default: { - $dotconf_dir = "${apache::config_dir}/conf.d" - } - } - - ### Definition of some variables used in the module - $manage_package = $apache::bool_absent ? { - true => 'absent', - false => $apache::version ? { - '' => 'present', - default => $apache::version, - }, - } - - $manage_service_enable = $apache::bool_disableboot ? { - true => false, - default => $apache::bool_disable ? { - true => false, - default => $apache::bool_absent ? { - true => false, - false => true, - }, - }, - } - - $manage_service_ensure = $apache::bool_disable ? { - true => 'stopped', - default => $apache::bool_absent ? { - true => 'stopped', - default => 'running', - }, - } - - $manage_service_autorestart = $apache::bool_service_autorestart ? { - true => 'Service[apache]', - false => undef, - } - - $manage_file = $apache::bool_absent ? { - true => 'absent', - default => 'present', - } - - if $apache::bool_absent == true - or $apache::bool_disable == true - or $apache::bool_monitor == false - or $apache::bool_disableboot == true { - $manage_monitor = false - } else { - $manage_monitor = true - } - - if $apache::bool_absent == true or $apache::bool_disable == true { - $manage_firewall = false - } else { - $manage_firewall = true - } - - $manage_audit = $apache::bool_audit_only ? { - true => 'all', - false => undef, - } - - $manage_file_replace = $apache::bool_audit_only ? { - true => false, - false => true, - } - - $manage_file_source = $apache::source ? { - '' => undef, - default => $apache::source, - } - - $manage_file_content = $apache::template ? { - '' => undef, - default => template($apache::template), - } - - ### Managed resources - package { 'apache': - ensure => $apache::manage_package, - name => $apache::package, - } - - service { 'apache': - ensure => $apache::manage_service_ensure, - name => $apache::service, - enable => $apache::manage_service_enable, - hasstatus => $apache::service_status, - pattern => $apache::process, - require => $service_requires, - } - - file { 'apache.conf': - ensure => $apache::manage_file, - path => $apache::config_file, - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - source => $apache::manage_file_source, - content => $apache::manage_file_content, - replace => $apache::manage_file_replace, - audit => $apache::manage_audit, - } - - # The whole apache configuration directory can be recursively overriden - if $apache::source_dir and $apache::source_dir != '' { - file { 'apache.dir': - ensure => directory, - path => $apache::config_dir, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - source => $apache::source_dir, - recurse => true, - purge => $apache::bool_source_dir_purge, - force => $apache::bool_source_dir_purge, - replace => $apache::manage_file_replace, - audit => $apache::manage_audit, - } - } - - if $apache::config_file_default_purge { - apache::vhost { 'default': - enable => false, - priority => '', - } - } - - ### Include custom class if $my_class is set - if $apache::my_class and $apache::my_class != '' { - include $apache::my_class - } - - - ### Provide puppi data, if enabled ( puppi => true ) - if $apache::bool_puppi == true { - $classvars=get_class_args() - puppi::ze { 'apache': - ensure => $apache::manage_file, - variables => $classvars, - helper => $apache::puppi_helper, - } - } - - - ### Service monitoring, if enabled ( monitor => true ) - if $apache::monitor_tool { - monitor::port { "apache_${apache::protocol}_${apache::port}": - protocol => $apache::protocol, - port => $apache::port, - target => $apache::monitor_target, - tool => $apache::monitor_tool, - enable => $apache::manage_monitor, - } - monitor::process { 'apache_process': - process => $apache::process, - service => $apache::service, - pidfile => $apache::pid_file, - user => $apache::process_user, - argument => $apache::process_args, - tool => $apache::monitor_tool, - enable => $apache::manage_monitor, - } - } - - - ### Firewall management, if enabled ( firewall => true ) - if $apache::bool_firewall == true { - firewall { "apache_${apache::protocol}_${apache::port}": - source => $apache::firewall_src, - destination => $apache::firewall_dst, - protocol => $apache::protocol, - port => $apache::port, - action => 'allow', - direction => 'input', - tool => $apache::firewall_tool, - enable => $apache::manage_firewall, - } - } - - - ### Debugging, if enabled ( debug => true ) - if $apache::bool_debug == true { - file { 'debug_apache': - ensure => $apache::manage_file, - path => "${settings::vardir}/debug-apache", - mode => '0640', - owner => 'root', - group => 'root', - content => inline_template('<%= scope.to_hash.reject { |k,v| k.to_s =~ /(uptime.*|path|timestamp|free|.*password.*|.*psk.*|.*key)/ }.to_yaml %>'), - } - } -} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp deleted file mode 100644 index 093d37142..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/listen.pp +++ /dev/null @@ -1,42 +0,0 @@ -# = Define: apache::listen -# -# This define creates a Listen statement in Apache configuration -# It adds a single configuration file to Apache conf.d with the Listen -# statement -# -# == Parameters -# -# [*namevirtualhost*] -# If to add a NameVirtualHost for this port. Default: * -# (it creates a NameVirtualHost <%= @namevirtualhost %>:<%= @port %> entry) -# Set to false to listen to the port without a NameVirtualHost -# -# == Examples -# apache::listen { '8080':} -# -define apache::listen ( - $namevirtualhost = '*', - $ensure = 'present', - $template = 'apache/listen.conf.erb', - $notify_service = true ) { - - include apache - - $manage_service_autorestart = $notify_service ? { - true => 'Service[apache]', - false => undef, - } - - file { "Apache_Listen_${name}.conf": - ensure => $ensure, - path => "${apache::config_dir}/conf.d/0000_listen_${name}.conf", - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - require => Package['apache'], - notify => $manage_service_autorestart, - content => template($template), - audit => $apache::manage_audit, - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp deleted file mode 100644 index e7496949f..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/params.pp +++ /dev/null @@ -1,158 +0,0 @@ -# Class: apache::params -# -# This class defines default parameters used by the main module class apache -# Operating Systems differences in names and paths are addressed here -# -# == Variables -# -# Refer to apache class for the variables defined here. -# -# == Usage -# -# This class is not intended to be used directly. -# It may be imported or inherited by other classes -# -class apache::params { - - ### Application specific parameters - $package_modssl = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'libapache-mod-ssl', - /(?i:SLES|OpenSuSE)/ => undef, - default => 'mod_ssl', - } - - ### Application related parameters - - $package = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'apache2', - /(?i:SLES|OpenSuSE)/ => 'apache2', - default => 'httpd', - } - - $service = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'apache2', - /(?i:SLES|OpenSuSE)/ => 'apache2', - default => 'httpd', - } - - $service_status = $::operatingsystem ? { - default => true, - } - - $process = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'apache2', - /(?i:SLES|OpenSuSE)/ => 'httpd2-prefork', - default => 'httpd', - } - - $process_args = $::operatingsystem ? { - default => '', - } - - $process_user = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'www-data', - /(?i:SLES|OpenSuSE)/ => 'wwwrun', - default => 'apache', - } - - $config_dir = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => '/etc/apache2', - /(?i:SLES|OpenSuSE)/ => '/etc/apache2', - freebsd => '/usr/local/etc/apache20', - default => '/etc/httpd', - } - - $config_file = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => '/etc/apache2/apache2.conf', - /(?i:SLES|OpenSuSE)/ => '/etc/apache2/httpd.conf', - freebsd => '/usr/local/etc/apache20/httpd.conf', - default => '/etc/httpd/conf/httpd.conf', - } - - $config_file_mode = $::operatingsystem ? { - default => '0644', - } - - $config_file_owner = $::operatingsystem ? { - default => 'root', - } - - $config_file_group = $::operatingsystem ? { - freebsd => 'wheel', - default => 'root', - } - - $config_file_init = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => '/etc/default/apache2', - /(?i:SLES|OpenSuSE)/ => '/etc/sysconfig/apache2', - default => '/etc/sysconfig/httpd', - } - - $pid_file = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => '/var/run/apache2.pid', - /(?i:SLES|OpenSuSE)/ => '/var/run/httpd2.pid', - default => '/var/run/httpd.pid', - } - - $log_dir = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => '/var/log/apache2', - /(?i:SLES|OpenSuSE)/ => '/var/log/apache2', - default => '/var/log/httpd', - } - - $log_file = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => ['/var/log/apache2/access.log','/var/log/apache2/error.log'], - /(?i:SLES|OpenSuSE)/ => ['/var/log/apache2/access.log','/var/log/apache2/error.log'], - default => ['/var/log/httpd/access.log','/var/log/httpd/error.log'], - } - - $data_dir = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => '/var/www', - /(?i:Suse|OpenSuse)/ => '/srv/www/htdocs', - default => '/var/www/html', - } - - $ports_conf_path = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => '/etc/apache2/ports.conf', - default => '', - } - - $port = '80' - $ssl_port = '443' - $protocol = 'tcp' - - # General Settings - $my_class = '' - $source = '' - $source_dir = '' - $source_dir_purge = false - $config_file_default_purge = false - $template = '' - $options = '' - $service_autorestart = true - $service_requires = Package['apache'] - $absent = false - $version = '' - $disable = false - $disableboot = false - - ### General module variables that can have a site or per module default - $monitor = false - $monitor_tool = '' - $monitor_target = $::ipaddress - $firewall = false - $firewall_tool = '' - $firewall_src = '0.0.0.0/0' - $firewall_dst = $::ipaddress - $puppi = false - $puppi_helper = 'standard' - $debug = false - $audit_only = false - $dotconf_hash = {} - $htpasswd_hash = {} - $listen_hash = {} - $module_hash = {} - $vhost_hash = {} - $virtualhost_hash = {} - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp deleted file mode 100644 index 6d0f6d70b..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/ssl.pp +++ /dev/null @@ -1,67 +0,0 @@ -# Class apache::ssl -# -# Apache resources specific for SSL -# -class apache::ssl { - - include apache - - case $::operatingsystem { - ubuntu,debian,mint: { - exec { 'enable-ssl': - command => '/usr/sbin/a2enmod ssl', - creates => '/etc/apache2/mods-enabled/ssl.load', - notify => Service['apache'], - require => Package['apache'], - } - } - - default: { - package { 'mod_ssl': - ensure => present, - require => Package['apache'], - notify => Service['apache'], - } - file { "${apache::config_dir}/ssl.conf": - mode => '0644', - owner => 'root', - group => 'root', - notify => Service['apache'], - } - file {['/var/cache/mod_ssl', '/var/cache/mod_ssl/scache']: - ensure => directory, - owner => 'apache', - group => 'root', - mode => '0700', - require => Package['mod_ssl'], - notify => Service['apache'], - } - } - } - - ### Port monitoring, if enabled ( monitor => true ) - if $apache::bool_monitor == true { - monitor::port { "apache_${apache::protocol}_${apache::ssl_port}": - protocol => $apache::protocol, - port => $apache::ssl_port, - target => $apache::monitor_target, - tool => $apache::monitor_tool, - enable => $apache::manage_monitor, - } - } - - ### Firewall management, if enabled ( firewall => true ) - if $apache::bool_firewall == true { - firewall { "apache_${apache::protocol}_${apache::ssl_port}": - source => $apache::firewall_src, - destination => $apache::firewall_dst, - protocol => $apache::protocol, - port => $apache::ssl_port, - action => 'allow', - direction => 'input', - tool => $apache::firewall_tool, - enable => $apache::manage_firewall, - } - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp deleted file mode 100644 index 8c1d89dac..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/vhost.pp +++ /dev/null @@ -1,275 +0,0 @@ -# = Define: apache::vhost -# -# This class manages Apache Virtual Hosts configuration files -# -# == Parameters: -# [*port*] -# The port to configure the host on - -# [*ip_addr*] -# The ip to configure the host on. Default: * (all IPs) -# -# [*docroot*] -# The VirtualHost DocumentRoot -# -# [*docroot_create*] -# If the specified directory has to be created. Default: false -# -# [*ssl*] -# Set to true to enable SSL for this Virtual Host -# -# [*template*] -# Specify a custom template to use instead of the default one -# The value will be used in content => template($template) -# -# [*source*] -# Source file for vhost. Alternative to template. -# Note that if you decide to source a static file most of the other -# parameters of this define won't be used. -# Note also that if you set a source file, you've to explicitly set -# the template parameter to undef. -# -# [*priority*] -# The priority of the VirtualHost, lower values are evaluated first -# Set to '' to edit default apache value -# -# [*serveraliases*] -# An optional list of space separated ServerAliases -# -# [*env_variables*] -# An optional list of space separated environment variables (e.g ['APP_ENV dev']) -# -# [*server_admin*] -# Server admin email address -# -# [*server_name*] -# An optional way to directly set server name -# False mean, that servername is not present in generated config file -# -# [*passenger*] -# If Passenger should be enabled -# -# [*passenger_high_performance*] -# Set the PassengerHighPerformance directive -# -# [*passenger_pool_max_pool_size*] -# Set the PassengerMaxPoolSize directive -# -# [*passenger_pool_idle_time*] -# Set the PassengerPoolIdleTime directive -# -# [*passenger_max_requests*] -# Set the PassengerMaxRequests directive -# -# [*passenger_stat_throttle_rate*] -# Set the PassengerStatThrottleRate directive -# -# [*passenger_rack_auto_detect*] -# Set the RackAutoDetect directive -# -# [*passenger_rails_auto_detect*] -# Set the RailsAutoDetect directive -# -# [*passenger_rails_env*] -# Set the RailsEnv directive -# -# [*passenger_rails_base_uri*] -# Set the RackBaseURI directive -# -# [*passenger_rack_env*] -# Set the RackEnv directive -# -# [*passenger_rack_base_uri*] -# Set the RackBaseURI directive -# -# [*directory*] -# Set the VHost directory used for the directive -# -# [*directory_options*] -# Set the directory's Options -# -# [*directory_allow_override*] -# Set the directory's override configuration -# -# [*directory_require*] -# Set the Require attribute for Apache 2.4 -# -# [*aliases*] -# Set one or more Alias directives (e.g '/phpmyadmin /usr/share/phpMyAdmin' -# or ['/alias1 /path/to/alias', '/alias2 /path/to/secondalias']) -# -# [*proxy_aliases*] -# Set one or more proxy and reverse proxy directives. (e.g. '/manager http://localhost:8080/manager' -# or ['/manager http://localhost:8080/manager', '/alias3 http://remote.server.com/alias']) -# -# == Examples: -# apache::vhost { 'site.name.fqdn': -# docroot => '/path/to/docroot', -# } -# -# apache::vhost { 'mysite': -# docroot => '/path/to/docroot', -# template => 'myproject/apache/mysite.conf', -# } -# -# apache::vhost { 'my.other.site': -# docroot => '/path/to/docroot', -# directory => '/path/to', -# directory_allow_override => 'All', -# } -# -# apache::vhost { 'sitewithalias': -# docroot => '/path/to/docroot', -# aliases => '/phpmyadmin /usr/share/phpMyAdmin', -# } -# -define apache::vhost ( - $server_admin = '', - $server_name = '', - $docroot = '', - $docroot_create = false, - $docroot_owner = 'root', - $docroot_group = 'root', - $port = '80', - $ip_addr = '*', - $ssl = false, - $template = 'apache/virtualhost/vhost.conf.erb', - $source = '', - $priority = '50', - $serveraliases = '', - $env_variables = '', - $passenger = false, - $passenger_high_performance = true, - $passenger_max_pool_size = 12, - $passenger_pool_idle_time = 1200, - $passenger_max_requests = 0, - $passenger_stat_throttle_rate = 30, - $passenger_rack_auto_detect = true, - $passenger_rails_auto_detect = false, - $passenger_rails_env = '', - $passenger_rails_base_uri = '', - $passenger_rack_env = '', - $passenger_rack_base_uri = '', - $enable = true, - $directory = '', - $directory_options = '', - $directory_allow_override = 'None', - $directory_require = '', - $aliases = '', - $proxy_aliases = '' -) { - - $ensure = $enable ? { - true => present, - false => present, - absent => absent, - } - $bool_docroot_create = any2bool($docroot_create) - $bool_passenger = any2bool($passenger) - $bool_passenger_high_performance = any2bool($passenger_high_performance) - $bool_passenger_rack_auto_detect = any2bool($passenger_rack_auto_detect) - $bool_passenger_rails_auto_detect = any2bool($passenger_rails_auto_detect) - - $real_docroot = $docroot ? { - '' => "${apache::data_dir}/${name}", - default => $docroot, - } - - $real_directory = $directory ? { - '' => $apache::data_dir, - default => $directory, - } - - $server_name_value = $server_name ? { - '' => $name, - default => $server_name, - } - - $manage_file_source = $source ? { - '' => undef, - default => $source, - } - - # Server admin email - if $server_admin != '' { - $server_admin_email = $server_admin - } elsif ($name != 'default') and ($name != 'default-ssl') { - $server_admin_email = "webmaster@${name}" - } else { - $server_admin_email = 'webmaster@localhost' - } - - # Config file path - if $priority != '' { - $config_file_path = "${apache::vdir}/${priority}-${name}.conf" - } elsif ($name != 'default') and ($name != 'default-ssl') { - $config_file_path = "${apache::vdir}/${name}.conf" - } else { - $config_file_path = "${apache::vdir}/${name}" - } - - # Config file enable path - if $priority != '' { - $config_file_enable_path = "${apache::config_dir}/sites-enabled/${priority}-${name}.conf" - } elsif ($name != 'default') and ($name != 'default-ssl') { - $config_file_enable_path = "${apache::config_dir}/sites-enabled/${name}.conf" - } else { - $config_file_enable_path = "${apache::config_dir}/sites-enabled/000-${name}" - } - - $manage_file_content = $template ? { - '' => undef, - undef => undef, - default => template($template), - } - - include apache - - file { $config_file_path: - ensure => $ensure, - source => $manage_file_source, - content => $manage_file_content, - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - } - - # Some OS specific settings: - # On Debian/Ubuntu manages sites-enabled - case $::operatingsystem { - ubuntu,debian,mint: { - $file_vhost_link_ensure = $enable ? { - true => $config_file_path, - false => absent, - absent => absent, - } - file { "ApacheVHostEnabled_${name}": - ensure => $file_vhost_link_ensure, - path => $config_file_enable_path, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - } - } - redhat,centos,scientific,fedora: { - include apache::redhat - } - default: { } - } - - if $bool_docroot_create == true { - file { $real_docroot: - ensure => directory, - owner => $docroot_owner, - group => $docroot_group, - mode => '0775', - require => Package['apache'], - } - } - - if $bool_passenger == true { - include apache::passenger - } -} - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json b/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json deleted file mode 100644 index a246d196a..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/metadata.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "name": "example42-apache", - "version": "2.1.12", - "author": "Alessandro Franceschi, Martin Alfke", - "summary": "Puppet module for apache", - "license": "Apache-2.0", - "source": "https://github.com/example42/puppet-apache", - "project_page": "https://github.com/example42/puppet-apache", - "issues_url": "https://github.com/example42/puppet-apache/issues", - "dependencies": [ - {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"}, - {"name":"example42/puppi","version_requirement":">= 2.0.0"}, - {"name":"example42/monitor","version_requirement":">= 2.0.0"}, - {"name":"example42/iptables","version_requirement":">= 2.0.0"}, - {"name":"example42/firewall","version_requirement":">= 2.0.0"}, - {"name":"puppetlabs/concat","version_requirement":">= 1.0.0"} - ], - "checksums": { - }, - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "7" - ] - }, - { - "operatingsystem": "Centos", - "operatingsystemrelease": [ - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "14.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.0.0 < 5.0.0" - }, - { - "name": "puppet", - "version_requirement": ">= 3.0.0 < 5.0.0" - } - ] -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb deleted file mode 100644 index 23169fbbf..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/classes/apache_spec.rb +++ /dev/null @@ -1,199 +0,0 @@ -require "#{File.join(File.dirname(__FILE__),'..','spec_helper.rb')}" - -describe 'apache' do - - let(:title) { 'apache' } - let(:node) { 'rspec.example42.com' } - let(:facts) { { :ipaddress => '10.42.42.42' , :monitor_tool => 'puppi', :operatingsystemrelease => '6.6' } } - - describe 'Test standard installation' do - it { should contain_package('apache').with_ensure('present') } - it { should contain_service('apache').with_ensure('running') } - it { should contain_service('apache').with_enable('true') } - it { should contain_file('apache.conf').with_ensure('present') } - end - - describe 'Test standard installation with monitoring and firewalling' do - let(:params) { {:monitor => true , :firewall => true, :port => '42' } } - - it { should contain_package('apache').with_ensure('present') } - it { should contain_service('apache').with_ensure('running') } - it { should contain_service('apache').with_enable('true') } - it { should contain_file('apache.conf').with_ensure('present') } - it 'should monitor the process' do - should contain_monitor__process('apache_process').with_enable(true) - end - it 'should place a firewall rule' do - should contain_firewall('apache_tcp_42').with_enable(true) - end - end - - describe 'Test decommissioning - absent' do - let(:params) { {:absent => true, :monitor => true , :firewall => true, :port => '42'} } - - it 'should remove Package[apache]' do should contain_package('apache').with_ensure('absent') end - it 'should stop Service[apache]' do should contain_service('apache').with_ensure('stopped') end - it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end - it 'should remove apache configuration file' do should contain_file('apache.conf').with_ensure('absent') end - it 'should not monitor the process' do - should contain_monitor__process('apache_process').with_enable(false) - end - it 'should remove a firewall rule' do - should contain_firewall('apache_tcp_42').with_enable(false) - end - end - - describe 'Test decommissioning - disable' do - let(:params) { {:disable => true, :monitor => true , :firewall => true, :port => '42'} } - - it { should contain_package('apache').with_ensure('present') } - it 'should stop Service[apache]' do should contain_service('apache').with_ensure('stopped') end - it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end - it { should contain_file('apache.conf').with_ensure('present') } - it 'should not monitor the process' do - should contain_monitor__process('apache_process').with_enable(false) - end - it 'should remove a firewall rule' do - should contain_firewall('apache_tcp_42').with_enable(false) - end - end - - describe 'Test decommissioning - disableboot' do - let(:params) { {:disableboot => true, :monitor => true , :firewall => true, :port => '42'} } - - it { should contain_package('apache').with_ensure('present') } - it { should_not contain_service('apache').with_ensure('present') } - it { should_not contain_service('apache').with_ensure('absent') } - it 'should not enable at boot Service[apache]' do should contain_service('apache').with_enable('false') end - it { should contain_file('apache.conf').with_ensure('present') } - it 'should not monitor the process locally' do - should contain_monitor__process('apache_process').with_enable(false) - end - it 'should keep a firewall rule' do - should contain_firewall('apache_tcp_42').with_enable(true) - end - end - - describe 'Test customizations - template' do - let(:params) { {:template => "apache/spec.erb" , :options => { 'opt_a' => 'value_a' } } } - - it 'should generate a valid template' do - should contain_file('apache.conf').with_content(/fqdn: rspec.example42.com/) - end - it 'should generate a template that uses custom options' do - should contain_file('apache.conf').with_content(/value_a/) - end - - end - - describe 'Test customizations - source' do - let(:params) { {:source => "puppet://modules/apache/spec" , :source_dir => "puppet://modules/apache/dir/spec" , :source_dir_purge => true } } - - it 'should request a valid source ' do - should contain_file('apache.conf').with_source("puppet://modules/apache/spec") - end - it 'should request a valid source dir' do - should contain_file('apache.dir').with_source("puppet://modules/apache/dir/spec") - end - it 'should purge source dir if source_dir_purge is true' do - should contain_file('apache.dir').with_purge(true) - end - end - - describe 'Test customizations - custom class' do - let(:params) { {:my_class => "apache::spec" } } - it 'should automatically include a custom class' do - should contain_file('apache.conf').with_content(/fqdn: rspec.example42.com/) - end - end - - describe 'Test service autorestart' do - it 'should automatically restart the service, by default' do - should contain_file('apache.conf').with_notify("Service[apache]") - end - end - - describe 'Test service autorestart' do - let(:params) { {:service_autorestart => "no" } } - - it 'should not automatically restart the service, when service_autorestart => false' do - should contain_file('apache.conf').with_notify(nil) - end - end - - describe 'Test Puppi Integration' do - let(:params) { {:puppi => true, :puppi_helper => "myhelper"} } - - it 'should generate a puppi::ze define' do - should contain_puppi__ze('apache').with_helper("myhelper") - end - end - - describe 'Test Monitoring Tools Integration' do - let(:params) { {:monitor => true, :monitor_tool => "puppi" } } - - it 'should generate monitor defines' do - should contain_monitor__process('apache_process').with_tool("puppi") - end - end - - describe 'Test Firewall Tools Integration' do - let(:params) { {:firewall => true, :firewall_tool => "iptables" , :protocol => "tcp" , :port => "42" } } - - it 'should generate correct firewall define' do - should contain_firewall('apache_tcp_42').with_tool("iptables") - end - end - - describe 'Test OldGen Module Set Integration' do - let(:params) { {:monitor => "yes" , :monitor_tool => "puppi" , :firewall => "yes" , :firewall_tool => "iptables" , :puppi => "yes" , :port => "42" } } - - it 'should generate monitor resources' do - should contain_monitor__process('apache_process').with_tool("puppi") - end - it 'should generate firewall resources' do - should contain_firewall('apache_tcp_42').with_tool("iptables") - end - it 'should generate puppi resources ' do - should contain_puppi__ze('apache').with_ensure("present") - end - end - - describe 'Test params lookup' do - let(:facts) { { :monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } - let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } - - it 'should honour top scope global vars' do - should contain_monitor__process('apache_process').with_enable(true) - end - end - - describe 'Test params lookup' do - let(:facts) { { :apache_monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } - let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } - - it 'should honour module specific vars' do - should contain_monitor__process('apache_process').with_enable(true) - end - end - - describe 'Test params lookup' do - let(:facts) { { :monitor => false , :apache_monitor => true , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } - let(:params) { { :port => '42' , :monitor_tool => 'puppi' } } - - it 'should honour top scope module specific over global vars' do - should contain_monitor__process('apache_process').with_enable(true) - end - end - - describe 'Test params lookup' do - let(:facts) { { :monitor => false , :ipaddress => '10.42.42.42', :operatingsystemrelease => '6.6' } } - let(:params) { { :monitor => true , :monitor_tool => 'puppi' , :firewall => true, :port => '42' } } - - it 'should honour passed params over global vars' do - should contain_monitor__process('apache_process').with_enable(true) - end - end - -end - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb deleted file mode 100644 index 2c6f56649..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/spec_helper.rb +++ /dev/null @@ -1 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/modules/services/unix/http/apache/secgen_metadata.xml b/modules/services/unix/http/apache/secgen_metadata.xml index 285e1576d..e69de29bb 100644 --- a/modules/services/unix/http/apache/secgen_metadata.xml +++ b/modules/services/unix/http/apache/secgen_metadata.xml @@ -1,5 +0,0 @@ - - \ No newline at end of file diff --git a/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/copyvsftpd.sh b/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/copyvsftpd.sh similarity index 100% rename from modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/copyvsftpd.sh rename to modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/copyvsftpd.sh diff --git a/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/startvsftpd.sh b/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/startvsftpd.sh similarity index 100% rename from modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/startvsftpd.sh rename to modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/startvsftpd.sh diff --git a/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/vsftpd-2.3.4.tar.gz b/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/vsftpd-2.3.4.tar.gz similarity index 100% rename from modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/files/vsftpd-2.3.4.tar.gz rename to modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/files/vsftpd-2.3.4.tar.gz diff --git a/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/manifests/install.pp b/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/manifests/install.pp similarity index 79% rename from modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/manifests/install.pp rename to modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/manifests/install.pp index de9806850..551be2ced 100644 --- a/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/module/vsftpd_234_backdoor/manifests/install.pp +++ b/modules/vulnerabilities/unix/ftp/vsftpd_234_backdoor/vsftpd_234_backdoor/manifests/install.pp @@ -4,7 +4,7 @@ exec { 'unzip-vsftpd': command => 'tar xzf vsftpd-2.3.4.tar.gz && mv vsftpd-2.3.4 /home/vagrant/vsftpd-2.3.4', path => '/bin', - cwd => '/mount/puppet/module/vsftpd_234_backdoor/vsftpd_234_backdoor/files', + cwd => '/mount/puppet/module/vsftpd_234_backdoor/files', creates => "/home/vagrant/vsftpd-2.3.4/vsftpd", notify => Exec['make-vsftpd'] } @@ -18,7 +18,7 @@ } exec { 'copy-vsftpd': - command => '/mount/puppet/module/vsftpd_234_backdoor/vsftpd_234_backdoor/files/copyvsftpd.sh', + command => '/mount/puppet/module/vsftpd_234_backdoor/files/copyvsftpd.sh', cwd => "/home/vagrant/vsftpd-2.3.4", creates => "/usr/local/sbin/vsftpd", notify => User['ftp'], @@ -37,7 +37,7 @@ } exec { 'start-vsftpd': - command => '/mount/puppet/module/vsftpd_234_backdoor/vsftpd_234_backdoor/files/startvsftpd.sh', + command => '/mount/puppet/module/vsftpd_234_backdoor/files/startvsftpd.sh', require => User["ftp"], } } diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/module/distcc_exec/manifests/distcc_config.pp b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp similarity index 100% rename from modules/vulnerabilities/unix/misc/distcc_exec/module/distcc_exec/manifests/distcc_config.pp rename to modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/manifests/distcc_config.pp diff --git a/modules/vulnerabilities/unix/misc/distcc_exec/module/distcc_exec/templates/distcc.erb b/modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/templates/distcc.erb similarity index 100% rename from modules/vulnerabilities/unix/misc/distcc_exec/module/distcc_exec/templates/distcc.erb rename to modules/vulnerabilities/unix/misc/distcc_exec/distcc_exec/templates/distcc.erb diff --git a/modules/vulnerabilities/unix/other/mountable_nfs/module/mountable_nfs/manifests/config.pp b/modules/vulnerabilities/unix/other/mountable_nfs/mountable_nfs/manifests/config.pp similarity index 100% rename from modules/vulnerabilities/unix/other/mountable_nfs/module/mountable_nfs/manifests/config.pp rename to modules/vulnerabilities/unix/other/mountable_nfs/mountable_nfs/manifests/config.pp diff --git a/modules/vulnerabilities/unix/other/mountable_nfs/module/mountable_nfs/templates/exports.erb b/modules/vulnerabilities/unix/other/mountable_nfs/mountable_nfs/templates/exports.erb similarity index 100% rename from modules/vulnerabilities/unix/other/mountable_nfs/module/mountable_nfs/templates/exports.erb rename to modules/vulnerabilities/unix/other/mountable_nfs/mountable_nfs/templates/exports.erb diff --git a/modules/vulnerabilities/unix/other/writeable_shadow/module/writeable_shadow/manifests/config.pp b/modules/vulnerabilities/unix/other/writeable_shadow/writeable_shadow/manifests/config.pp similarity index 100% rename from modules/vulnerabilities/unix/other/writeable_shadow/module/writeable_shadow/manifests/config.pp rename to modules/vulnerabilities/unix/other/writeable_shadow/writeable_shadow/manifests/config.pp From de9c278c1b5c7422ced96d9d1c8a661ed4073135 Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Sat, 26 Mar 2016 03:33:50 +0000 Subject: [PATCH 04/13] Relates to SG-11 : Pushes code to repo for Tom to branch from --- .../manifests/dotconf.pp | 107 -------------- .../manifests/htpasswd.pp | 112 -------------- .../manifests/install.pp | 2 - .../manifests/module.pp | 139 ------------------ .../manifests/passenger.pp | 41 ------ .../manifests/redhat.pp | 9 -- .../example42_apache_2_1_12/manifests/spec.pp | 22 --- .../manifests/virtualhost.pp | 117 --------------- .../spec/defines/apache_virtualhost_spec.rb | 67 --------- .../templates/00-NameVirtualHost.conf.erb | 3 - .../templates/listen.conf.erb | 6 - .../templates/module/proxy.conf.erb | 17 --- .../templates/spec.erb | 8 - .../templates/virtualhost/vhost.conf.erb | 77 ---------- .../virtualhost/virtualhost.conf.erb | 16 -- .../example42_apache_2_1_12/tests/vhost.pp | 7 - 16 files changed, 750 deletions(-) delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb delete mode 100644 modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp deleted file mode 100644 index 6306b1ad8..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/dotconf.pp +++ /dev/null @@ -1,107 +0,0 @@ -# = Define: apache::dotconf -# -# General Apache define to be used to create generic custom .conf files -# Very simple wrapper to a normal file type -# Use source or template to define the source -# -# == Parameters -# -# [*source*] -# Sets the content of source parameter for the dotconf file -# If defined, apache dotconf file will have the param: source => $source -# -# [*template*] -# Sets the path to the template to use as content for dotconf file -# If defined, apache dotconf file has: content => content("$template") -# Note source and template parameters are mutually exclusive: don't use both -# -# == Usage -# apache::dotconf { "sarg": source => 'puppet://$servername/sarg/sarg.conf' } -# or -# apache::dotconf { "trac": content => template("trac/apache.conf.erb") } -# -define apache::dotconf ( - $enable = true, - $source = '' , - $content = '' , - $priority = '', - $ensure = present, -) { - - $manage_file_source = $source ? { - '' => undef, - default => $source, - } - - $manage_file_content = $content ? { - '' => undef, - default => $content, - } - - # Config file path - if $priority != '' { - $dotconf_path = "${apache::dotconf_dir}/${priority}-${name}.conf" - } else { - $dotconf_path = "${apache::dotconf_dir}/${name}.conf" - } - - # Config file enable path - if $priority != '' { - $dotconf_enable_path = "${apache::config_dir}/conf-enabled/${priority}-${name}.conf" - } else { - $dotconf_enable_path = "${apache::config_dir}/conf-enabled/${name}.conf" - } - - file { "Apache_${name}.conf": - ensure => $ensure, - path => $dotconf_path, - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - source => $manage_file_source, - content => $manage_file_content, - audit => $apache::manage_audit, - } - - # Some OS specific settings: - # Ubuntu 14 uses conf-available / conf-enabled folders - case $::operatingsystem { - /(?i:Ubuntu)/ : { - case $::lsbmajdistrelease { - /14/ : { - $dotconf_link_ensure = $enable ? { - true => $dotconf_path, - false => absent, - } - - file { "ApacheDotconfEnabled_${name}": - ensure => $dotconf_link_ensure, - path => $dotconf_enable_path, - require => Package['apache'], - } - } - default: { } - } - } - /(?i:Debian)/ : { - case $::lsbmajdistrelease { - /8/ : { - $dotconf_link_ensure = $enable ? { - true => $dotconf_path, - false => absent, - } - - file { "ApacheDotconfEnabled_${name}": - ensure => $dotconf_link_ensure, - path => $dotconf_enable_path, - require => Package['apache'], - } - } - default: { } - } - } - default: { } - } -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp deleted file mode 100644 index 1a5ae8808..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/htpasswd.pp +++ /dev/null @@ -1,112 +0,0 @@ -# = Define apache::htpasswd -# -# This define managed apache htpasswd files -# Based on CamptoCamp Apache module: -# https://github.com/camptocamp/puppet-apache/blob/master/manifests/auth/htpasswd.pp -# -# == Parameters -# -# [*ensure*] -# Define if the add (present) or remove the user (set as $name) -# Default: 'present', -# -# [*htpasswd_file*] -# Path of the htpasswd file to manage. -# Default: "${apache::params::config_dir}/htpasswd" -# -# [*username*] -# Define username when you want to put the username in different files -# Default: $name -# -# [*crypt_password*] -# Crypted password (as it appears in htpasswd) -# Default: false (either crypt_password or clear_password must be set) -# -# [*clear_password*] -# Clear password (as it appears in htpasswd) -# Default: false (either crypt_password or clear_password must be set) -# -# -# == Usage -# -# Set clear password='mypass' to user 'my_user' on default htpasswd file: -# apache::htpasswd { 'myuser': -# clear_password => 'my_pass', -# } -# -# Set crypted password to user 'my_user' on custom htpasswd file: -# apache::htpasswd { 'myuser': -# crypt_password => 'B5dPQYYjf.jjA', -# htpasswd_file => '/etc/httpd/users.passwd', -# } -# -# Set the same user in different files -# apache::htpasswd { 'myuser': -# crypt_password => 'password1', -# htpasswd_file => '/etc/httpd/users.passwd' -# } -# -# apache::htpasswd { 'myuser2': -# crypt_password => 'password2', -# username => 'myuser', -# htpasswd_file => '/etc/httpd/httpd.passwd' -# } -# -define apache::htpasswd ( - $ensure = 'present', - $htpasswd_file = '', - $username = $name, - $crypt_password = false, - $clear_password = false ) { - - include apache - - $real_htpasswd_file = $htpasswd_file ? { - '' => "${apache::params::config_dir}/htpasswd", - default => $htpasswd_file, - } - - case $ensure { - - 'present': { - if $crypt_password and $clear_password { - fail 'Choose only one of crypt_password OR clear_password !' - } - - if !$crypt_password and !$clear_password { - fail 'Choose one of crypt_password OR clear_password !' - } - - if $crypt_password { - exec { "test -f ${real_htpasswd_file} || OPT='-c'; htpasswd -b \${OPT} ${real_htpasswd_file} ${username} '${crypt_password}'": - unless => "grep -q '${username}:${crypt_password}' ${real_htpasswd_file}", - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } - } - - if $clear_password { - exec { "test -f ${real_htpasswd_file} || OPT='-c'; htpasswd -bp \$OPT ${real_htpasswd_file} ${username} ${clear_password}": - unless => "egrep '^${username}:' ${real_htpasswd_file} && grep ${username}:\$(mkpasswd -S \$(egrep '^${username}:' ${real_htpasswd_file} |cut -d : -f 2 |cut -c-2) ${clear_password}) ${real_htpasswd_file}", - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } - } - } - - 'absent': { - exec { "htpasswd -D ${real_htpasswd_file} ${username}": - onlyif => "egrep -q '^${username}:' ${real_htpasswd_file}", - notify => Exec["delete ${real_htpasswd_file} after remove ${username}"], - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } - - exec { "delete ${real_htpasswd_file} after remove ${username}": - command => "rm -f ${real_htpasswd_file}", - onlyif => "wc -l ${real_htpasswd_file} | egrep -q '^0[^0-9]'", - refreshonly => true, - path => '/bin:/sbin:/usr/bin:/usr/sbin', - } - } - - default: { } - } -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp deleted file mode 100644 index 1396c0ab8..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/install.pp +++ /dev/null @@ -1,2 +0,0 @@ -include apache -class{'apache':} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp deleted file mode 100644 index 8c60352a2..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/module.pp +++ /dev/null @@ -1,139 +0,0 @@ -# = Define: apache::module -# -# This define installs and configures apache modules -# On Debian and derivatives it places the module config -# into /etc/apache/mods-available. -# On RedHat and derivatives it just creates the configuration file, if -# provided via the templatefile => argument -# If you need to customize the module .conf file, -# add a templatefile with path to the template, -# -# == Parameters -# -# [*ensure*] -# If to enable/install the module. Default: present -# Set to absent to disable/remove the module -# -# [*templatefile*] -# Optional. Location of the template to use to configure -# the module -# -# [*install_package*] -# If a module package has to be installed. Default: false -# Set to true if the module package is not installed by default -# and you need to install the relevant package -# In this case the package name is calculated according to the operatingsystem -# and the ${name} variable. -# If the autocalculated package name for the module is not -# correct, you can explicitely set it (using a string different than -# true or false) -# -# [*notify_service*] -# If you want to restart the apache service automatically when -# the module is applied. Default: true -# -# == Examples -# apache::module { 'proxy': -# templatefile => 'apache/module/proxy.conf.erb', -# } -# -# apache::module { 'bw': -# install_package => true, -# templatefile => 'myclass/apache/bw.conf.erb', -# } -# -# apache::module { 'proxy_html': -# install_package => 'libapache2-mod-proxy-html', -# } -# -# -define apache::module ( - $ensure = 'present', - $templatefile = '', - $install_package = false, - $notify_service = true ) { - - include apache - - $manage_service_autorestart = $notify_service ? { - true => 'Service[apache]', - false => undef, - } - - if $install_package != false { - $modpackage_basename = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => 'libapache2-mod-', - /(?i:SLES|OpenSuSE)/ => 'apache2-mod_', - default => 'mod_', - } - - $real_install_package = $install_package ? { - true => "${modpackage_basename}${name}", - default => $install_package, - } - - package { "ApacheModule_${name}": - ensure => $ensure, - name => $real_install_package, - notify => $manage_service_autorestart, - require => Package['apache'], - } - - } - - - if $templatefile != '' { - $module_conf_path = $::operatingsystem ? { - /(?i:Ubuntu|Debian|Mint)/ => "${apache::config_dir}/mods-available/${name}.conf", - default => "${apache::config_dir}/conf.d/module_${name}.conf", - } - - file { "ApacheModule_${name}_conf": - ensure => present , - path => $module_conf_path, - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - content => template($templatefile), - notify => $manage_service_autorestart, - require => Package['apache'], - } - } - - - if $::operatingsystem == 'Debian' - or $::operatingsystem == 'Ubuntu' - or $::operatingsystem == 'Mint' { - case $ensure { - 'present': { - - $exec_a2enmod_subscribe = $install_package ? { - false => undef, - default => Package["ApacheModule_${name}"] - } - $exec_a2dismode_before = $install_package ? { - false => undef, - default => Package["ApacheModule_${name}"] - } - - exec { "/usr/sbin/a2enmod ${name}": - unless => "/bin/sh -c '[ -L ${apache::config_dir}/mods-enabled/${name}.load ] && [ ${apache::config_dir}/mods-enabled/${name}.load -ef ${apache::config_dir}/mods-available/${name}.load ]'", - notify => $manage_service_autorestart, - require => Package['apache'], - subscribe => $exec_a2enmod_subscribe, - } - } - 'absent': { - exec { "/usr/sbin/a2dismod ${name}": - onlyif => "/bin/sh -c '[ -L ${apache::config_dir}/mods-enabled/${name}.load ] && [ ${apache::config_dir}/mods-enabled/${name}.load -ef ${apache::config_dir}/mods-available/${name}.load ]'", - notify => $manage_service_autorestart, - require => Package['apache'], - before => $exec_a2dismode_before, - } - } - default: { - } - } - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp deleted file mode 100644 index 9cb409cc9..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/passenger.pp +++ /dev/null @@ -1,41 +0,0 @@ -# Class apache::passenger -# -# Apache resources specific for passenger -# -class apache::passenger { - - include apache - - case $::operatingsystem { - ubuntu,debian,mint: { - package { 'libapache2-mod-passenger': - ensure => present; - } - - exec { 'enable-passenger': - command => '/usr/sbin/a2enmod passenger', - creates => '/etc/apache2/mods-enabled/passenger.load', - notify => Service['apache'], - require => [ - Package['apache'], - Package['libapache2-mod-passenger'] - ], - } - } - - centos,redhat,scientific,fedora: { - $osver = split($::operatingsystemrelease, '[.]') - - case $osver[0] { - 5: { require yum::repo::passenger } - default: { } - } - package { 'mod_passenger': - ensure => present; - } - } - - default: { } - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp deleted file mode 100644 index 72a4e4204..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/redhat.pp +++ /dev/null @@ -1,9 +0,0 @@ -# Class apache::redhat -# -# Apache resources specific for RedHat -# -class apache::redhat { - apache::dotconf { '00-NameVirtualHost': - content => template('apache/00-NameVirtualHost.conf.erb'), - } -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp deleted file mode 100644 index ef75f6972..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/spec.pp +++ /dev/null @@ -1,22 +0,0 @@ -# Class: apache::spec -# -# This class is used only for rpsec-puppet tests -# Can be taken as an example on how to do custom classes but should not -# be modified. -# -# == Usage -# -# This class is not intended to be used directly. -# Use it as reference -# -class apache::spec inherits apache { - - # This just a test to override the arguments of an existing resource - # Note that you can achieve this same result with just: - # class { "apache": template => "apache/spec.erb" } - - File['apache.conf'] { - content => template('apache/spec.erb'), - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp deleted file mode 100644 index c36a8a8f3..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/manifests/virtualhost.pp +++ /dev/null @@ -1,117 +0,0 @@ -# = Define: apache::virtualhost -# -# NOTE: This define does the same function of apache::vhost and is -# now deprecated. Use apache::vhost instead. -# -# Basic Virtual host management define -# You can use different templates for your apache virtual host files -# Default is virtualhost.conf.erb, adapt it to your needs or create -# your custom template. -# -# == Usage: -# With standard template: -# apache::virtualhost { "www.example42.com": } -# -# With custom template (create it in MODULEPATH/apache/templates/virtualhost/) -# apache::virtualhost { "webmail.example42.com": -# templatefile => "webmail.conf.erb" -# } -# -# With custom template in custom location -# (MODULEPATH/mymod/templates/apache/vihost/) -# apache::virtualhost { "webmail.example42.com": -# templatefile => "webmail.conf.erb" -# templatepath => "mymod/apache/vihost" -# } -# -define apache::virtualhost ( - $templatefile = 'virtualhost.conf.erb' , - $templatepath = 'apache/virtualhost' , - $documentroot = '' , - $filename = '' , - $aliases = '' , - $create_docroot = true , - $enable = true , - $owner = '' , - $content = '' , - $groupowner = '' ) { - - include apache - - $real_filename = $filename ? { - '' => $name, - default => $filename, - } - - $real_documentroot = $documentroot ? { - '' => "${apache::data_dir}/${name}", - default => $documentroot, - } - - $real_owner = $owner ? { - '' => $apache::config_file_owner, - default => $owner, - } - - $real_groupowner = $groupowner ? { - '' => $apache::config_file_group, - default => $groupowner, -} - - $real_path = $::operatingsystem ? { - /(?i:Debian|Ubuntu|Mint)/ => "${apache::vdir}/${real_filename}", - default => "${apache::vdir}/${real_filename}.conf", - } - - $ensure_link = any2bool($enable) ? { - true => "${apache::vdir}/${real_filename}", - false => absent, - } - $ensure = bool2ensure($enable) - $bool_create_docroot = any2bool($enable) ? { - true => any2bool($create_docroot), - false => false, - } - - $real_content = $content ? { - '' => template("${templatepath}/${templatefile}"), - default => $content, - } - - file { "ApacheVirtualHost_${name}": - ensure => $ensure, - path => $real_path, - content => $real_content, - mode => $apache::config_file_mode, - owner => $apache::config_file_owner, - group => $apache::config_file_group, - require => Package['apache'], - notify => $apache::manage_service_autorestart, - } - - # Some OS specific settings: - # On Debian/Ubuntu manages sites-enabled - case $::operatingsystem { - ubuntu,debian,mint: { - file { "ApacheVirtualHostEnabled_${name}": - ensure => $ensure_link, - path => "${apache::config_dir}/sites-enabled/${real_filename}", - require => Package['apache'], - } - } - redhat,centos,scientific,fedora: { - include apache::redhat - } - default: { } - } - - if $bool_create_docroot == true { - file { $real_documentroot: - ensure => directory, - owner => $real_owner, - group => $real_groupowner, - mode => '0775', - } - } - -} diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb deleted file mode 100644 index 920c577d4..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/spec/defines/apache_virtualhost_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require "#{File.join(File.dirname(__FILE__),'..','spec_helper.rb')}" - -describe 'apache::virtualhost' do - - let(:title) { 'apache::virtualhost' } - let(:node) { 'rspec.example42.com' } - let(:facts) { { :arch => 'i386' , :operatingsystem => 'redhat' } } - let(:params) { - { 'enable' => 'true', - 'name' => 'www.example42.com', - 'documentroot' => '/store/www', - } - } - - describe 'Test apache::virtualhost on redhat' do - it 'should create a apache::virtualhost file' do - should contain_file('ApacheVirtualHost_www.example42.com').with_ensure('present') - end - it 'should populate correctly the apache::virtualhost file DocumentRoot' do - should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ DocumentRoot \/store\/www/) - end - it 'should populate correctly the apache::virtualhost file ErrorLog' do - should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ ErrorLog \/var\/log\/httpd\/www.example42.com-error_log/) - end - it 'should create the docroot directory' do - should contain_file('/store/www').with_ensure("directory") - end - - end - - describe 'Test apache::virtualhost on ubuntu' do - let(:facts) { { :arch => 'i386' , :operatingsystem => 'ubuntu' } } - let(:params) { - { 'enable' => 'true', - 'name' => 'www.example42.com', - } - } - - it 'should create a apache::virtualhost link in sites-enabled' do - should contain_file('ApacheVirtualHostEnabled_www.example42.com').with_ensure('/etc/apache2/sites-available/www.example42.com') - end - it 'should populate correctly the apache::virtualhost file DocumentRoot' do - should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ DocumentRoot \/var\/www\/www.example42.com/) - end - it 'should populate correctly the apache::virtualhost file ErrorLog' do - should contain_file('ApacheVirtualHost_www.example42.com').with_content(/ ErrorLog \/var\/log\/apache2\/www.example42.com-error_log/) - end - it 'should create the docroot directory' do - should contain_file('/var/www/www.example42.com').with_ensure("directory") - end - - end - - describe 'Test apache::virtualhost decommissioning' do - let(:params) { - { 'enable' => 'false', - 'name' => 'www.example42.com', - 'documentroot' => '/var/www/example42.com', - } - } - - it { should contain_file('ApacheVirtualHost_www.example42.com').with_ensure('absent') } - it { should_not contain_file('/var/www/example42.com').with_ensure('directory') } - end - -end - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb deleted file mode 100644 index d15418d4c..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/00-NameVirtualHost.conf.erb +++ /dev/null @@ -1,3 +0,0 @@ -# File managed by Puppet - -NameVirtualHost *:80 diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb deleted file mode 100644 index a0c73b188..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/listen.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ -# File Handled by Puppet - -<% if @namevirtualhost -%> -NameVirtualHost <%= @namevirtualhost %>:<%= @name %> -<% end %> -Listen <%= @name %> diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb deleted file mode 100644 index 4310aa9d3..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/module/proxy.conf.erb +++ /dev/null @@ -1,17 +0,0 @@ -# File Managed by Puppet - - - - # This is not a forwared proxy - ProxyRequests Off - - - AddDefaultCharset off - Order deny,allow - Deny from all - Allow from all - - - ProxyVia On - - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb deleted file mode 100644 index 0e810745d..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/spec.erb +++ /dev/null @@ -1,8 +0,0 @@ -# This is a template used only for rspec tests - -# Yaml of the whole scope -<%= scope.to_hash.reject { |k,v| !( k.is_a?(String) && v.is_a?(String) ) }.to_yaml %> - -# Custom Options -<%= @options['opt_a'] %> -<%= @options['opt_b'] %> diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb deleted file mode 100644 index 6f96bf2ab..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/vhost.conf.erb +++ /dev/null @@ -1,77 +0,0 @@ -# File Managed by Puppet - -:<%= @port %>> - ServerAdmin <%= @server_admin_email ||= 'webmaster@localhost' %> - DocumentRoot <%= @real_docroot %> -<% if @server_name_value != false -%> - ServerName <%= @server_name_value %> -<% end -%> -<% if @serveraliases != "" -%> -<% if @serveraliases.is_a? Array -%> - ServerAlias <%= @serveraliases.flatten.join(" ") %> -<% else -%> - ServerAlias <%= @serveraliases %> -<% end -%> -<% end -%> -<% if @env_variables != "" -%> -<% if @env_variables.is_a? Array -%> -<% @env_variables.each do |envvars| -%> - SetEnv <%= envvars %> -<% end -%> -<% end -%> -<% end -%> - - ErrorLog <%= scope.lookupvar('apache::log_dir') %>/<%= @name %>-error_log - CustomLog <%= scope.lookupvar('apache::log_dir') %>/<%= @name %>-access_log common - -<% if @bool_passenger -%> - PassengerHighPerformance <%= @bool_passenger_high_performance ? "On" : "Off" %> - PassengerMaxPoolSize <%= @passenger_max_pool_size %> - PassengerPoolIdleTime <%= @passenger_pool_idle_time %> - PassengerMaxRequests <%= @passenger_max_requests %> - PassengerStatThrottleRate <%= @passenger_stat_throttle_rate %> - RackAutoDetect <%= @bool_passenger_rack_auto_detect ? "On" : "Off" %> - RailsAutoDetect <%= @bool_passenger_rails_auto_detect ? "On" : "Off" %> - - <% if @passenger_rails_env != '' %>RailsEnv <%= @passenger_rails_env %><% end %> - <% if @passenger_rack_env != '' %>RackEnv <%= @passenger_rack_env %><% end %> - <% if @passenger_rails_base_uri != '' %>RailsBaseURI <%= @passenger_rails_base_uri %><% end %> - <% if @passenger_rack_base_uri != '' %>RackBaseURI <%= @passenger_rack_base_uri %><% end %> - -<% end -%> -<% if @directory_options != "" || @directory_allow_override != "None" || @directory_require != "" -%> - > -<% if @directory_options != "" -%> - Options <%= @directory_options %> -<% end -%> -<% if @directory_allow_override != "None" -%> - AllowOverride <%= @directory_allow_override %> -<% end -%> -<% if @directory_require != "" -%> - Require <%= @directory_require %> -<% end -%> - -<% end -%> - -<% if @aliases != "" -%> -<% if @aliases.is_a? Array -%> -<% @aliases.each do |singlealias| %> - Alias <%= singlealias %> -<% end -%> -<% else -%> - Alias <%= @aliases %> -<% end -%> -<% end -%> -<% if @proxy_aliases != "" -%> -<% if @proxy_aliases.is_a? Array -%> -<% @proxy_aliases.each do |singleproxyalias| %> - - ProxyPass <%= singleproxyalias %> - ProxyPassReverse <%= singleproxyalias %> -<% end -%> -<% else -%> - ProxyPass <%= @proxy_aliases %> - ProxyPassReverse <%= @proxy_aliases %> -<% end -%> -<% end -%> - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb b/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb deleted file mode 100644 index 1dee1c333..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/templates/virtualhost/virtualhost.conf.erb +++ /dev/null @@ -1,16 +0,0 @@ -# File Managed by Puppet - - - ServerAdmin webmaster@<%= @name %> - DocumentRoot <%= @real_documentroot %> - ServerName <%= @name %> -<% if @aliases != "" -%> -<% if @aliases.is_a? Array -%> - ServerAlias <%= @aliases.flatten.join(" ") %> -<% else -%> - ServerAlias <%= @aliases %> -<% end -%> -<% end -%> - ErrorLog <%= scope.lookupvar('apache::log_dir')%>/<%= @name %>-error_log - CustomLog <%= scope.lookupvar('apache::log_dir')%>/<%= @name %>-access_log common - diff --git a/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp b/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp deleted file mode 100644 index 7e66efde9..000000000 --- a/modules/services/unix/http/apache/module/example42_apache_2_1_12/tests/vhost.pp +++ /dev/null @@ -1,7 +0,0 @@ -include apache - -apache::vhost { 'testsite': - docroot => '/var/www/test', - env_variables => ['APP_ENV dev'], -} - From 3a900597530042e39b7ffcfbb9ce65b0cc2ac506 Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Sat, 26 Mar 2016 03:52:37 +0000 Subject: [PATCH 05/13] Relates to SG-11 : Pushes lowered concat dependency version as most recent is buggy --- modules/dependencies/concat/CHANGELOG.md | 204 ++++++++ modules/dependencies/concat/CONTRIBUTING.md | 234 ++++++++++ modules/dependencies/concat/Gemfile | 27 ++ modules/dependencies/concat/LICENSE | 14 + modules/dependencies/concat/README.md | 437 ++++++++++++++++++ modules/dependencies/concat/Rakefile | 10 + modules/dependencies/concat/checksums.json | 53 +++ .../concat/files/concatfragments.rb | 150 ++++++ .../concat/files/concatfragments.sh | 140 ++++++ .../concat/lib/facter/concat_basedir.rb | 11 + .../parser/functions/concat_getparam.rb | 35 ++ .../puppet/parser/functions/concat_is_bool.rb | 22 + .../dependencies/concat/manifests/fragment.pp | 124 +++++ modules/dependencies/concat/manifests/init.pp | 236 ++++++++++ .../dependencies/concat/manifests/setup.pp | 64 +++ modules/dependencies/concat/metadata.json | 108 +++++ .../concat/spec/acceptance/backup_spec.rb | 115 +++++ .../concat/spec/acceptance/concat_spec.rb | 215 +++++++++ .../acceptance/deprecation_warnings_spec.rb | 233 ++++++++++ .../concat/spec/acceptance/empty_spec.rb | 23 + .../spec/acceptance/fragment_source_spec.rb | 149 ++++++ .../fragments_are_always_replaced_spec.rb | 133 ++++++ .../concat/spec/acceptance/newline_spec.rb | 67 +++ .../acceptance/nodesets/aix-71-vcloud.yml | 19 + .../acceptance/nodesets/centos-59-x64.yml | 10 + .../acceptance/nodesets/centos-64-x64-pe.yml | 12 + .../acceptance/nodesets/centos-64-x64.yml | 10 + .../acceptance/nodesets/centos-65-x64.yml | 10 + .../acceptance/nodesets/debian-607-x64.yml | 10 + .../acceptance/nodesets/debian-70rc1-x64.yml | 10 + .../acceptance/nodesets/debian-73-x64.yml | 11 + .../spec/acceptance/nodesets/default.yml | 10 + .../acceptance/nodesets/fedora-18-x64.yml | 10 + .../spec/acceptance/nodesets/sles-11-x64.yml | 10 + .../acceptance/nodesets/sles-11sp1-x64.yml | 10 + .../nodesets/ubuntu-server-10044-x64.yml | 10 + .../nodesets/ubuntu-server-12042-x64.yml | 10 + .../nodesets/ubuntu-server-1404-x64.yml | 11 + .../concat/spec/acceptance/order_spec.rb | 143 ++++++ .../spec/acceptance/quoted_paths_spec.rb | 44 ++ .../concat/spec/acceptance/replace_spec.rb | 256 ++++++++++ .../spec/acceptance/symbolic_name_spec.rb | 33 ++ .../concat/spec/acceptance/warn_spec.rb | 98 ++++ modules/dependencies/concat/spec/spec.opts | 6 + .../dependencies/concat/spec/spec_helper.rb | 1 + .../concat/spec/spec_helper_acceptance.rb | 47 ++ .../spec/unit/classes/concat_setup_spec.rb | 84 ++++ .../spec/unit/defines/concat_fragment_spec.rb | 267 +++++++++++ .../concat/spec/unit/defines/concat_spec.rb | 389 ++++++++++++++++ .../spec/unit/facts/concat_basedir_spec.rb | 18 + modules/dependencies/concat/tests/fragment.pp | 19 + modules/dependencies/concat/tests/init.pp | 7 + 52 files changed, 4379 insertions(+) create mode 100644 modules/dependencies/concat/CHANGELOG.md create mode 100644 modules/dependencies/concat/CONTRIBUTING.md create mode 100644 modules/dependencies/concat/Gemfile create mode 100644 modules/dependencies/concat/LICENSE create mode 100644 modules/dependencies/concat/README.md create mode 100644 modules/dependencies/concat/Rakefile create mode 100644 modules/dependencies/concat/checksums.json create mode 100644 modules/dependencies/concat/files/concatfragments.rb create mode 100755 modules/dependencies/concat/files/concatfragments.sh create mode 100644 modules/dependencies/concat/lib/facter/concat_basedir.rb create mode 100644 modules/dependencies/concat/lib/puppet/parser/functions/concat_getparam.rb create mode 100644 modules/dependencies/concat/lib/puppet/parser/functions/concat_is_bool.rb create mode 100644 modules/dependencies/concat/manifests/fragment.pp create mode 100644 modules/dependencies/concat/manifests/init.pp create mode 100644 modules/dependencies/concat/manifests/setup.pp create mode 100644 modules/dependencies/concat/metadata.json create mode 100644 modules/dependencies/concat/spec/acceptance/backup_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/concat_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/deprecation_warnings_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/empty_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/fragment_source_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/fragments_are_always_replaced_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/newline_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/aix-71-vcloud.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/centos-59-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/centos-65-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/debian-607-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/debian-73-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/default.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/fedora-18-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/sles-11-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml create mode 100644 modules/dependencies/concat/spec/acceptance/order_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/quoted_paths_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/replace_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/symbolic_name_spec.rb create mode 100644 modules/dependencies/concat/spec/acceptance/warn_spec.rb create mode 100644 modules/dependencies/concat/spec/spec.opts create mode 100644 modules/dependencies/concat/spec/spec_helper.rb create mode 100644 modules/dependencies/concat/spec/spec_helper_acceptance.rb create mode 100644 modules/dependencies/concat/spec/unit/classes/concat_setup_spec.rb create mode 100644 modules/dependencies/concat/spec/unit/defines/concat_fragment_spec.rb create mode 100644 modules/dependencies/concat/spec/unit/defines/concat_spec.rb create mode 100644 modules/dependencies/concat/spec/unit/facts/concat_basedir_spec.rb create mode 100644 modules/dependencies/concat/tests/fragment.pp create mode 100644 modules/dependencies/concat/tests/init.pp diff --git a/modules/dependencies/concat/CHANGELOG.md b/modules/dependencies/concat/CHANGELOG.md new file mode 100644 index 000000000..f8898669b --- /dev/null +++ b/modules/dependencies/concat/CHANGELOG.md @@ -0,0 +1,204 @@ +##2014-09-10 - Supported Release 1.1.1 + +###Summary + +This is a bugfix release, and the first supported release of the 1.1.x series. + +####Bugfixes +- Make the `$order` parameter default to a string and be validated as an integer + or a string +- Use the ruby script on Solaris to not break Sol10 support +- Add quotes to the ryby script location for Windows +- Fix typos in README.md +- Make regex in concat::setup case-insensitive to make it work on Windows +- Make sure concat fragments are always replaced +- Fix validation to allow `$backup` to be a boolean +- Remove dependency on stdlib 4.x +- Fix for lack of idempotency with `ensure => 'absent'` +- Fix tests and spec_helper +- Synchronized files for more consistency across modules via modulesync + +##2014-05-14 - Release 1.1.0 + +###Summary + +This release is primarily a bugfix release since 1.1.0-rc1. + +####Features +- Improved testing, with tests moved to beaker + +####Bugfixes +- No longer attempts to set fragment owner and mode on Windows +- Fix numeric sorting +- Fix incorrect quoting +- Fix newlines + +##2014-01-03 - Release 1.1.0-rc1 + +###Summary + +This release of concat was 90% written by Joshua Hoblitt, and the module team +would like to thank him for the huge amount of work he put into this release. + +This module deprecates a bunch of old parameters and usage patterns, modernizes +much of the manifest code, simplifies a whole bunch of logic and makes +improvements to almost all parts of the module. + +The other major feature is windows support, courtesy of luisfdez, with an +alternative version of the concat bash script in ruby. We've attempted to +ensure that there are no backwards incompatible changes, all users of 1.0.0 +should be able to use 1.1.0 without any failures, but you may find deprecation +warnings and we'll be aggressively moving for a 2.0 to remove those too. + +For further information on deprecations, please read: +https://github.com/puppetlabs/puppetlabs-concat/blob/master/README.md#api-deprecations + +####Removed +- Puppet 0.24 support. +- Filebucket backup of all file resources except the target concatenated file. +- Default owner/user/group values. +- Purging of long unused /usr/local/bin/concatfragments.sh + +###Features +- Windows support via a ruby version of the concat bash script. +- Huge amount of acceptance testing work added. +- Documentation (README) completely rewritten. +- New parameters in concat: + - `ensure`: Controls if the file should be present/absent at all. + - Remove requirement to include concat::setup in manifests. + - Made `gnu` parameter deprecated. + - Added parameter validation. + +###Bugfixes + - Ensure concat::setup runs before concat::fragment in all cases. + - Pluginsync references updated for modern Puppet. + - Fix incorrect group parameter. + - Use $owner instead of $id to avoid confusion with $::id + - Compatibility fixes for Puppet 2.7/ruby 1.8.7 + - Use LC_ALL=C instead of LANG=C + - Always exec the concatfragments script as root when running as root. + - Syntax and other cleanup changes. + +##2014-06-25 - Supported Release 1.0.4 +###Summary + +This release has test fixes. + +####Features +- Added test support for OSX. + +####Bugfixes + +####Known bugs + +* Not supported on Windows. + +##2014-06-04 - Release 1.0.3 +###Summary + +This release adds compatibility for PE3.3 and fixes tests. + +####Features +- Added test support for Ubuntu Trusty. + +####Bugfixes + +####Known bugs + +*Not supported on Windows. + +##2014-03-04 - Supported Release 1.0.2 +###Summary + +This is a supported release. No functional changes were made from 1.0.1. + +####Features +- Huge amount of tests backported from 1.1. +- Documentation rewrite. + +####Bugfixes + +####Known Bugs + +* Not supported on Windows. + + +##2014-02-12 - 1.0.1 + +###Summary + +Minor bugfixes for sorting of fragments and ordering of resources. + +####Bugfixes +- LANG => C replaced with LC_ALL => C to reduce spurious recreation of +fragments. +- Corrected pluginsync documentation. +- Ensure concat::setup always runs before fragments. + + +##2013-08-09 - 1.0.0 + +###Summary + +Many new features and bugfixes in this release, and if you're a heavy concat +user you should test carefully before upgrading. The features should all be +backwards compatible but only light testing has been done from our side before +this release. + +####Features +- New parameters in concat: + - `replace`: specify if concat should replace existing files. + - `ensure_newline`: controls if fragments should contain a newline at the end. +- Improved README documentation. +- Add rspec:system tests (rake spec:system to test concat) + +####Bugfixes +- Gracefully handle \n in a fragment resource name. +- Adding more helpful message for 'pluginsync = true' +- Allow passing `source` and `content` directly to file resource, rather than +defining resource defaults. +- Added -r flag to read so that filenames with \ will be read correctly. +- sort always uses LANG=C. +- Allow WARNMSG to contain/start with '#'. +- Replace while-read pattern with for-do in order to support Solaris. + +####CHANGELOG: +- 2010/02/19 - initial release +- 2010/03/12 - add support for 0.24.8 and newer + - make the location of sort configurable + - add the ability to add shell comment based warnings to + top of files + - add the ablity to create empty files +- 2010/04/05 - fix parsing of WARN and change code style to match rest + of the code + - Better and safer boolean handling for warn and force + - Don't use hard coded paths in the shell script, set PATH + top of the script + - Use file{} to copy the result and make all fragments owned + by root. This means we can chnage the ownership/group of the + resulting file at any time. + - You can specify ensure => "/some/other/file" in concat::fragment + to include the contents of a symlink into the final file. +- 2010/04/16 - Add more cleaning of the fragment name - removing / from the $name +- 2010/05/22 - Improve documentation and show the use of ensure => +- 2010/07/14 - Add support for setting the filebucket behavior of files +- 2010/10/04 - Make the warning message configurable +- 2010/12/03 - Add flags to make concat work better on Solaris - thanks Jonathan Boyett +- 2011/02/03 - Make the shell script more portable and add a config option for root group +- 2011/06/21 - Make base dir root readable only for security +- 2011/06/23 - Set base directory using a fact instead of hardcoding it +- 2011/06/23 - Support operating as non privileged user +- 2011/06/23 - Support dash instead of bash or sh +- 2011/07/11 - Better solaris support +- 2011/12/05 - Use fully qualified variables +- 2011/12/13 - Improve Nexenta support +- 2012/04/11 - Do not use any GNU specific extensions in the shell script +- 2012/03/24 - Comply to community style guides +- 2012/05/23 - Better errors when basedir isnt set +- 2012/05/31 - Add spec tests +- 2012/07/11 - Include concat::setup in concat improving UX +- 2012/08/14 - Puppet Lint improvements +- 2012/08/30 - The target path can be different from the $name +- 2012/08/30 - More Puppet Lint cleanup +- 2012/09/04 - RELEASE 0.2.0 +- 2012/12/12 - Added (file) $replace parameter to concat diff --git a/modules/dependencies/concat/CONTRIBUTING.md b/modules/dependencies/concat/CONTRIBUTING.md new file mode 100644 index 000000000..e1288478a --- /dev/null +++ b/modules/dependencies/concat/CONTRIBUTING.md @@ -0,0 +1,234 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Sign the [Contributor License Agreement](https://cla.puppetlabs.com/) + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sign the Contributor License Agreement + + Before we can accept your changes, we do need a signed Puppet + Labs Contributor License Agreement (CLA). + + You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/) + + If you have any questions about the CLA, please feel free to + contact Puppet Labs via email at cla-submissions@puppetlabs.com. + + 3. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 4. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% rake spec_clean +% rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/modules/dependencies/concat/Gemfile b/modules/dependencies/concat/Gemfile new file mode 100644 index 000000000..081b1a291 --- /dev/null +++ b/modules/dependencies/concat/Gemfile @@ -0,0 +1,27 @@ +source ENV['GEM_SOURCE'] || "https://rubygems.org" + +group :development, :test do + gem 'rake', :require => false + gem 'rspec-puppet', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'serverspec', :require => false + gem 'puppet-lint', '0.3.2', :require => false + gem 'beaker', :require => false + gem 'beaker-rspec', :require => false + gem 'pry', :require => false + gem 'simplecov', :require => false +end + +if facterversion = ENV['FACTER_GEM_VERSION'] + gem 'facter', facterversion, :require => false +else + gem 'facter', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/modules/dependencies/concat/LICENSE b/modules/dependencies/concat/LICENSE new file mode 100644 index 000000000..6a9e9a194 --- /dev/null +++ b/modules/dependencies/concat/LICENSE @@ -0,0 +1,14 @@ + Copyright 2012 R.I.Pienaar + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/modules/dependencies/concat/README.md b/modules/dependencies/concat/README.md new file mode 100644 index 000000000..2ed9024eb --- /dev/null +++ b/modules/dependencies/concat/README.md @@ -0,0 +1,437 @@ +#Concat + +[![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-concat.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-concat) + +####Table of Contents + +1. [Overview](#overview) +2. [Module Description - What the module does and why it is useful](#module-description) +3. [Setup - The basics of getting started with concat](#setup) + * [What concat affects](#what-concat-affects) + * [Setup requirements](#setup-requirements) + * [Beginning with concat](#beginning-with-concat) +4. [Usage - Configuration options and additional functionality](#usage) + * [API _deprecations_](#api-deprecations) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) + +##Overview + +This module constructs files from multiple fragments in an ordered way. + +##Module Description + +This module lets you use many concat::fragment{} resources throughout +your modules to construct a single file at the end. It does this through +a shell (or ruby) script and a temporary holding space for the fragments. + +##Setup + +###What concat affects + +* Installs concatfragments.[sh|rb] based on platform. +* Adds a concat/ directory into Puppets `vardir`. + +###Beginning with concat + +To start using concat you need to create: + +* A concat{} resource for the final file. +* One or more concat::fragment{}'s. + +A minimal example might be: + +```puppet +concat { '/tmp/file': + ensure => present, +} + +concat::fragment { 'tmpfile': + target => '/tmp/file', + content => 'test contents', + order => '01' +} +``` + +##Usage + +Please be aware that there have been a number of [API +_deprecations_](#api-deprecations). + +If you wanted a /etc/motd file that listed all the major modules +on the machine. And that would be maintained automatically even +if you just remove the include lines for other modules you could +use code like below, a sample /etc/motd would be: + +
+Puppet modules on this server:
+
+    -- Apache
+    -- MySQL
+
+ +Local sysadmins can also append to the file by just editing /etc/motd.local +their changes will be incorporated into the puppet managed motd. + +```puppet +class motd { + $motd = '/etc/motd' + + concat { $motd: + owner => 'root', + group => 'root', + mode => '0644' + } + + concat::fragment{ 'motd_header': + target => $motd, + content => "\nPuppet modules on this server:\n\n", + order => '01' + } + + # local users on the machine can append to motd by just creating + # /etc/motd.local + concat::fragment{ 'motd_local': + target => $motd, + source => '/etc/motd.local', + order => '15' + } +} + +# used by other modules to register themselves in the motd +define motd::register($content="", $order='10') { + if $content == "" { + $body = $name + } else { + $body = $content + } + + concat::fragment{ "motd_fragment_$name": + target => '/etc/motd', + order => $order, + content => " -- $body\n" + } +} +``` + +To use this you'd then do something like: + +```puppet +class apache { + include apache::install, apache::config, apache::service + + motd::register{ 'Apache': } +} +``` + +##Reference + +###Classes + +####Public classes + +####Private classes +* `concat::setup`: Sets up the concat script/directories. + +###Parameters + +###Defines + +####concat + +#####`ensure` +Controls if the combined file is present or absent. + +######Example +- ensure => present +- ensure => absent + +#####`path` +Controls the destination of the file to create. + +######Example +- path => '/tmp/filename' + +#####`owner` +Set the owner of the combined file. + +######Example +- owner => 'root' + +#####`group` +Set the group of the combined file. + +######Example +- group => 'root' + +#####`mode` +Set the mode of the combined file. + +######Example +- mode => '0644' + +#####`warn` +Determine if a warning message should be added at the top of the file to let +users know it was autogenerated by Puppet. It should be a boolean or a string +containing the contents of the warning message. + +######Example +- warn => true +- warn => false +- warn => '# This file is autogenerated!' + +#####`force` +Determine if empty files are allowed when no fragments were added. + +######Example +- force => true +- force => false + +#####`backup` +Controls the filebucket behavior used for the file. + +######Example +- backup => 'puppet' + +#####`replace` +Controls if Puppet should replace the destination file if it already exists. + +######Example +- replace => true +- replace => false + +#####`order` +Controls the way in which the shell script chooses to sort the files. It's +rare you'll need to adjust this. + +######Allowed Values +- order => 'alpha' +- order => 'numeric' + +#####`ensure_newline` +Ensure there's a newline at the end of the fragments. + +######Example +- ensure_newline => true +- ensure_newline => false + +####concat::fragment + +#####`target` +Choose the destination file of the fragment. + +######Example +- target => '/tmp/testfile' + +#####`content` +Create the content of the fragment. + +######Example +- content => 'test file contents' + +#####`source` +Find the sources within Puppet of the fragment. + +######Example +- source => 'puppet:///modules/test/testfile' +- source => ['puppet:///modules/test/1', 'puppet:///modules/test/2'] + +#####`order` +Order the fragments. + +######Example +- order => '01' + +Best practice is to pass a string to this parameter but integer values are accepted. + +#####`ensure` +Control the file of fragment created. + +######Example +- ensure => 'present' +- ensure => 'absent' + +#####`mode` +Set the mode of the fragment. + +######Example +- mode => '0644' + +#####`owner` +Set the owner of the fragment. + +######Example +- owner => 'root' + +#####`group` +Set the group of the fragment. + +######Example +- group => 'root' + +#####`backup` +Control the filebucket behavior for the fragment. + +######Example +- backup => 'puppet' + +### API _deprecations_ + +#### Since version `1.0.0` + +##### `concat{}` `warn` parameter + +```puppet +concat { '/tmp/file': + ensure => present, + warn => 'true', # generates stringified boolean value warning +} +``` + +Using stringified Boolean values as the `warn` parameter to `concat` is +deprecated, generates a catalog compile time warning, and will be silently +treated as the concatenated file header/warning message in a future release. + +The following strings are considered a stringified Boolean value: + + * `'true'` + * `'yes'` + * `'on'` + * `'false'` + * `'no'` + * `'off'` + +Please migrate to using the Puppet DSL's native [Boolean data +type](http://docs.puppetlabs.com/puppet/3/reference/lang_datatypes.html#booleans). + +##### `concat{}` `gnu` parameter + +```puppet +concat { '/tmp/file': + ensure => present, + gnu => $foo, # generates deprecation warning +} +``` + +The `gnu` parameter to `concat` is deprecated, generates a catalog compile time +warning, and has no effect. This parameter will be removed in a future +release. + +Note that this parameter was silently ignored in the `1.0.0` release. + +##### `concat::fragment{}` `ensure` parameter + +```puppet +concat::fragment { 'cpuinfo': + ensure => '/proc/cpuinfo', # generates deprecation warning + target => '/tmp/file', +} +``` + +Passing a value other than `'present'` or `'absent'` as the `ensure` parameter +to `concat::fragment` is deprecated and generates a catalog compile time +warning. The warning will become a catalog compilation failure in a future +release. + +This type emulates the Puppet core `file` type's disfavored [`ensure` +semantics](http://docs.puppetlabs.com/references/latest/type.html#file-attribute-ensure) +of treating a file path as a directive to create a symlink. This feature is +problematic in several ways. It copies an API semantic of another type that is +both frowned upon and not generally well known. It's behavior may be +surprising in that the target concatenated file will not be a symlink nor is +there any common file system that has a concept of a section of a plain file +being symbolically linked to another file. Additionally, the behavior is +generally inconsistent with most Puppet types in that a missing source file +will be silently ignored. + +If you want to use the content of a file as a fragment please use the `source` +parameter. + +##### `concat::fragment{}` `mode/owner/group` parameters + +```puppet +concat::fragment { 'foo': + target => '/tmp/file', + content => 'foo', + mode => $mode, # generates deprecation warning + owner => $owner, # generates deprecation warning + group => $group, # generates deprecation warning +} +``` + +The `mode` parameter to `concat::fragment` is deprecated, generates a catalog compile time warning, and has no effect. + +The `owner` parameter to `concat::fragment` is deprecated, generates a catalog +compile time warning, and has no effect. + +The `group` parameter to `concat::fragment` is deprecated, generates a catalog +compile time warning, and has no effect. + +These parameters had no user visible effect in version `1.0.0` and will be +removed in a future release. + +##### `concat::fragment{}` `backup` parameter + +```puppet +concat::fragment { 'foo': + target => '/tmp/file', + content => 'foo', + backup => 'bar', # generates deprecation warning +} +``` + +The `backup` parameter to `concat::fragment` is deprecated, generates a catalog +compile time warning, and has no effect. It will be removed in a future +release. + +In the `1.0.0` release this parameter controlled file bucketing of the file +fragment. Bucketting the fragment(s) is redundant with bucketting the final +concatenated file and this feature has been removed. + +##### `class { 'concat::setup': }` + +```puppet +include concat::setup # generates deprecation warning + +class { 'concat::setup': } # generates deprecation warning +``` + +The `concat::setup` class is deprecated as a public API of this module and +should no longer be directly included in the manifest. This class may be +removed in a future release. + +##### Parameter validation + +While not an API depreciation, users should be aware that all public parameters +in this module are now validated for at least variable type. This may cause +validation errors in a manifest that was previously silently misbehaving. + +##Limitations + +This module has been tested on: + +* RedHat Enterprise Linux (and Centos) 5/6 +* Debian 6/7 +* Ubuntu 12.04 + +Testing on other platforms has been light and cannot be guaranteed. + +#Development + +Puppet Labs modules on the Puppet Forge are open projects, and community +contributions are essential for keeping them great. We can’t access the +huge number of platforms and myriad of hardware, software, and deployment +configurations that Puppet is intended to serve. + +We want to keep it as easy as possible to contribute changes so that our +modules work in your environment. There are a few guidelines that we need +contributors to follow so that we can have a chance of keeping on top of things. + +You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) + +###Contributors + +The list of contributors can be found at: + +https://github.com/puppetlabs/puppetlabs-concat/graphs/contributors diff --git a/modules/dependencies/concat/Rakefile b/modules/dependencies/concat/Rakefile new file mode 100644 index 000000000..5868545f2 --- /dev/null +++ b/modules/dependencies/concat/Rakefile @@ -0,0 +1,10 @@ +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' + +PuppetLint.configuration.fail_on_warnings +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_class_parameter_defaults') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] diff --git a/modules/dependencies/concat/checksums.json b/modules/dependencies/concat/checksums.json new file mode 100644 index 000000000..ccdb8e9b4 --- /dev/null +++ b/modules/dependencies/concat/checksums.json @@ -0,0 +1,53 @@ +{ + "CHANGELOG.md": "e72e5900c060795a23a286c09898cefb", + "CONTRIBUTING.md": "d911815dd7d0d90b90bb35382a6e3298", + "Gemfile": "7e54561091d91e1ce90e429ae4bcea19", + "LICENSE": "f5a76685d453424cd63dde1535811cf0", + "README.md": "1a3d6bbaad03232055fdf7c7cf5a4e7f", + "Rakefile": "de8eeacfe1fbbc6a6f4d89adfc98bcaf", + "files/concatfragments.rb": "f88397daaf63a9c75bcf285b23b727ed", + "files/concatfragments.sh": "7bbe7c5fce25a5ddd20415d909ba44fc", + "lib/facter/concat_basedir.rb": "ff080677e7f192b9b96911698b0b9b3d", + "lib/puppet/parser/functions/concat_getparam.rb": "7654b44a87a05b2f2e9de2eaadf1ff8f", + "lib/puppet/parser/functions/concat_is_bool.rb": "a5dc6980d7f27d1b858e791964682756", + "manifests/fragment.pp": "85921c0e68ba60fc2e711c9324f03ff6", + "manifests/init.pp": "aa491fe7e5cba80dea09ead4c77bb02a", + "manifests/setup.pp": "dea1e9492771dabf32a1b2ac2161beb2", + "metadata.json": "821277dec4a59e16711b5f46fc6a2371", + "spec/acceptance/backup_spec.rb": "6cd0023de71c7f297b919ad44875211c", + "spec/acceptance/concat_spec.rb": "9c43771d9b9b0dd2c3e9fe257059347b", + "spec/acceptance/deprecation_warnings_spec.rb": "1e8afe1828999bca24bd9e0fd64d4e2e", + "spec/acceptance/empty_spec.rb": "8fbe5077e9d85c1ead153164fbf45cac", + "spec/acceptance/fragment_source_spec.rb": "d067b5a75a475df32b391031780c81fb", + "spec/acceptance/fragments_are_always_replaced_spec.rb": "1705de285eb045f26e92e85eadee7fe4", + "spec/acceptance/newline_spec.rb": "8e0b87458e5f6cc3ec242d22520e9fde", + "spec/acceptance/nodesets/aix-71-vcloud.yml": "de6cc5bf18be2be8d50e62503652cb32", + "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", + "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", + "spec/acceptance/nodesets/centos-64-x64.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", + "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/debian-607-x64.yml": "d566bf76f534e2af7c9a4605316d232c", + "spec/acceptance/nodesets/debian-70rc1-x64.yml": "31ccca73af7b74e1cc2fb0035c230b2c", + "spec/acceptance/nodesets/debian-73-x64.yml": "bd3ea8245ce691c2b234529d62d043eb", + "spec/acceptance/nodesets/default.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", + "spec/acceptance/nodesets/fedora-18-x64.yml": "acc126fa764c39a3b1df36e9224a21d9", + "spec/acceptance/nodesets/sles-11-x64.yml": "44e4c6c15c018333bfa9840a5e702f66", + "spec/acceptance/nodesets/sles-11sp1-x64.yml": "fa0046bd89c1ab4ba9521ad79db234cd", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "dc0da2d2449f66c8fdae16593811504f", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "78a3ee42652e26119d90aa62586565b2", + "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", + "spec/acceptance/order_spec.rb": "bc2c9fc317bf3553e8eb817b00af6f00", + "spec/acceptance/quoted_paths_spec.rb": "b0996f7c377c0a16a64a62c3a8559c93", + "spec/acceptance/replace_spec.rb": "bc06b6f00b1ff1cca19f45468676bcbd", + "spec/acceptance/symbolic_name_spec.rb": "94978d9d4742d18263c420c26e9d7a67", + "spec/acceptance/warn_spec.rb": "130c2c41cab442386ee8be4a1e1a6304", + "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", + "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", + "spec/spec_helper_acceptance.rb": "30b594565f800443d6802436a53afc37", + "spec/unit/classes/concat_setup_spec.rb": "f76beeb0f90766dc91c91f3c0b6b5f4a", + "spec/unit/defines/concat_fragment_spec.rb": "b273ed6b1052a587829ce073e3ded7a4", + "spec/unit/defines/concat_spec.rb": "9cafbbc5afd9c3cd8d8cdc8d951fdcb7", + "spec/unit/facts/concat_basedir_spec.rb": "cf00f5a07948436fa0a84d00fc098539", + "tests/fragment.pp": "9adc3d9ba61676066072e1b949a37dbb", + "tests/init.pp": "bd3ce7d2ee146744b5dbbaae8a927043" +} \ No newline at end of file diff --git a/modules/dependencies/concat/files/concatfragments.rb b/modules/dependencies/concat/files/concatfragments.rb new file mode 100644 index 000000000..904f82460 --- /dev/null +++ b/modules/dependencies/concat/files/concatfragments.rb @@ -0,0 +1,150 @@ +#!/usr/bin/env ruby +# Script to concat files to a config file. +# +# Given a directory like this: +# /path/to/conf.d +# |-- fragments +# | |-- 00_named.conf +# | |-- 10_domain.net +# | `-- zz_footer +# +# The script supports a test option that will build the concat file to a temp location and +# use /usr/bin/cmp to verify if it should be run or not. This would result in the concat happening +# twice on each run but gives you the option to have an unless option in your execs to inhibit rebuilds. +# +# Without the test option and the unless combo your services that depend on the final file would end up +# restarting on each run, or in other manifest models some changes might get missed. +# +# OPTIONS: +# -o The file to create from the sources +# -d The directory where the fragments are kept +# -t Test to find out if a build is needed, basically concats the files to a temp +# location and compare with what's in the final location, return codes are designed +# for use with unless on an exec resource +# -w Add a shell style comment at the top of the created file to warn users that it +# is generated by puppet +# -f Enables the creation of empty output files when no fragments are found +# -n Sort the output numerically rather than the default alpha sort +# +# the command: +# +# concatfragments.rb -o /path/to/conffile.cfg -d /path/to/conf.d +# +# creates /path/to/conf.d/fragments.concat and copies the resulting +# file to /path/to/conffile.cfg. The files will be sorted alphabetically +# pass the -n switch to sort numerically. +# +# The script does error checking on the various dirs and files to make +# sure things don't fail. +require 'optparse' +require 'fileutils' + +settings = { + :outfile => "", + :workdir => "", + :test => false, + :force => false, + :warn => "", + :sortarg => "", + :newline => false +} + +OptionParser.new do |opts| + opts.banner = "Usage: #{$0} [options]" + opts.separator "Specific options:" + + opts.on("-o", "--outfile OUTFILE", String, "The file to create from the sources") do |o| + settings[:outfile] = o + end + + opts.on("-d", "--workdir WORKDIR", String, "The directory where the fragments are kept") do |d| + settings[:workdir] = d + end + + opts.on("-t", "--test", "Test to find out if a build is needed") do + settings[:test] = true + end + + opts.separator "Other options:" + opts.on("-w", "--warn WARNMSG", String, + "Add a shell style comment at the top of the created file to warn users that it is generated by puppet") do |w| + settings[:warn] = w + end + + opts.on("-f", "--force", "Enables the creation of empty output files when no fragments are found") do + settings[:force] = true + end + + opts.on("-n", "--sort", "Sort the output numerically rather than the default alpha sort") do + settings[:sortarg] = "-n" + end + + opts.on("-l", "--line", "Append a newline") do + settings[:newline] = true + end +end.parse! + +# do we have -o? +raise 'Please specify an output file with -o' unless !settings[:outfile].empty? + +# do we have -d? +raise 'Please specify fragments directory with -d' unless !settings[:workdir].empty? + +# can we write to -o? +if File.file?(settings[:outfile]) + if !File.writable?(settings[:outfile]) + raise "Cannot write to #{settings[:outfile]}" + end +else + if !File.writable?(File.dirname(settings[:outfile])) + raise "Cannot write to dirname #{File.dirname(settings[:outfile])} to create #{settings[:outfile]}" + end +end + +# do we have a fragments subdir inside the work dir? +if !File.directory?(File.join(settings[:workdir], "fragments")) && !File.executable?(File.join(settings[:workdir], "fragments")) + raise "Cannot access the fragments directory" +end + +# are there actually any fragments? +if (Dir.entries(File.join(settings[:workdir], "fragments")) - %w{ . .. }).empty? + if !settings[:force] + raise "The fragments directory is empty, cowardly refusing to make empty config files" + end +end + +Dir.chdir(settings[:workdir]) + +if settings[:warn].empty? + File.open("fragments.concat", 'w') {|f| f.write("") } +else + File.open("fragments.concat", 'w') {|f| f.write("#{settings[:warn]}\n") } +end + +# find all the files in the fragments directory, sort them numerically and concat to fragments.concat in the working dir +open('fragments.concat', 'a') do |f| + Dir.entries("fragments").sort.each{ |entry| + + if File.file?(File.join("fragments", entry)) + f << File.read(File.join("fragments", entry)) + + # append a newline if we were asked to (invoked with -l) + if settings[:newline] + f << "\n" + end + + end + } +end + +if !settings[:test] + # This is a real run, copy the file to outfile + FileUtils.cp 'fragments.concat', settings[:outfile] +else + # Just compare the result to outfile to help the exec decide + if FileUtils.cmp 'fragments.concat', settings[:outfile] + exit 0 + else + exit 1 + end +end diff --git a/modules/dependencies/concat/files/concatfragments.sh b/modules/dependencies/concat/files/concatfragments.sh new file mode 100755 index 000000000..7e6b0f5c5 --- /dev/null +++ b/modules/dependencies/concat/files/concatfragments.sh @@ -0,0 +1,140 @@ +#!/bin/sh + +# Script to concat files to a config file. +# +# Given a directory like this: +# /path/to/conf.d +# |-- fragments +# | |-- 00_named.conf +# | |-- 10_domain.net +# | `-- zz_footer +# +# The script supports a test option that will build the concat file to a temp location and +# use /usr/bin/cmp to verify if it should be run or not. This would result in the concat happening +# twice on each run but gives you the option to have an unless option in your execs to inhibit rebuilds. +# +# Without the test option and the unless combo your services that depend on the final file would end up +# restarting on each run, or in other manifest models some changes might get missed. +# +# OPTIONS: +# -o The file to create from the sources +# -d The directory where the fragments are kept +# -t Test to find out if a build is needed, basically concats the files to a temp +# location and compare with what's in the final location, return codes are designed +# for use with unless on an exec resource +# -w Add a shell style comment at the top of the created file to warn users that it +# is generated by puppet +# -f Enables the creation of empty output files when no fragments are found +# -n Sort the output numerically rather than the default alpha sort +# +# the command: +# +# concatfragments.sh -o /path/to/conffile.cfg -d /path/to/conf.d +# +# creates /path/to/conf.d/fragments.concat and copies the resulting +# file to /path/to/conffile.cfg. The files will be sorted alphabetically +# pass the -n switch to sort numerically. +# +# The script does error checking on the various dirs and files to make +# sure things don't fail. + +OUTFILE="" +WORKDIR="" +TEST="" +FORCE="" +WARN="" +SORTARG="" +ENSURE_NEWLINE="" + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +## Well, if there's ever a bad way to do things, Nexenta has it. +## http://nexenta.org/projects/site/wiki/Personalities +unset SUN_PERSONALITY + +while getopts "o:s:d:tnw:fl" options; do + case $options in + o ) OUTFILE=$OPTARG;; + d ) WORKDIR=$OPTARG;; + n ) SORTARG="-n";; + w ) WARNMSG="$OPTARG";; + f ) FORCE="true";; + t ) TEST="true";; + l ) ENSURE_NEWLINE="true";; + * ) echo "Specify output file with -o and fragments directory with -d" + exit 1;; + esac +done + +# do we have -o? +if [ "x${OUTFILE}" = "x" ]; then + echo "Please specify an output file with -o" + exit 1 +fi + +# do we have -d? +if [ "x${WORKDIR}" = "x" ]; then + echo "Please fragments directory with -d" + exit 1 +fi + +# can we write to -o? +if [ -f "${OUTFILE}" ]; then + if [ ! -w "${OUTFILE}" ]; then + echo "Cannot write to ${OUTFILE}" + exit 1 + fi +else + if [ ! -w `dirname "${OUTFILE}"` ]; then + echo "Cannot write to `dirname \"${OUTFILE}\"` to create ${OUTFILE}" + exit 1 + fi +fi + +# do we have a fragments subdir inside the work dir? +if [ ! -d "${WORKDIR}/fragments" ] && [ ! -x "${WORKDIR}/fragments" ]; then + echo "Cannot access the fragments directory" + exit 1 +fi + +# are there actually any fragments? +if [ ! "$(ls -A """${WORKDIR}/fragments""")" ]; then + if [ "x${FORCE}" = "x" ]; then + echo "The fragments directory is empty, cowardly refusing to make empty config files" + exit 1 + fi +fi + +cd "${WORKDIR}" + +if [ "x${WARNMSG}" = "x" ]; then + : > "fragments.concat" +else + printf '%s\n' "$WARNMSG" > "fragments.concat" +fi + +# find all the files in the fragments directory, sort them numerically and concat to fragments.concat in the working dir +IFS_BACKUP=$IFS +IFS=' +' +for fragfile in `find fragments/ -type f -follow -print0 | xargs -0 -n1 basename | LC_ALL=C sort ${SORTARG}` +do + cat "fragments/$fragfile" >> "fragments.concat" + # Handle newlines. + if [ "x${ENSURE_NEWLINE}" != "x" ]; then + echo >> "fragments.concat" + fi +done +IFS=$IFS_BACKUP + +if [ "x${TEST}" = "x" ]; then + # This is a real run, copy the file to outfile + cp fragments.concat "${OUTFILE}" + RETVAL=$? +else + # Just compare the result to outfile to help the exec decide + cmp "${OUTFILE}" fragments.concat + RETVAL=$? +fi + +exit $RETVAL diff --git a/modules/dependencies/concat/lib/facter/concat_basedir.rb b/modules/dependencies/concat/lib/facter/concat_basedir.rb new file mode 100644 index 000000000..bfac07102 --- /dev/null +++ b/modules/dependencies/concat/lib/facter/concat_basedir.rb @@ -0,0 +1,11 @@ +# == Fact: concat_basedir +# +# A custom fact that sets the default location for fragments +# +# "${::vardir}/concat/" +# +Facter.add("concat_basedir") do + setcode do + File.join(Puppet[:vardir],"concat") + end +end diff --git a/modules/dependencies/concat/lib/puppet/parser/functions/concat_getparam.rb b/modules/dependencies/concat/lib/puppet/parser/functions/concat_getparam.rb new file mode 100644 index 000000000..1757bdc54 --- /dev/null +++ b/modules/dependencies/concat/lib/puppet/parser/functions/concat_getparam.rb @@ -0,0 +1,35 @@ +# Test whether a given class or definition is defined +require 'puppet/parser/functions' + +Puppet::Parser::Functions.newfunction(:concat_getparam, + :type => :rvalue, + :doc => <<-'ENDOFDOC' +Takes a resource reference and name of the parameter and +returns value of resource's parameter. + +*Examples:* + + define example_resource($param) { + } + + example_resource { "example_resource_instance": + param => "param_value" + } + + concat_getparam(Example_resource["example_resource_instance"], "param") + +Would return: param_value +ENDOFDOC +) do |vals| + reference, param = vals + raise(ArgumentError, 'Must specify a reference') unless reference + raise(ArgumentError, 'Must specify name of a parameter') unless param and param.instance_of? String + + return '' if param.empty? + + if resource = findresource(reference.to_s) + return resource[param] if resource[param] + end + + return '' +end diff --git a/modules/dependencies/concat/lib/puppet/parser/functions/concat_is_bool.rb b/modules/dependencies/concat/lib/puppet/parser/functions/concat_is_bool.rb new file mode 100644 index 000000000..c2c2a9f2e --- /dev/null +++ b/modules/dependencies/concat/lib/puppet/parser/functions/concat_is_bool.rb @@ -0,0 +1,22 @@ +# +# concat_is_bool.rb +# + +module Puppet::Parser::Functions + newfunction(:concat_is_bool, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is a boolean. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "concat_is_bool(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + type = arguments[0] + + result = type.is_a?(TrueClass) || type.is_a?(FalseClass) + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/concat/manifests/fragment.pp b/modules/dependencies/concat/manifests/fragment.pp new file mode 100644 index 000000000..34ec4c248 --- /dev/null +++ b/modules/dependencies/concat/manifests/fragment.pp @@ -0,0 +1,124 @@ +# == Define: concat::fragment +# +# Puts a file fragment into a directory previous setup using concat +# +# === Options: +# +# [*target*] +# The file that these fragments belong to +# [*content*] +# If present puts the content into the file +# [*source*] +# If content was not specified, use the source +# [*order*] +# By default all files gets a 10_ prefix in the directory you can set it to +# anything else using this to influence the order of the content in the file +# [*ensure*] +# Present/Absent or destination to a file to include another file +# [*mode*] +# Deprecated +# [*owner*] +# Deprecated +# [*group*] +# Deprecated +# [*backup*] +# Deprecated +# +define concat::fragment( + $target, + $content = undef, + $source = undef, + $order = '10', + $ensure = undef, + $mode = undef, + $owner = undef, + $group = undef, + $backup = undef +) { + validate_string($target) + validate_string($content) + if !(is_string($source) or is_array($source)) { + fail('$source is not a string or an Array.') + } + if !(is_string($order) or is_integer($order)) { + fail('$order is not a string or integer.') + } + if $mode { + warning('The $mode parameter to concat::fragment is deprecated and has no effect') + } + if $owner { + warning('The $owner parameter to concat::fragment is deprecated and has no effect') + } + if $group { + warning('The $group parameter to concat::fragment is deprecated and has no effect') + } + if $backup { + warning('The $backup parameter to concat::fragment is deprecated and has no effect') + } + if $ensure == undef { + $my_ensure = concat_getparam(Concat[$target], 'ensure') + } else { + if ! ($ensure in [ 'present', 'absent' ]) { + warning('Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.') + } + $my_ensure = $ensure + } + + include concat::setup + + $safe_name = regsubst($name, '[/:\n]', '_', 'GM') + $safe_target_name = regsubst($target, '[/:\n]', '_', 'GM') + $concatdir = $concat::setup::concatdir + $fragdir = "${concatdir}/${safe_target_name}" + $fragowner = $concat::setup::fragment_owner + $fragmode = $concat::setup::fragment_mode + + # The file type's semantics are problematic in that ensure => present will + # not over write a pre-existing symlink. We are attempting to provide + # backwards compatiblity with previous concat::fragment versions that + # supported the file type's ensure => /target syntax + + # be paranoid and only allow the fragment's file resource's ensure param to + # be file, absent, or a file target + $safe_ensure = $my_ensure ? { + '' => 'file', + undef => 'file', + 'file' => 'file', + 'present' => 'file', + 'absent' => 'absent', + default => $my_ensure, + } + + # if it looks line ensure => /target syntax was used, fish that out + if ! ($my_ensure in ['', 'present', 'absent', 'file' ]) { + $ensure_target = $my_ensure + } else { + $ensure_target = undef + } + + # the file type's semantics only allows one of: ensure => /target, content, + # or source + if ($ensure_target and $source) or + ($ensure_target and $content) or + ($source and $content) { + fail('You cannot specify more than one of $content, $source, $ensure => /target') + } + + if ! ($content or $source or $ensure_target) { + crit('No content, source or symlink specified') + } + + # punt on group ownership until some point in the distant future when $::gid + # can be relied on to be present + file { "${fragdir}/fragments/${order}_${safe_name}": + ensure => $safe_ensure, + owner => $fragowner, + mode => $fragmode, + source => $source, + content => $content, + backup => false, + replace => true, + alias => "concat_fragment_${name}", + notify => Exec["concat_${target}"] + } +} diff --git a/modules/dependencies/concat/manifests/init.pp b/modules/dependencies/concat/manifests/init.pp new file mode 100644 index 000000000..77f9d5fd2 --- /dev/null +++ b/modules/dependencies/concat/manifests/init.pp @@ -0,0 +1,236 @@ +# == Define: concat +# +# Sets up so that you can use fragments to build a final config file, +# +# === Options: +# +# [*ensure*] +# Present/Absent +# [*path*] +# The path to the final file. Use this in case you want to differentiate +# between the name of a resource and the file path. Note: Use the name you +# provided in the target of your fragments. +# [*owner*] +# Who will own the file +# [*group*] +# Who will own the file +# [*mode*] +# The mode of the final file +# [*force*] +# Enables creating empty files if no fragments are present +# [*warn*] +# Adds a normal shell style comment top of the file indicating that it is +# built by puppet +# [*force*] +# [*backup*] +# Controls the filebucketing behavior of the final file and see File type +# reference for its use. Defaults to 'puppet' +# [*replace*] +# Whether to replace a file that already exists on the local system +# [*order*] +# [*ensure_newline*] +# [*gnu*] +# Deprecated +# +# === Actions: +# * Creates fragment directories if it didn't exist already +# * Executes the concatfragments.sh script to build the final file, this +# script will create directory/fragments.concat. Execution happens only +# when: +# * The directory changes +# * fragments.concat != final destination, this means rebuilds will happen +# whenever someone changes or deletes the final file. Checking is done +# using /usr/bin/cmp. +# * The Exec gets notified by something else - like the concat::fragment +# define +# * Copies the file over to the final destination using a file resource +# +# === Aliases: +# +# * The exec can notified using Exec["concat_/path/to/file"] or +# Exec["concat_/path/to/directory"] +# * The final file can be referenced as File["/path/to/file"] or +# File["concat_/path/to/file"] +# +define concat( + $ensure = 'present', + $path = $name, + $owner = undef, + $group = undef, + $mode = '0644', + $warn = false, + $force = false, + $backup = 'puppet', + $replace = true, + $order = 'alpha', + $ensure_newline = false, + $gnu = undef +) { + validate_re($ensure, '^present$|^absent$') + validate_absolute_path($path) + validate_string($owner) + validate_string($group) + validate_string($mode) + if ! (is_string($warn) or $warn == true or $warn == false) { + fail('$warn is not a string or boolean') + } + validate_bool($force) + if ! concat_is_bool($backup) and ! is_string($backup) { + fail('$backup must be string or bool!') + } + validate_bool($replace) + validate_re($order, '^alpha$|^numeric$') + validate_bool($ensure_newline) + if $gnu { + warning('The $gnu parameter to concat is deprecated and has no effect') + } + + include concat::setup + + $safe_name = regsubst($name, '[/:]', '_', 'G') + $concatdir = $concat::setup::concatdir + $fragdir = "${concatdir}/${safe_name}" + $concat_name = 'fragments.concat.out' + $script_command = $concat::setup::script_command + $default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' + $bool_warn_message = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' + + case $warn { + true: { + $warn_message = $default_warn_message + } + 'true', 'yes', 'on': { + warning($bool_warn_message) + $warn_message = $default_warn_message + } + false: { + $warn_message = '' + } + 'false', 'no', 'off': { + warning($bool_warn_message) + $warn_message = '' + } + default: { + $warn_message = $warn + } + } + + $warnmsg_escaped = regsubst($warn_message, '\'', '\'\\\'\'', 'G') + $warnflag = $warnmsg_escaped ? { + '' => '', + default => "-w '${warnmsg_escaped}'" + } + + $forceflag = $force ? { + true => '-f', + false => '', + } + + $orderflag = $order ? { + 'numeric' => '-n', + 'alpha' => '', + } + + $newlineflag = $ensure_newline ? { + true => '-l', + false => '', + } + + File { + backup => false, + } + + if $ensure == 'present' { + file { $fragdir: + ensure => directory, + mode => '0750', + } + + file { "${fragdir}/fragments": + ensure => directory, + mode => '0750', + force => true, + ignore => ['.svn', '.git', '.gitignore'], + notify => Exec["concat_${name}"], + purge => true, + recurse => true, + } + + file { "${fragdir}/fragments.concat": + ensure => present, + mode => '0640', + } + + file { "${fragdir}/${concat_name}": + ensure => present, + mode => '0640', + } + + file { $name: + ensure => present, + owner => $owner, + group => $group, + mode => $mode, + replace => $replace, + path => $path, + alias => "concat_${name}", + source => "${fragdir}/${concat_name}", + backup => $backup, + } + + # remove extra whitespace from string interpolation to make testing easier + $command = strip(regsubst("${script_command} -o \"${fragdir}/${concat_name}\" -d \"${fragdir}\" ${warnflag} ${forceflag} ${orderflag} ${newlineflag}", '\s+', ' ', 'G')) + + # if puppet is running as root, this exec should also run as root to allow + # the concatfragments.sh script to potentially be installed in path that + # may not be accessible by a target non-root owner. + exec { "concat_${name}": + alias => "concat_${fragdir}", + command => $command, + notify => File[$name], + subscribe => File[$fragdir], + unless => "${command} -t", + path => $::path, + require => [ + File[$fragdir], + File["${fragdir}/fragments"], + File["${fragdir}/fragments.concat"], + ], + } + } else { + file { [ + $fragdir, + "${fragdir}/fragments", + "${fragdir}/fragments.concat", + "${fragdir}/${concat_name}" + ]: + ensure => absent, + force => true, + } + + file { $path: + ensure => absent, + backup => $backup, + } + + $absent_exec_command = $::kernel ? { + 'windows' => 'cmd.exe /c exit 0', + default => 'true', + } + + $absent_exec_path = $::kernel ? { + 'windows' => $::path, + default => '/bin:/usr/bin', + } + + # Need to have an unless here for idempotency. + exec { "concat_${name}": + alias => "concat_${fragdir}", + command => $absent_exec_command, + unless => $absent_exec_command, + path => $absent_exec_path, + } + } +} + +# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/modules/dependencies/concat/manifests/setup.pp b/modules/dependencies/concat/manifests/setup.pp new file mode 100644 index 000000000..1a6af6487 --- /dev/null +++ b/modules/dependencies/concat/manifests/setup.pp @@ -0,0 +1,64 @@ +# === Class: concat::setup +# +# Sets up the concat system. This is a private class. +# +# [$concatdir] +# is where the fragments live and is set on the fact concat_basedir. +# Since puppet should always manage files in $concatdir and they should +# not be deleted ever, /tmp is not an option. +# +# It also copies out the concatfragments.{sh,rb} file to ${concatdir}/bin +# +class concat::setup { + if $caller_module_name != $module_name { + warning("${name} is deprecated as a public API of the ${module_name} module and should no longer be directly included in the manifest.") + } + + if $::concat_basedir { + $concatdir = $::concat_basedir + } else { + fail ('$concat_basedir not defined. Try running again with pluginsync=true on the [master] and/or [main] section of your node\'s \'/etc/puppet/puppet.conf\'.') + } + + # owner and mode of fragment files (on windows owner and access rights should + # be inherited from concatdir and not explicitly set to avoid problems) + $fragment_owner = $::osfamily ? { 'windows' => undef, default => $::id } + $fragment_mode = $::osfamily ? { 'windows' => undef, default => '0640' } + + # PR #174 introduced changes to the concatfragments.sh script that are + # incompatible with Solaris 10 but reportedly OK on Solaris 11. As a work + # around we are enable the .rb concat script on all Solaris versions. If + # this goes smoothly, we should move towards completely eliminating the .sh + # version. + $script_name = $::osfamily? { + /(?i:(Windows|Solaris))/ => 'concatfragments.rb', + default => 'concatfragments.sh' + } + + $script_path = "${concatdir}/bin/${script_name}" + + $script_owner = $::osfamily ? { 'windows' => undef, default => $::id } + + $script_mode = $::osfamily ? { 'windows' => undef, default => '0755' } + + $script_command = $::osfamily? { + 'windows' => "ruby.exe '${script_path}'", + default => $script_path + } + + File { + backup => false, + } + + file { $script_path: + ensure => file, + owner => $script_owner, + mode => $script_mode, + source => "puppet:///modules/concat/${script_name}", + } + + file { [ $concatdir, "${concatdir}/bin" ]: + ensure => directory, + mode => '0755', + } +} diff --git a/modules/dependencies/concat/metadata.json b/modules/dependencies/concat/metadata.json new file mode 100644 index 000000000..93bb4b9f6 --- /dev/null +++ b/modules/dependencies/concat/metadata.json @@ -0,0 +1,108 @@ +{ + "name": "puppetlabs-concat", + "version": "1.1.1", + "author": "Puppet Labs", + "summary": "Concat module", + "license": "Apache-2.0", + "source": "https://github.com/puppetlabs/puppetlabs-concat", + "project_page": "https://github.com/puppetlabs/puppetlabs-concat", + "issues_url": "https://github.com/puppetlabs/puppetlabs-concat/issues", + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "11 SP1" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04" + ] + }, + { + "operatingsystem": "Solaris", + "operatingsystemrelease": [ + "10", + "11" + ] + }, + { + "operatingsystem": "Windows", + "operatingsystemrelease": [ + "Server 2003 R2", + "Server 2008 R2", + "Server 2012", + "Server 2012 R2" + ] + }, + { + "operatingsystem": "AIX", + "operatingsystemrelease": [ + "5.3", + "6.1", + "7.1" + ] + }, + { + "operatingsystem": "OSX", + "operatingsystemrelease": [ + "10.9" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": "3.x" + }, + { + "name": "puppet", + "version_requirement": "3.x" + } + ], + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"} + ] +} diff --git a/modules/dependencies/concat/spec/acceptance/backup_spec.rb b/modules/dependencies/concat/spec/acceptance/backup_spec.rb new file mode 100644 index 000000000..1989f4458 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/backup_spec.rb @@ -0,0 +1,115 @@ +require 'spec_helper_acceptance' + +describe 'concat backup parameter' do + basedir = default.tmpdir('concat') + context '=> puppet' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + content => "old contents\n", + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + backup => 'puppet', + } + concat::fragment { 'new file': + target => '#{basedir}/file', + content => 'new contents', + } + EOS + + it 'applies the manifest twice with "Filebucketed" stdout and no stderr' do + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Filebucketed #{basedir}\/file to puppet with sum 0140c31db86293a1a1e080ce9b91305f/) # sum is for file contents of 'old contents' + end + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'new contents' } + end + end + + context '=> .backup' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + content => "old contents\n", + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + backup => '.backup', + } + concat::fragment { 'new file': + target => '#{basedir}/file', + content => 'new contents', + } + EOS + + # XXX Puppet doesn't mention anything about filebucketing with a given + # extension like .backup + it 'applies the manifest twice no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'new contents' } + end + describe file("#{basedir}/file.backup") do + it { should be_file } + it { should contain 'old contents' } + end + end + + # XXX The backup parameter uses validate_string() and thus can't be the + # boolean false value, but the string 'false' has the same effect in Puppet 3 + context "=> 'false'" do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + content => "old contents\n", + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + backup => '.backup', + } + concat::fragment { 'new file': + target => '#{basedir}/file', + content => 'new contents', + } + EOS + + it 'applies the manifest twice with no "Filebucketed" stdout and no stderr' do + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to_not match(/Filebucketed/) + end + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'new contents' } + end + end +end diff --git a/modules/dependencies/concat/spec/acceptance/concat_spec.rb b/modules/dependencies/concat/spec/acceptance/concat_spec.rb new file mode 100644 index 000000000..10f72d91c --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/concat_spec.rb @@ -0,0 +1,215 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'AIX' + username = 'root' + groupname = 'system' + scriptname = 'concatfragments.sh' + vardir = default['puppetvardir'] +when 'Darwin' + username = 'root' + groupname = 'wheel' + scriptname = 'concatfragments.sh' + vardir = default['puppetvardir'] +when 'windows' + username = 'Administrator' + groupname = 'Administrators' + scriptname = 'concatfragments.rb' + result = on default, "echo #{default['puppetvardir']}" + vardir = result.raw_output.chomp +when 'Solaris' + username = 'root' + groupname = 'root' + scriptname = 'concatfragments.rb' + vardir = default['puppetvardir'] +else + username = 'root' + groupname = 'root' + scriptname = 'concatfragments.sh' + vardir = default['puppetvardir'] +end + +describe 'basic concat test' do + basedir = default.tmpdir('concat') + safe_basedir = basedir.gsub(/[\/:]/,'_') + + shared_examples 'successfully_applied' do |pp| + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{vardir}/concat") do + it { should be_directory } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 755 + } + end + describe file("#{vardir}/concat/bin") do + it { should be_directory } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 755 + } + end + describe file("#{vardir}/concat/bin/#{scriptname}") do + it { should be_file } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 755 + } + end + describe file("#{vardir}/concat/#{safe_basedir}_file") do + it { should be_directory } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 750 + } + end + describe file("#{vardir}/concat/#{safe_basedir}_file/fragments") do + it { should be_directory } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 750 + } + end + describe file("#{vardir}/concat/#{safe_basedir}_file/fragments.concat") do + it { should be_file } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 640 + } + end + describe file("#{vardir}/concat/#{safe_basedir}_file/fragments.concat.out") do + it { should be_file } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 640 + } + end + end + + context 'owner/group root' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + owner => '#{username}', + group => '#{groupname}', + mode => '0644', + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + order => '01', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + order => '02', + } + EOS + + it_behaves_like 'successfully_applied', pp + + describe file("#{basedir}/file") do + it { should be_file } + it { should be_owned_by username } + it { should be_grouped_into groupname } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 644 + } + it { should contain '1' } + it { should contain '2' } + end + describe file("#{vardir}/concat/#{safe_basedir}_file/fragments/01_1") do + it { should be_file } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 640 + } + end + describe file("#{vardir}/concat/#{safe_basedir}_file/fragments/02_2") do + it { should be_file } + it { should be_owned_by username } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 640 + } + end + end + + context 'ensure' do + context 'works when set to present with path set' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + pp=" + concat { 'file': + ensure => present, + path => '#{basedir}/file', + mode => '0644', + } + concat::fragment { '1': + target => 'file', + content => '1', + order => '01', + } + " + + it_behaves_like 'successfully_applied', pp + + describe file("#{basedir}/file") do + it { should be_file } + it("should be mode", :unless => (fact('osfamily') == 'AIX')) { + should be_mode 644 + } + it { should contain '1' } + end + end + context 'works when set to absent with path set' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + pp=" + concat { 'file': + ensure => absent, + path => '#{basedir}/file', + mode => '0644', + } + concat::fragment { '1': + target => 'file', + content => '1', + order => '01', + } + " + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should_not be_file } + end + end + end +end diff --git a/modules/dependencies/concat/spec/acceptance/deprecation_warnings_spec.rb b/modules/dependencies/concat/spec/acceptance/deprecation_warnings_spec.rb new file mode 100644 index 000000000..7b0f5c50c --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/deprecation_warnings_spec.rb @@ -0,0 +1,233 @@ +require 'spec_helper_acceptance' + +describe 'deprecation warnings' do + basedir = default.tmpdir('concat') + + shared_examples 'has_warning'do |pp, w| + it 'applies the manifest twice with a stderr regex' do + expect(apply_manifest(pp, :catch_failures => true).stderr).to match(/#{Regexp.escape(w)}/m) + expect(apply_manifest(pp, :catch_changes => true).stderr).to match(/#{Regexp.escape(w)}/m) + end + end + + context 'concat gnu parameter' do + pp = <<-EOS + concat { '#{basedir}/file': + gnu => 'foo', + } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + } + EOS + w = 'The $gnu parameter to concat is deprecated and has no effect' + + it_behaves_like 'has_warning', pp, w + end + + context 'concat warn parameter =>' do + ['true', 'yes', 'on'].each do |warn| + context warn do + pp = <<-EOS + concat { '#{basedir}/file': + warn => '#{warn}', + } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + } + EOS + w = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' + + it_behaves_like 'has_warning', pp, w + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '# This file is managed by Puppet. DO NOT EDIT.' } + it { should contain 'bar' } + end + end + end + + ['false', 'no', 'off'].each do |warn| + context warn do + pp = <<-EOS + concat { '#{basedir}/file': + warn => '#{warn}', + } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + } + EOS + w = 'Using stringified boolean values (\'true\', \'yes\', \'on\', \'false\', \'no\', \'off\') to represent boolean true/false as the $warn parameter to concat is deprecated and will be treated as the warning message in a future release' + + it_behaves_like 'has_warning', pp, w + + describe file("#{basedir}/file") do + it { should be_file } + it { should_not contain '# This file is managed by Puppet. DO NOT EDIT.' } + it { should contain 'bar' } + end + end + end + end + + context 'concat::fragment ensure parameter' do + context 'target file exists' do + before(:all) do + shell("/bin/echo 'file1 contents' > #{basedir}/file1") + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file1': + content => "file1 contents\n", + } + EOS + apply_manifest(pp) + end + + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + ensure => '#{basedir}/file1', + } + EOS + w = 'Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.' + + it_behaves_like 'has_warning', pp, w + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'file1 contents' } + end + + describe 'the fragment can be changed from a symlink to a plain file', :unless => (fact("osfamily") == "windows") do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'new content', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'new content' } + it { should_not contain 'file1 contents' } + end + end + end # target file exists + + context 'target does not exist' do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + ensure => '#{basedir}/file1', + } + EOS + w = 'Passing a value other than \'present\' or \'absent\' as the $ensure parameter to concat::fragment is deprecated. If you want to use the content of a file as a fragment please use the $source parameter.' + + it_behaves_like 'has_warning', pp, w + + describe file("#{basedir}/file") do + it { should be_file } + end + + describe 'the fragment can be changed from a symlink to a plain file', :unless => (fact('osfamily') == 'windows') do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'new content', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'new content' } + end + end + end # target file exists + + end # concat::fragment ensure parameter + + context 'concat::fragment mode parameter' do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + mode => 'bar', + } + EOS + w = 'The $mode parameter to concat::fragment is deprecated and has no effect' + + it_behaves_like 'has_warning', pp, w + end + + context 'concat::fragment owner parameter' do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + owner => 'bar', + } + EOS + w = 'The $owner parameter to concat::fragment is deprecated and has no effect' + + it_behaves_like 'has_warning', pp, w + end + + context 'concat::fragment group parameter' do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + group => 'bar', + } + EOS + w = 'The $group parameter to concat::fragment is deprecated and has no effect' + + it_behaves_like 'has_warning', pp, w + end + + context 'concat::fragment backup parameter' do + pp = <<-EOS + concat { '#{basedir}/file': } + concat::fragment { 'foo': + target => '#{basedir}/file', + content => 'bar', + backup => 'bar', + } + EOS + w = 'The $backup parameter to concat::fragment is deprecated and has no effect' + + it_behaves_like 'has_warning', pp, w + end + + context 'include concat::setup' do + pp = <<-EOS + include concat::setup + EOS + w = 'concat::setup is deprecated as a public API of the concat module and should no longer be directly included in the manifest.' + + it_behaves_like 'has_warning', pp, w + end + +end diff --git a/modules/dependencies/concat/spec/acceptance/empty_spec.rb b/modules/dependencies/concat/spec/acceptance/empty_spec.rb new file mode 100644 index 000000000..dc57cb791 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/empty_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper_acceptance' + +describe 'concat force empty parameter' do + basedir = default.tmpdir('concat') + context 'should run successfully' do + pp = <<-EOS + concat { '#{basedir}/file': + mode => '0644', + force => true, + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should_not contain '1\n2' } + end + end +end diff --git a/modules/dependencies/concat/spec/acceptance/fragment_source_spec.rb b/modules/dependencies/concat/spec/acceptance/fragment_source_spec.rb new file mode 100644 index 000000000..f3bbfccdf --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/fragment_source_spec.rb @@ -0,0 +1,149 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'AIX' + username = 'root' + groupname = 'system' +when 'Darwin' + username = 'root' + groupname = 'wheel' +when 'windows' + username = 'Administrator' + groupname = 'Administrators' +else + username = 'root' + groupname = 'root' +end + +describe 'concat::fragment source' do + basedir = default.tmpdir('concat') + context 'should read file fragments from local system' do + pp = <<-EOS + file { '#{basedir}/file1': + content => "file1 contents\n" + } + file { '#{basedir}/file2': + content => "file2 contents\n" + } + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + source => '#{basedir}/file1', + require => File['#{basedir}/file1'], + } + concat::fragment { '2': + target => '#{basedir}/foo', + content => 'string1 contents', + } + concat::fragment { '3': + target => '#{basedir}/foo', + source => '#{basedir}/file2', + require => File['#{basedir}/file2'], + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + it { should contain 'file1 contents' } + it { should contain 'string1 contents' } + it { should contain 'file2 contents' } + end + end # should read file fragments from local system + + context 'should create files containing first match only.' do + pp = <<-EOS + file { '#{basedir}/file1': + content => "file1 contents\n" + } + file { '#{basedir}/file2': + content => "file2 contents\n" + } + concat { '#{basedir}/result_file1': + owner => '#{username}', + group => '#{groupname}', + mode => '0644', + } + concat { '#{basedir}/result_file2': + owner => '#{username}', + group => '#{groupname}', + mode => '0644', + } + concat { '#{basedir}/result_file3': + owner => '#{username}', + group => '#{groupname}', + mode => '0644', + } + + concat::fragment { '1': + target => '#{basedir}/result_file1', + source => [ '#{basedir}/file1', '#{basedir}/file2' ], + require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], + order => '01', + } + concat::fragment { '2': + target => '#{basedir}/result_file2', + source => [ '#{basedir}/file2', '#{basedir}/file1' ], + require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], + order => '01', + } + concat::fragment { '3': + target => '#{basedir}/result_file3', + source => [ '#{basedir}/file1', '#{basedir}/file2' ], + require => [ File['#{basedir}/file1'], File['#{basedir}/file2'] ], + order => '01', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + describe file("#{basedir}/result_file1") do + it { should be_file } + it { should contain 'file1 contents' } + it { should_not contain 'file2 contents' } + end + describe file("#{basedir}/result_file2") do + it { should be_file } + it { should contain 'file2 contents' } + it { should_not contain 'file1 contents' } + end + describe file("#{basedir}/result_file3") do + it { should be_file } + it { should contain 'file1 contents' } + it { should_not contain 'file2 contents' } + end + end + + context 'should fail if no match on source.' do + pp = <<-EOS + concat { '#{basedir}/fail_no_source': + owner => '#{username}', + group => '#{groupname}', + mode => '0644', + } + + concat::fragment { '1': + target => '#{basedir}/fail_no_source', + source => [ '#{basedir}/nofilehere', '#{basedir}/nothereeither' ], + order => '01', + } + EOS + + it 'applies the manifest with resource failures' do + apply_manifest(pp, :expect_failures => true) + end + describe file("#{basedir}/fail_no_source") do + #FIXME: Serverspec::Type::File doesn't support exists? for some reason. so... hack. + it { should_not be_file } + it { should_not be_directory } + end + end +end + diff --git a/modules/dependencies/concat/spec/acceptance/fragments_are_always_replaced_spec.rb b/modules/dependencies/concat/spec/acceptance/fragments_are_always_replaced_spec.rb new file mode 100644 index 000000000..ac714a964 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/fragments_are_always_replaced_spec.rb @@ -0,0 +1,133 @@ +require 'spec_helper_acceptance' + +describe 'concat::fragment replace' do + basedir = default.tmpdir('concat') + + context 'should create fragment files' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + + pp1 = <<-EOS + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace unset run 1', + } + EOS + pp2 = <<-EOS + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace unset run 2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp1, :catch_failures => true) + apply_manifest(pp1, :catch_changes => true) + apply_manifest(pp2, :catch_failures => true) + apply_manifest(pp2, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + it { should_not contain 'caller has replace unset run 1' } + it { should contain 'caller has replace unset run 2' } + end + end # should create fragment files + + context 'should replace its own fragment files when caller has File { replace=>true } set' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + + pp1 = <<-EOS + File { replace=>true } + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace true set run 1', + } + EOS + pp2 = <<-EOS + File { replace=>true } + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace true set run 2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp1, :catch_failures => true) + apply_manifest(pp1, :catch_changes => true) + apply_manifest(pp2, :catch_failures => true) + apply_manifest(pp2, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + it { should_not contain 'caller has replace true set run 1' } + it { should contain 'caller has replace true set run 2' } + end + end # should replace its own fragment files when caller has File(replace=>true) set + + context 'should replace its own fragment files even when caller has File { replace=>false } set' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + EOS + apply_manifest(pp) + end + + pp1 = <<-EOS + File { replace=>false } + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace false set run 1', + } + EOS + pp2 = <<-EOS + File { replace=>false } + concat { '#{basedir}/foo': } + + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'caller has replace false set run 2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp1, :catch_failures => true) + apply_manifest(pp1, :catch_changes => true) + apply_manifest(pp2, :catch_failures => true) + apply_manifest(pp2, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + it { should_not contain 'caller has replace false set run 1' } + it { should contain 'caller has replace false set run 2' } + end + end # should replace its own fragment files even when caller has File(replace=>false) set + +end diff --git a/modules/dependencies/concat/spec/acceptance/newline_spec.rb b/modules/dependencies/concat/spec/acceptance/newline_spec.rb new file mode 100644 index 000000000..d182f2adc --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/newline_spec.rb @@ -0,0 +1,67 @@ +require 'spec_helper_acceptance' + +describe 'concat ensure_newline parameter' do + basedir = default.tmpdir('concat') + context '=> false' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory + } + EOS + + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + ensure_newline => false, + } + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '12' } + end + end + + context '=> true' do + pp = <<-EOS + concat { '#{basedir}/file': + ensure_newline => true, + } + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it("should contain 1\n2\n", :unless => (fact('osfamily') == 'Solaris')) { + should contain "1\n2\n" + } + end + end +end diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/aix-71-vcloud.yml b/modules/dependencies/concat/spec/acceptance/nodesets/aix-71-vcloud.yml new file mode 100644 index 000000000..f0ae87a5c --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/aix-71-vcloud.yml @@ -0,0 +1,19 @@ +HOSTS: + pe-aix-71-acceptance: + roles: + - master + - dashboard + - database + - agent + - default + platform: aix-7.1-power + hypervisor: aix + ip: pe-aix-71-acceptance.delivery.puppetlabs.net +CONFIG: + type: pe + nfs_server: NONE + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/centos-59-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 000000000..2ad90b86a --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml b/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 000000000..7d9242f1b --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64.yml new file mode 100644 index 000000000..063983549 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/centos-64-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/centos-65-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/debian-607-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/debian-607-x64.yml new file mode 100644 index 000000000..4c8be42d0 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/debian-607-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + debian-607-x64: + roles: + - master + platform: debian-6-amd64 + box : debian-607-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml new file mode 100644 index 000000000..19181c123 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/debian-70rc1-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + debian-70rc1-x64: + roles: + - master + platform: debian-7-amd64 + box : debian-70rc1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/debian-73-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/debian-73-x64.yml new file mode 100644 index 000000000..3e6a3a9dd --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/debian-73-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-73-x64.localhost: + roles: + - master + platform: debian-7-amd64 + box : debian-73-x64-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: foss diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/default.yml b/modules/dependencies/concat/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..063983549 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/default.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/fedora-18-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..624b53716 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/sles-11-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/sles-11-x64.yml new file mode 100644 index 000000000..41abe2135 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/sles-11-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11-x64.local: + roles: + - master + platform: sles-11-x64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml new file mode 100644 index 000000000..554c37a50 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/sles-11sp1-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11sp1-x64: + roles: + - master + platform: sles-11-x86_64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5047017e6 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..1c7a34ccb --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/modules/dependencies/concat/spec/acceptance/order_spec.rb b/modules/dependencies/concat/spec/acceptance/order_spec.rb new file mode 100644 index 000000000..fd7b05b4f --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/order_spec.rb @@ -0,0 +1,143 @@ +require 'spec_helper_acceptance' + +describe 'concat order' do + basedir = default.tmpdir('concat') + + context '=> alpha' do + pp = <<-EOS + concat { '#{basedir}/foo': + order => 'alpha' + } + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'string1', + } + concat::fragment { '2': + target => '#{basedir}/foo', + content => 'string2', + } + concat::fragment { '10': + target => '#{basedir}/foo', + content => 'string10', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + #XXX Solaris 10 doesn't support multi-line grep + it("should contain string10\nstring1\nsring2", :unless => (fact('osfamily') == 'Solaris')) { + should contain "string10\nstring1\nsring2" + } + end + end + + context '=> numeric' do + pp = <<-EOS + concat { '#{basedir}/foo': + order => 'numeric' + } + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'string1', + } + concat::fragment { '2': + target => '#{basedir}/foo', + content => 'string2', + } + concat::fragment { '10': + target => '#{basedir}/foo', + content => 'string10', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + #XXX Solaris 10 doesn't support multi-line grep + it("should contain string1\nstring2\nsring10", :unless => (fact('osfamily') == 'Solaris')) { + should contain "string1\nstring2\nsring10" + } + end + end +end # concat order + +describe 'concat::fragment order' do + basedir = default.tmpdir('concat') + + context '=> reverse order' do + pp = <<-EOS + concat { '#{basedir}/foo': } + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'string1', + order => '15', + } + concat::fragment { '2': + target => '#{basedir}/foo', + content => 'string2', + # default order 10 + } + concat::fragment { '3': + target => '#{basedir}/foo', + content => 'string3', + order => '1', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + #XXX Solaris 10 doesn't support multi-line grep + it("should contain string3\nstring2\nsring1", :unless => (fact('osfamily') == 'Solaris')) { + should contain "string3\nstring2\nsring1" + } + end + end + + context '=> normal order' do + pp = <<-EOS + concat { '#{basedir}/foo': } + concat::fragment { '1': + target => '#{basedir}/foo', + content => 'string1', + order => '01', + } + concat::fragment { '2': + target => '#{basedir}/foo', + content => 'string2', + order => '02' + } + concat::fragment { '3': + target => '#{basedir}/foo', + content => 'string3', + order => '03', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/foo") do + it { should be_file } + #XXX Solaris 10 doesn't support multi-line grep + it("should contain string1\nstring2\nsring3", :unless => (fact('osfamily') == 'Solaris')) { + should contain "string1\nstring2\nsring3" + } + end + end +end # concat::fragment order diff --git a/modules/dependencies/concat/spec/acceptance/quoted_paths_spec.rb b/modules/dependencies/concat/spec/acceptance/quoted_paths_spec.rb new file mode 100644 index 000000000..1c0248516 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/quoted_paths_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper_acceptance' + +describe 'quoted paths' do + basedir = default.tmpdir('concat') + + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/concat test': + ensure => directory, + } + EOS + apply_manifest(pp) + end + + context 'path with blanks' do + pp = <<-EOS + concat { '#{basedir}/concat test/foo': + } + concat::fragment { '1': + target => '#{basedir}/concat test/foo', + content => 'string1', + } + concat::fragment { '2': + target => '#{basedir}/concat test/foo', + content => 'string2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/concat test/foo") do + it { should be_file } + it("should contain string1\nstring2", :unless => (fact('osfamily') == 'Solaris')) { + should contain "string1\nstring2" + } + end + end +end diff --git a/modules/dependencies/concat/spec/acceptance/replace_spec.rb b/modules/dependencies/concat/spec/acceptance/replace_spec.rb new file mode 100644 index 000000000..cc30d1250 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/replace_spec.rb @@ -0,0 +1,256 @@ +require 'spec_helper_acceptance' + +describe 'replacement of' do + basedir = default.tmpdir('concat') + context 'file' do + context 'should not succeed' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + content => "file exists\n" + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + replace => false, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain 'file exists' } + it { should_not contain '1' } + it { should_not contain '2' } + end + end + + context 'should succeed' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + content => "file exists\n" + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': + replace => true, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should_not contain 'file exists' } + it { should contain '1' } + it { should contain '2' } + end + end + end # file + + context 'symlink', :unless => (fact("osfamily") == "windows") do + context 'should not succeed' do + # XXX the core puppet file type will replace a symlink with a plain file + # when using ensure => present and source => ... but it will not when using + # ensure => present and content => ...; this is somewhat confusing behavior + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + ensure => link, + target => '#{basedir}/dangling', + } + EOS + apply_manifest(pp) + end + + pp = <<-EOS + concat { '#{basedir}/file': + replace => false, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + # XXX specinfra doesn't support be_linked_to on AIX + describe file("#{basedir}/file"), :unless => (fact("osfamily") == "AIX") do + it { should be_linked_to "#{basedir}/dangling" } + end + + describe file("#{basedir}/dangling") do + # XXX serverspec does not have a matcher for 'exists' + it { should_not be_file } + it { should_not be_directory } + end + end + + context 'should succeed' do + # XXX the core puppet file type will replace a symlink with a plain file + # when using ensure => present and source => ... but it will not when using + # ensure => present and content => ...; this is somewhat confusing behavior + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + ensure => link, + target => '#{basedir}/dangling', + } + EOS + apply_manifest(pp) + end + + pp = <<-EOS + concat { '#{basedir}/file': + replace => true, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '1' } + it { should contain '2' } + end + end + end # symlink + + context 'directory' do + context 'should not succeed' do + before(:all) do + pp = <<-EOS + file { '#{basedir}': + ensure => directory, + } + file { '#{basedir}/file': + ensure => directory, + } + EOS + apply_manifest(pp) + end + pp = <<-EOS + concat { '#{basedir}/file': } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with stderr for changing to file' do + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/change from directory to file failed/) + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/change from directory to file failed/) + end + + describe file("#{basedir}/file") do + it { should be_directory } + end + end + + # XXX concat's force param currently enables the creation of empty files + # when there are no fragments, and the replace param will only replace + # files and symlinks, not directories. The semantics either need to be + # changed, extended, or a new param introduced to control directory + # replacement. + context 'should succeed', :pending => 'not yet implemented' do + pp = <<-EOS + concat { '#{basedir}/file': + force => true, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '1' } + end + end + end # directory +end diff --git a/modules/dependencies/concat/spec/acceptance/symbolic_name_spec.rb b/modules/dependencies/concat/spec/acceptance/symbolic_name_spec.rb new file mode 100644 index 000000000..b0dceac8c --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/symbolic_name_spec.rb @@ -0,0 +1,33 @@ +require 'spec_helper_acceptance' + +describe 'symbolic name' do + basedir = default.tmpdir('concat') + pp = <<-EOS + concat { 'not_abs_path': + path => '#{basedir}/file', + } + + concat::fragment { '1': + target => 'not_abs_path', + content => '1', + order => '01', + } + + concat::fragment { '2': + target => 'not_abs_path', + content => '2', + order => '02', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '1' } + it { should contain '2' } + end +end diff --git a/modules/dependencies/concat/spec/acceptance/warn_spec.rb b/modules/dependencies/concat/spec/acceptance/warn_spec.rb new file mode 100644 index 000000000..2fa529da2 --- /dev/null +++ b/modules/dependencies/concat/spec/acceptance/warn_spec.rb @@ -0,0 +1,98 @@ +require 'spec_helper_acceptance' + +describe 'concat warn =>' do + basedir = default.tmpdir('concat') + context 'true should enable default warning message' do + pp = <<-EOS + concat { '#{basedir}/file': + warn => true, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + order => '01', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + order => '02', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '# This file is managed by Puppet. DO NOT EDIT.' } + it { should contain '1' } + it { should contain '2' } + end + end + context 'false should not enable default warning message' do + pp = <<-EOS + concat { '#{basedir}/file': + warn => false, + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + order => '01', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + order => '02', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should_not contain '# This file is managed by Puppet. DO NOT EDIT.' } + it { should contain '1' } + it { should contain '2' } + end + end + context '# foo should overide default warning message' do + pp = <<-EOS + concat { '#{basedir}/file': + warn => '# foo', + } + + concat::fragment { '1': + target => '#{basedir}/file', + content => '1', + order => '01', + } + + concat::fragment { '2': + target => '#{basedir}/file', + content => '2', + order => '02', + } + EOS + + it 'applies the manifest twice with no stderr' do + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe file("#{basedir}/file") do + it { should be_file } + it { should contain '# foo' } + it { should contain '1' } + it { should contain '2' } + end + end +end diff --git a/modules/dependencies/concat/spec/spec.opts b/modules/dependencies/concat/spec/spec.opts new file mode 100644 index 000000000..91cd6427e --- /dev/null +++ b/modules/dependencies/concat/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/modules/dependencies/concat/spec/spec_helper.rb b/modules/dependencies/concat/spec/spec_helper.rb new file mode 100644 index 000000000..2c6f56649 --- /dev/null +++ b/modules/dependencies/concat/spec/spec_helper.rb @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/modules/dependencies/concat/spec/spec_helper_acceptance.rb b/modules/dependencies/concat/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..b34a188d6 --- /dev/null +++ b/modules/dependencies/concat/spec/spec_helper_acceptance.rb @@ -0,0 +1,47 @@ +require 'beaker-rspec/spec_helper' +require 'beaker-rspec/helpers/serverspec' + +unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' + # This will install the latest available package on el and deb based + # systems fail on windows and osx, and install via gem on other *nixes + foss_opts = { :default_action => 'gem_install' } + + if default.is_pe?; then install_pe; else install_puppet( foss_opts ); end + + hosts.each do |host| + on hosts, "mkdir -p #{host['distmoduledir']}" + end +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + # Install module and dependencies + hosts.each do |host| + on host, "mkdir -p #{host['distmoduledir']}/concat" + result = on host, "echo #{host['distmoduledir']}/concat" + target = result.raw_output.chomp + + %w(files lib manifests metadata.json).each do |file| + scp_to host, "#{proj_root}/#{file}", target + end + #copy_module_to(host, :source => proj_root, :module_name => 'concat') + on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } + end + end + + c.before(:all) do + shell('mkdir -p /tmp/concat') + end + c.after(:all) do + shell('rm -rf /tmp/concat /var/lib/puppet/concat') + end + + c.treat_symbols_as_metadata_keys_with_true_values = true +end diff --git a/modules/dependencies/concat/spec/unit/classes/concat_setup_spec.rb b/modules/dependencies/concat/spec/unit/classes/concat_setup_spec.rb new file mode 100644 index 000000000..3096e7368 --- /dev/null +++ b/modules/dependencies/concat/spec/unit/classes/concat_setup_spec.rb @@ -0,0 +1,84 @@ +require 'spec_helper' + +describe 'concat::setup', :type => :class do + + shared_examples 'setup' do |concatdir| + concatdir = '/foo' if concatdir.nil? + + let(:facts) {{ :concat_basedir => concatdir }} + + it do + should contain_file("#{concatdir}/bin/concatfragments.sh").with({ + :mode => '0755', + :source => 'puppet:///modules/concat/concatfragments.sh', + :backup => false, + }) + end + + [concatdir, "#{concatdir}/bin"].each do |file| + it do + should contain_file(file).with({ + :ensure => 'directory', + :mode => '0755', + :backup => false, + }) + end + end + end + + context 'facts' do + context 'concat_basedir =>' do + context '/foo' do + it_behaves_like 'setup', '/foo' + end + end + end # facts + + context 'deprecated as a public class' do + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + + context "on osfamily Solaris" do + concatdir = '/foo' + let(:facts) do + { + :concat_basedir => concatdir, + :osfamily => 'Solaris', + :id => 'root', + } + end + + it do + should contain_file("#{concatdir}/bin/concatfragments.rb").with({ + :ensure => 'file', + :owner => 'root', + :mode => '0755', + :source => 'puppet:///modules/concat/concatfragments.rb', + :backup => false, + }) + end + end # on osfamily Solaris + + context "on osfamily windows" do + concatdir = '/foo' + let(:facts) do + { + :concat_basedir => concatdir, + :osfamily => 'windows', + :id => 'batman', + } + end + + it do + should contain_file("#{concatdir}/bin/concatfragments.rb").with({ + :ensure => 'file', + :owner => nil, + :mode => nil, + :source => 'puppet:///modules/concat/concatfragments.rb', + :backup => false, + }) + end + end # on osfamily windows +end diff --git a/modules/dependencies/concat/spec/unit/defines/concat_fragment_spec.rb b/modules/dependencies/concat/spec/unit/defines/concat_fragment_spec.rb new file mode 100644 index 000000000..3c61aabf7 --- /dev/null +++ b/modules/dependencies/concat/spec/unit/defines/concat_fragment_spec.rb @@ -0,0 +1,267 @@ +require 'spec_helper' + +describe 'concat::fragment', :type => :define do + + shared_examples 'fragment' do |title, params| + params = {} if params.nil? + + p = { + :content => nil, + :source => nil, + :order => 10, + :ensure => 'present', + }.merge(params) + + safe_name = title.gsub(/[\/\n]/, '_') + safe_target_name = p[:target].gsub(/[\/\n]/, '_') + concatdir = '/var/lib/puppet/concat' + fragdir = "#{concatdir}/#{safe_target_name}" + id = 'root' + if p[:ensure] == 'absent' + safe_ensure = p[:ensure] + else + safe_ensure = 'file' + end + + let(:title) { title } + let(:facts) {{ :concat_basedir => concatdir, :id => id }} + let(:params) { params } + let(:pre_condition) do + "concat{ '#{p[:target]}': }" + end + + it do + should contain_class('concat::setup') + should contain_concat(p[:target]) + should contain_file("#{fragdir}/fragments/#{p[:order]}_#{safe_name}").with({ + :ensure => safe_ensure, + :owner => id, + :mode => '0640', + :source => p[:source], + :content => p[:content], + :alias => "concat_fragment_#{title}", + :backup => false, + }) + end + end + + context 'title' do + ['0', '1', 'a', 'z'].each do |title| + it_behaves_like 'fragment', title, { + :target => '/etc/motd', + } + end + end # title + + context 'target =>' do + ['./etc/motd', 'etc/motd', 'motd_header'].each do |target| + context target do + it_behaves_like 'fragment', target, { + :target => '/etc/motd', + } + end + end + + context 'false' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) {{ :target => false }} + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # target => + + context 'ensure =>' do + ['present', 'absent'].each do |ens| + context ens do + it_behaves_like 'fragment', 'motd_header', { + :ensure => ens, + :target => '/etc/motd', + } + end + end + + context 'any value other than \'present\' or \'absent\'' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) {{ :ensure => 'invalid', :target => '/etc/motd' }} + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end # ensure => + + context 'content =>' do + ['', 'ashp is our hero'].each do |content| + context content do + it_behaves_like 'fragment', 'motd_header', { + :content => content, + :target => '/etc/motd', + } + end + end + + context 'false' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) {{ :content => false, :target => '/etc/motd' }} + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # content => + + context 'source =>' do + ['', '/foo/bar', ['/foo/bar', '/foo/baz']].each do |source| + context source do + it_behaves_like 'fragment', 'motd_header', { + :source => source, + :target => '/etc/motd', + } + end + end + + context 'false' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) {{ :source => false, :target => '/etc/motd' }} + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string or an Array/) + end + end + end # source => + + context 'order =>' do + ['', '42', 'a', 'z'].each do |order| + context '\'\'' do + it_behaves_like 'fragment', 'motd_header', { + :order => order, + :target => '/etc/motd', + } + end + end + + context 'false' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) {{ :order => false, :target => '/etc/motd' }} + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string or integer/) + end + end + end # order => + + context 'more than one content source' do + error_msg = 'You cannot specify more than one of $content, $source, $ensure => /target' + + context 'ensure => target and source' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) do + { + :target => '/etc/motd', + :ensure => '/foo', + :source => '/bar', + } + end + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) + end + end + + context 'ensure => target and content' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) do + { + :target => '/etc/motd', + :ensure => '/foo', + :content => 'bar', + } + end + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) + end + end + + context 'source and content' do + let(:title) { 'motd_header' } + let(:facts) {{ :concat_basedir => '/tmp' }} + let(:params) do + { + :target => '/etc/motd', + :source => '/foo', + :content => 'bar', + } + end + + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /#{Regexp.escape(error_msg)}/m) + end + end + + end # more than one content source + + describe 'deprecated parameter' do + context 'mode =>' do + context '1755' do + it_behaves_like 'fragment', 'motd_header', { + :mode => '1755', + :target => '/etc/motd', + } + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end # mode => + + context 'owner =>' do + context 'apenny' do + it_behaves_like 'fragment', 'motd_header', { + :owner => 'apenny', + :target => '/etc/motd', + } + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end # owner => + + context 'group =>' do + context 'apenny' do + it_behaves_like 'fragment', 'motd_header', { + :group => 'apenny', + :target => '/etc/motd', + } + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end # group => + + context 'backup =>' do + context 'foo' do + it_behaves_like 'fragment', 'motd_header', { + :backup => 'foo', + :target => '/etc/motd', + } + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end # backup => + end # deprecated params + +end diff --git a/modules/dependencies/concat/spec/unit/defines/concat_spec.rb b/modules/dependencies/concat/spec/unit/defines/concat_spec.rb new file mode 100644 index 000000000..e7be4d570 --- /dev/null +++ b/modules/dependencies/concat/spec/unit/defines/concat_spec.rb @@ -0,0 +1,389 @@ +require 'spec_helper' + +describe 'concat', :type => :define do + + shared_examples 'concat' do |title, params, id| + params = {} if params.nil? + id = 'root' if id.nil? + + # default param values + p = { + :ensure => 'present', + :path => title, + :owner => nil, + :group => nil, + :mode => '0644', + :warn => false, + :force => false, + :backup => 'puppet', + :replace => true, + :order => 'alpha', + :ensure_newline => false, + }.merge(params) + + safe_name = title.gsub('/', '_') + concatdir = '/var/lib/puppet/concat' + fragdir = "#{concatdir}/#{safe_name}" + concat_name = 'fragments.concat.out' + default_warn_message = '# This file is managed by Puppet. DO NOT EDIT.' + + file_defaults = { + :backup => false, + } + + let(:title) { title } + let(:params) { params } + let(:facts) {{ :concat_basedir => concatdir, :id => id }} + + if p[:ensure] == 'present' + it do + should contain_file(fragdir).with(file_defaults.merge({ + :ensure => 'directory', + :mode => '0750', + })) + end + + it do + should contain_file("#{fragdir}/fragments").with(file_defaults.merge({ + :ensure => 'directory', + :mode => '0750', + :force => true, + :ignore => ['.svn', '.git', '.gitignore'], + :purge => true, + :recurse => true, + })) + end + + [ + "#{fragdir}/fragments.concat", + "#{fragdir}/#{concat_name}", + ].each do |file| + it do + should contain_file(file).with(file_defaults.merge({ + :ensure => 'present', + :mode => '0640', + })) + end + end + + it do + should contain_file(title).with(file_defaults.merge({ + :ensure => 'present', + :owner => p[:owner], + :group => p[:group], + :mode => p[:mode], + :replace => p[:replace], + :path => p[:path], + :alias => "concat_#{title}", + :source => "#{fragdir}/#{concat_name}", + :backup => p[:backup], + })) + end + + cmd = "#{concatdir}/bin/concatfragments.sh " + + "-o \"#{concatdir}/#{safe_name}/fragments.concat.out\" " + + "-d \"#{concatdir}/#{safe_name}\"" + + # flag order: fragdir, warnflag, forceflag, orderflag, newlineflag + if p.has_key?(:warn) + case p[:warn] + when TrueClass + message = default_warn_message + when 'true', 'yes', 'on' + # should generate a stringified boolean warning + message = default_warn_message + when FalseClass + message = nil + when 'false', 'no', 'off' + # should generate a stringified boolean warning + message = nil + else + message = p[:warn] + end + + unless message.nil? + cmd += " -w \'#{message}\'" + end + end + + cmd += " -f" if p[:force] + cmd += " -n" if p[:order] == 'numeric' + cmd += " -l" if p[:ensure_newline] == true + + it do + should contain_exec("concat_#{title}").with({ + :alias => "concat_#{fragdir}", + :command => cmd, + :unless => "#{cmd} -t", + }) + end + else + [ + fragdir, + "#{fragdir}/fragments", + "#{fragdir}/fragments.concat", + "#{fragdir}/#{concat_name}", + ].each do |file| + it do + should contain_file(file).with(file_defaults.merge({ + :ensure => 'absent', + :backup => false, + :force => true, + })) + end + end + + it do + should contain_file(title).with(file_defaults.merge({ + :ensure => 'absent', + :backup => p[:backup], + })) + end + + it do + should contain_exec("concat_#{title}").with({ + :alias => "concat_#{fragdir}", + :command => 'true', + :unless => 'true', + :path => '/bin:/usr/bin', + }) + end + end + end + + context 'title' do + context 'without path param' do + # title/name is the default value for the path param. therefore, the + # title must be an absolute path unless path is specified + ['/foo', '/foo/bar', '/foo/bar/baz'].each do |title| + context title do + it_behaves_like 'concat', '/etc/foo.bar' + end + end + + ['./foo', 'foo', 'foo/bar'].each do |title| + context title do + let(:title) { title } + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not an absolute path/) + end + end + end + end + + context 'with path param' do + ['./foo', 'foo', 'foo/bar'].each do |title| + context title do + it_behaves_like 'concat', title, { :path => '/etc/foo.bar' } + end + end + end + end # title => + + context 'as non-root user' do + it_behaves_like 'concat', '/etc/foo.bar', {}, 'bob' + end + + context 'ensure =>' do + ['present', 'absent'].each do |ens| + context ens do + it_behaves_like 'concat', '/etc/foo.bar', { :ensure => ens } + end + end + + context 'invalid' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :ensure => 'invalid' }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^present$|^absent$"')}/) + end + end + end # ensure => + + context 'path =>' do + context '/foo' do + it_behaves_like 'concat', '/etc/foo.bar', { :path => '/foo' } + end + + ['./foo', 'foo', 'foo/bar', false].each do |path| + context path do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :path => path }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not an absolute path/) + end + end + end + end # path => + + context 'owner =>' do + context 'apenney' do + it_behaves_like 'concat', '/etc/foo.bar', { :owner => 'apenny' } + end + + context 'false' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :owner => false }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # owner => + + context 'group =>' do + context 'apenney' do + it_behaves_like 'concat', '/etc/foo.bar', { :group => 'apenny' } + end + + context 'false' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :group => false }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # group => + + context 'mode =>' do + context '1755' do + it_behaves_like 'concat', '/etc/foo.bar', { :mode => '1755' } + end + + context 'false' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :mode => false }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string/) + end + end + end # mode => + + context 'warn =>' do + [true, false, '# foo'].each do |warn| + context warn do + it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } + end + end + + context '(stringified boolean)' do + ['true', 'yes', 'on', 'false', 'no', 'off'].each do |warn| + context warn do + it_behaves_like 'concat', '/etc/foo.bar', { :warn => warn } + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end + end + + context '123' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :warn => 123 }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a string or boolean/) + end + end + end # warn => + + context 'force =>' do + [true, false].each do |force| + context force do + it_behaves_like 'concat', '/etc/foo.bar', { :force => force } + end + end + + context '123' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :force => 123 }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + end # force => + + context 'backup =>' do + context 'reverse' do + it_behaves_like 'concat', '/etc/foo.bar', { :backup => 'reverse' } + end + + context 'false' do + it_behaves_like 'concat', '/etc/foo.bar', { :backup => false } + end + + context 'true' do + it_behaves_like 'concat', '/etc/foo.bar', { :backup => true } + end + + context 'true' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :backup => [] }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /backup must be string or bool/) + end + end + end # backup => + + context 'replace =>' do + [true, false].each do |replace| + context replace do + it_behaves_like 'concat', '/etc/foo.bar', { :replace => replace } + end + end + + context '123' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :replace => 123 }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + end # replace => + + context 'order =>' do + ['alpha', 'numeric'].each do |order| + context order do + it_behaves_like 'concat', '/etc/foo.bar', { :order => order } + end + end + + context 'invalid' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :order => 'invalid' }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /#{Regexp.escape('does not match "^alpha$|^numeric$"')}/) + end + end + end # order => + + context 'ensure_newline =>' do + [true, false].each do |ensure_newline| + context 'true' do + it_behaves_like 'concat', '/etc/foo.bar', { :ensure_newline => ensure_newline} + end + end + + context '123' do + let(:title) { '/etc/foo.bar' } + let(:params) {{ :ensure_newline => 123 }} + it 'should fail' do + expect { should }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + end # ensure_newline => + + describe 'deprecated parameter' do + context 'gnu =>' do + context 'foo' do + it_behaves_like 'concat', '/etc/foo.bar', { :gnu => 'foo'} + + it 'should create a warning' do + pending('rspec-puppet support for testing warning()') + end + end + end + end + +end + +# vim:sw=2:ts=2:expandtab:textwidth=79 diff --git a/modules/dependencies/concat/spec/unit/facts/concat_basedir_spec.rb b/modules/dependencies/concat/spec/unit/facts/concat_basedir_spec.rb new file mode 100644 index 000000000..41bc90f15 --- /dev/null +++ b/modules/dependencies/concat/spec/unit/facts/concat_basedir_spec.rb @@ -0,0 +1,18 @@ +require 'spec_helper' + +describe 'concat_basedir', :type => :fact do + before(:each) { Facter.clear } + + context 'Puppet[:vardir] ==' do + it '/var/lib/puppet' do + Puppet.stubs(:[]).with(:vardir).returns('/var/lib/puppet') + Facter.fact(:concat_basedir).value.should == '/var/lib/puppet/concat' + end + + it '/home/apenny/.puppet/var' do + Puppet.stubs(:[]).with(:vardir).returns('/home/apenny/.puppet/var') + Facter.fact(:concat_basedir).value.should == '/home/apenny/.puppet/var/concat' + end + end + +end diff --git a/modules/dependencies/concat/tests/fragment.pp b/modules/dependencies/concat/tests/fragment.pp new file mode 100644 index 000000000..a2dfaca29 --- /dev/null +++ b/modules/dependencies/concat/tests/fragment.pp @@ -0,0 +1,19 @@ +concat { 'testconcat': + ensure => present, + path => '/tmp/concat', + owner => 'root', + group => 'root', + mode => '0664', +} + +concat::fragment { '1': + target => 'testconcat', + content => '1', + order => '01', +} + +concat::fragment { '2': + target => 'testconcat', + content => '2', + order => '02', +} diff --git a/modules/dependencies/concat/tests/init.pp b/modules/dependencies/concat/tests/init.pp new file mode 100644 index 000000000..fd2142718 --- /dev/null +++ b/modules/dependencies/concat/tests/init.pp @@ -0,0 +1,7 @@ +concat { '/tmp/concat': + ensure => present, + force => true, + owner => 'root', + group => 'root', + mode => '0644', +} From 6b1a7981223eaaabe9ca5e4357ec9192e63e93fb Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Sat, 26 Mar 2016 03:54:17 +0000 Subject: [PATCH 06/13] Relates to SG-11 : Pushes all new modules and dependencies --- modules/dependencies/stdlib/CHANGELOG.md | 630 +++++++ modules/dependencies/stdlib/CONTRIBUTING.md | 220 +++ modules/dependencies/stdlib/Gemfile | 61 + modules/dependencies/stdlib/LICENSE | 19 + modules/dependencies/stdlib/README.markdown | 1256 ++++++++++++++ .../stdlib/README_DEVELOPER.markdown | 35 + .../dependencies/stdlib/README_SPECS.markdown | 7 + .../stdlib/RELEASE_PROCESS.markdown | 24 + modules/dependencies/stdlib/Rakefile | 7 + modules/dependencies/stdlib/checksums.json | 397 +++++ .../dependencies/stdlib/examples/file_line.pp | 9 + .../stdlib/examples/has_interface_with.pp | 9 + .../stdlib/examples/has_ip_address.pp | 3 + .../stdlib/examples/has_ip_network.pp | 3 + modules/dependencies/stdlib/examples/init.pp | 1 + .../stdlib/lib/facter/facter_dot_d.rb | 202 +++ .../stdlib/lib/facter/package_provider.rb | 21 + .../stdlib/lib/facter/pe_version.rb | 58 + .../stdlib/lib/facter/puppet_vardir.rb | 26 + .../stdlib/lib/facter/root_home.rb | 45 + .../stdlib/lib/facter/service_provider.rb | 17 + .../stdlib/lib/facter/util/puppet_settings.rb | 21 + .../stdlib/lib/puppet/functions/is_a.rb | 32 + .../stdlib/lib/puppet/functions/type_of.rb | 17 + .../stdlib/lib/puppet/parser/functions/abs.rb | 36 + .../lib/puppet/parser/functions/any2array.rb | 33 + .../puppet/parser/functions/assert_private.rb | 29 + .../lib/puppet/parser/functions/base64.rb | 37 + .../lib/puppet/parser/functions/basename.rb | 34 + .../lib/puppet/parser/functions/bool2num.rb | 26 + .../lib/puppet/parser/functions/bool2str.rb | 45 + .../lib/puppet/parser/functions/camelcase.rb | 33 + .../lib/puppet/parser/functions/capitalize.rb | 33 + .../lib/puppet/parser/functions/ceiling.rb | 25 + .../lib/puppet/parser/functions/chomp.rb | 34 + .../lib/puppet/parser/functions/chop.rb | 36 + .../lib/puppet/parser/functions/concat.rb | 41 + .../puppet/parser/functions/convert_base.rb | 35 + .../lib/puppet/parser/functions/count.rb | 22 + .../lib/puppet/parser/functions/deep_merge.rb | 44 + .../parser/functions/defined_with_params.rb | 35 + .../lib/puppet/parser/functions/delete.rb | 49 + .../lib/puppet/parser/functions/delete_at.rb | 49 + .../parser/functions/delete_undef_values.rb | 34 + .../puppet/parser/functions/delete_values.rb | 26 + .../lib/puppet/parser/functions/difference.rb | 36 + .../lib/puppet/parser/functions/dirname.rb | 21 + .../lib/puppet/parser/functions/dos2unix.rb | 15 + .../lib/puppet/parser/functions/downcase.rb | 32 + .../lib/puppet/parser/functions/empty.rb | 31 + .../parser/functions/ensure_packages.rb | 35 + .../parser/functions/ensure_resource.rb | 46 + .../lib/puppet/parser/functions/flatten.rb | 33 + .../lib/puppet/parser/functions/floor.rb | 25 + .../parser/functions/fqdn_rand_string.rb | 34 + .../puppet/parser/functions/fqdn_rotate.rb | 63 + .../parser/functions/get_module_path.rb | 17 + .../lib/puppet/parser/functions/getparam.rb | 35 + .../lib/puppet/parser/functions/getvar.rb | 31 + .../lib/puppet/parser/functions/grep.rb | 33 + .../parser/functions/has_interface_with.rb | 71 + .../puppet/parser/functions/has_ip_address.rb | 25 + .../puppet/parser/functions/has_ip_network.rb | 25 + .../lib/puppet/parser/functions/has_key.rb | 28 + .../lib/puppet/parser/functions/hash.rb | 41 + .../puppet/parser/functions/intersection.rb | 34 + .../parser/functions/is_absolute_path.rb | 50 + .../lib/puppet/parser/functions/is_array.rb | 22 + .../lib/puppet/parser/functions/is_bool.rb | 22 + .../puppet/parser/functions/is_domain_name.rb | 54 + .../lib/puppet/parser/functions/is_float.rb | 30 + .../parser/functions/is_function_available.rb | 26 + .../lib/puppet/parser/functions/is_hash.rb | 22 + .../lib/puppet/parser/functions/is_integer.rb | 45 + .../puppet/parser/functions/is_ip_address.rb | 32 + .../puppet/parser/functions/is_mac_address.rb | 27 + .../lib/puppet/parser/functions/is_numeric.rb | 75 + .../lib/puppet/parser/functions/is_string.rb | 26 + .../lib/puppet/parser/functions/join.rb | 41 + .../parser/functions/join_keys_to_values.rb | 47 + .../lib/puppet/parser/functions/keys.rb | 26 + .../parser/functions/load_module_metadata.rb | 24 + .../lib/puppet/parser/functions/loadyaml.rb | 25 + .../lib/puppet/parser/functions/lstrip.rb | 32 + .../stdlib/lib/puppet/parser/functions/max.rb | 21 + .../lib/puppet/parser/functions/member.rb | 62 + .../lib/puppet/parser/functions/merge.rb | 34 + .../stdlib/lib/puppet/parser/functions/min.rb | 21 + .../lib/puppet/parser/functions/num2bool.rb | 43 + .../lib/puppet/parser/functions/parsejson.rb | 29 + .../lib/puppet/parser/functions/parseyaml.rb | 30 + .../lib/puppet/parser/functions/pick.rb | 29 + .../puppet/parser/functions/pick_default.rb | 35 + .../lib/puppet/parser/functions/prefix.rb | 52 + .../lib/puppet/parser/functions/private.rb | 17 + .../lib/puppet/parser/functions/pw_hash.rb | 56 + .../lib/puppet/parser/functions/range.rb | 87 + .../lib/puppet/parser/functions/reject.rb | 31 + .../lib/puppet/parser/functions/reverse.rb | 27 + .../lib/puppet/parser/functions/rstrip.rb | 31 + .../puppet/parser/functions/seeded_rand.rb | 22 + .../lib/puppet/parser/functions/shuffle.rb | 45 + .../lib/puppet/parser/functions/size.rb | 46 + .../lib/puppet/parser/functions/sort.rb | 27 + .../lib/puppet/parser/functions/squeeze.rb | 36 + .../lib/puppet/parser/functions/str2bool.rb | 46 + .../parser/functions/str2saltedsha512.rb | 32 + .../lib/puppet/parser/functions/strftime.rb | 107 ++ .../lib/puppet/parser/functions/strip.rb | 38 + .../lib/puppet/parser/functions/suffix.rb | 45 + .../lib/puppet/parser/functions/swapcase.rb | 38 + .../lib/puppet/parser/functions/time.rb | 50 + .../lib/puppet/parser/functions/to_bytes.rb | 31 + .../puppet/parser/functions/try_get_value.rb | 77 + .../lib/puppet/parser/functions/type.rb | 19 + .../lib/puppet/parser/functions/type3x.rb | 51 + .../lib/puppet/parser/functions/union.rb | 29 + .../lib/puppet/parser/functions/unique.rb | 50 + .../lib/puppet/parser/functions/unix2dos.rb | 15 + .../lib/puppet/parser/functions/upcase.rb | 45 + .../lib/puppet/parser/functions/uriescape.rb | 34 + .../functions/validate_absolute_path.rb | 51 + .../puppet/parser/functions/validate_array.rb | 33 + .../parser/functions/validate_augeas.rb | 83 + .../puppet/parser/functions/validate_bool.rb | 34 + .../puppet/parser/functions/validate_cmd.rb | 63 + .../puppet/parser/functions/validate_hash.rb | 33 + .../parser/functions/validate_integer.rb | 132 ++ .../parser/functions/validate_ip_address.rb | 50 + .../parser/functions/validate_ipv4_address.rb | 48 + .../parser/functions/validate_ipv6_address.rb | 49 + .../parser/functions/validate_numeric.rb | 94 + .../puppet/parser/functions/validate_re.rb | 47 + .../parser/functions/validate_slength.rb | 69 + .../parser/functions/validate_string.rb | 38 + .../lib/puppet/parser/functions/values.rb | 39 + .../lib/puppet/parser/functions/values_at.rb | 99 ++ .../stdlib/lib/puppet/parser/functions/zip.rb | 39 + .../lib/puppet/provider/file_line/ruby.rb | 128 ++ .../stdlib/lib/puppet/type/anchor.rb | 46 + .../stdlib/lib/puppet/type/file_line.rb | 118 ++ modules/dependencies/stdlib/manifests/init.pp | 18 + .../dependencies/stdlib/manifests/stages.pp | 43 + modules/dependencies/stdlib/metadata.json | 115 ++ .../stdlib/spec/acceptance/abs_spec.rb | 30 + .../stdlib/spec/acceptance/anchor_spec.rb | 26 + .../stdlib/spec/acceptance/any2array_spec.rb | 49 + .../stdlib/spec/acceptance/base64_spec.rb | 18 + .../stdlib/spec/acceptance/bool2num_spec.rb | 34 + .../stdlib/spec/acceptance/build_csv.rb | 83 + .../stdlib/spec/acceptance/capitalize_spec.rb | 33 + .../stdlib/spec/acceptance/ceiling_spec.rb | 39 + .../stdlib/spec/acceptance/chomp_spec.rb | 21 + .../stdlib/spec/acceptance/chop_spec.rb | 45 + .../stdlib/spec/acceptance/concat_spec.rb | 40 + .../stdlib/spec/acceptance/count_spec.rb | 30 + .../stdlib/spec/acceptance/deep_merge_spec.rb | 20 + .../acceptance/defined_with_params_spec.rb | 22 + .../stdlib/spec/acceptance/delete_at_spec.rb | 19 + .../stdlib/spec/acceptance/delete_spec.rb | 19 + .../acceptance/delete_undef_values_spec.rb | 19 + .../spec/acceptance/delete_values_spec.rb | 25 + .../stdlib/spec/acceptance/difference_spec.rb | 26 + .../stdlib/spec/acceptance/dirname_spec.rb | 42 + .../stdlib/spec/acceptance/downcase_spec.rb | 39 + .../stdlib/spec/acceptance/empty_spec.rb | 53 + .../spec/acceptance/ensure_resource_spec.rb | 30 + .../stdlib/spec/acceptance/flatten_spec.rb | 39 + .../stdlib/spec/acceptance/floor_spec.rb | 39 + .../spec/acceptance/fqdn_rand_string_spec.rb | 66 + .../spec/acceptance/fqdn_rotate_spec.rb | 64 + .../spec/acceptance/get_module_path_spec.rb | 27 + .../stdlib/spec/acceptance/getparam_spec.rb | 24 + .../stdlib/spec/acceptance/getvar_spec.rb | 26 + .../stdlib/spec/acceptance/grep_spec.rb | 26 + .../acceptance/has_interface_with_spec.rb | 54 + .../spec/acceptance/has_ip_address_spec.rb | 33 + .../spec/acceptance/has_ip_network_spec.rb | 33 + .../stdlib/spec/acceptance/has_key_spec.rb | 41 + .../stdlib/spec/acceptance/hash_spec.rb | 26 + .../spec/acceptance/intersection_spec.rb | 27 + .../stdlib/spec/acceptance/is_a_spec.rb | 30 + .../stdlib/spec/acceptance/is_array_spec.rb | 67 + .../stdlib/spec/acceptance/is_bool_spec.rb | 81 + .../spec/acceptance/is_domain_name_spec.rb | 83 + .../stdlib/spec/acceptance/is_float_spec.rb | 86 + .../acceptance/is_function_available_spec.rb | 58 + .../stdlib/spec/acceptance/is_hash_spec.rb | 63 + .../stdlib/spec/acceptance/is_integer_spec.rb | 95 + .../spec/acceptance/is_ip_address_spec.rb | 80 + .../spec/acceptance/is_mac_address_spec.rb | 38 + .../stdlib/spec/acceptance/is_numeric_spec.rb | 95 + .../stdlib/spec/acceptance/is_string_spec.rb | 102 ++ .../acceptance/join_keys_to_values_spec.rb | 24 + .../stdlib/spec/acceptance/join_spec.rb | 26 + .../stdlib/spec/acceptance/keys_spec.rb | 23 + .../stdlib/spec/acceptance/loadyaml_spec.rb | 33 + .../stdlib/spec/acceptance/lstrip_spec.rb | 34 + .../stdlib/spec/acceptance/max_spec.rb | 20 + .../stdlib/spec/acceptance/member_spec.rb | 54 + .../stdlib/spec/acceptance/merge_spec.rb | 23 + .../stdlib/spec/acceptance/min_spec.rb | 20 + .../acceptance/nodesets/centos-59-x64.yml | 10 + .../acceptance/nodesets/centos-6-vcloud.yml | 15 + .../acceptance/nodesets/centos-64-x64-pe.yml | 12 + .../acceptance/nodesets/centos-64-x64.yml | 10 + .../acceptance/nodesets/centos-65-x64.yml | 10 + .../spec/acceptance/nodesets/default.yml | 10 + .../acceptance/nodesets/fedora-18-x64.yml | 10 + .../spec/acceptance/nodesets/sles-11-x64.yml | 10 + .../nodesets/ubuntu-server-10044-x64.yml | 10 + .../nodesets/ubuntu-server-12042-x64.yml | 10 + .../nodesets/ubuntu-server-1404-x64.yml | 11 + .../acceptance/nodesets/windows-2003-i386.yml | 26 + .../nodesets/windows-2003-x86_64.yml | 26 + .../nodesets/windows-2008-x86_64.yml | 26 + .../nodesets/windows-2008r2-x86_64.yml | 26 + .../nodesets/windows-2012-x86_64.yml | 26 + .../nodesets/windows-2012r2-x86_64.yml | 26 + .../stdlib/spec/acceptance/num2bool_spec.rb | 76 + .../stdlib/spec/acceptance/parsejson_spec.rb | 55 + .../stdlib/spec/acceptance/parseyaml_spec.rb | 58 + .../spec/acceptance/pick_default_spec.rb | 54 + .../stdlib/spec/acceptance/pick_spec.rb | 44 + .../stdlib/spec/acceptance/prefix_spec.rb | 42 + .../stdlib/spec/acceptance/pw_hash_spec.rb | 34 + .../stdlib/spec/acceptance/range_spec.rb | 36 + .../stdlib/spec/acceptance/reject_spec.rb | 42 + .../stdlib/spec/acceptance/reverse_spec.rb | 23 + .../stdlib/spec/acceptance/rstrip_spec.rb | 34 + .../stdlib/spec/acceptance/shuffle_spec.rb | 34 + .../stdlib/spec/acceptance/size_spec.rb | 55 + .../stdlib/spec/acceptance/sort_spec.rb | 34 + .../stdlib/spec/acceptance/squeeze_spec.rb | 47 + .../stdlib/spec/acceptance/str2bool_spec.rb | 31 + .../spec/acceptance/str2saltedsha512_spec.rb | 22 + .../stdlib/spec/acceptance/strftime_spec.rb | 22 + .../stdlib/spec/acceptance/strip_spec.rb | 34 + .../stdlib/spec/acceptance/suffix_spec.rb | 42 + .../stdlib/spec/acceptance/swapcase_spec.rb | 22 + .../stdlib/spec/acceptance/time_spec.rb | 36 + .../stdlib/spec/acceptance/to_bytes_spec.rb | 27 + .../spec/acceptance/try_get_value_spec.rb | 47 + .../stdlib/spec/acceptance/type_spec.rb | 37 + .../stdlib/spec/acceptance/union_spec.rb | 25 + .../stdlib/spec/acceptance/unique_spec.rb | 33 + .../spec/acceptance/unsupported_spec.rb | 11 + .../stdlib/spec/acceptance/upcase_spec.rb | 33 + .../stdlib/spec/acceptance/uriescape_spec.rb | 23 + .../acceptance/validate_absolute_path_spec.rb | 31 + .../spec/acceptance/validate_array_spec.rb | 37 + .../spec/acceptance/validate_augeas_spec.rb | 63 + .../spec/acceptance/validate_bool_spec.rb | 37 + .../spec/acceptance/validate_cmd_spec.rb | 52 + .../spec/acceptance/validate_hash_spec.rb | 37 + .../acceptance/validate_ipv4_address_spec.rb | 31 + .../acceptance/validate_ipv6_address_spec.rb | 31 + .../spec/acceptance/validate_re_spec.rb | 47 + .../spec/acceptance/validate_slength_spec.rb | 72 + .../spec/acceptance/validate_string_spec.rb | 36 + .../stdlib/spec/acceptance/values_at_spec.rb | 73 + .../stdlib/spec/acceptance/values_spec.rb | 35 + .../stdlib/spec/acceptance/zip_spec.rb | 86 + .../stdlib/spec/fixtures/dscacheutil/root | 8 + .../stdlib/spec/fixtures/lsuser/root | 2 + .../stdlib/spec/functions/abs_spec.rb | 30 + .../stdlib/spec/functions/any2array_spec.rb | 15 + .../spec/functions/assert_private_spec.rb | 47 + .../stdlib/spec/functions/base64_spec.rb | 16 + .../stdlib/spec/functions/basename_spec.rb | 13 + .../stdlib/spec/functions/bool2num_spec.rb | 14 + .../stdlib/spec/functions/bool2str_spec.rb | 17 + .../stdlib/spec/functions/camelcase_spec.rb | 17 + .../stdlib/spec/functions/capitalize_spec.rb | 15 + .../stdlib/spec/functions/ceiling_spec.rb | 13 + .../stdlib/spec/functions/chomp_spec.rb | 20 + .../stdlib/spec/functions/chop_spec.rb | 20 + .../stdlib/spec/functions/concat_spec.rb | 24 + .../spec/functions/convert_base_spec.rb | 24 + .../stdlib/spec/functions/count_spec.rb | 18 + .../stdlib/spec/functions/deep_merge_spec.rb | 55 + .../functions/defined_with_params_spec.rb | 26 + .../stdlib/spec/functions/delete_at_spec.rb | 28 + .../stdlib/spec/functions/delete_spec.rb | 67 + .../functions/delete_undef_values_spec.rb | 56 + .../spec/functions/delete_values_spec.rb | 37 + .../stdlib/spec/functions/difference_spec.rb | 21 + .../stdlib/spec/functions/dirname_spec.rb | 13 + .../stdlib/spec/functions/dos2unix_spec.rb | 40 + .../stdlib/spec/functions/downcase_spec.rb | 15 + .../stdlib/spec/functions/empty_spec.rb | 22 + .../spec/functions/ensure_packages_spec.rb | 36 + .../spec/functions/ensure_resource_spec.rb | 55 + .../stdlib/spec/functions/flatten_spec.rb | 14 + .../stdlib/spec/functions/floor_spec.rb | 12 + .../spec/functions/fqdn_rand_string_spec.rb | 65 + .../stdlib/spec/functions/fqdn_rotate_spec.rb | 75 + .../spec/functions/get_module_path_spec.rb | 52 + .../stdlib/spec/functions/getparam_spec.rb | 30 + .../stdlib/spec/functions/getvar_spec.rb | 21 + .../stdlib/spec/functions/grep_spec.rb | 19 + .../spec/functions/has_interface_with_spec.rb | 38 + .../spec/functions/has_ip_address_spec.rb | 22 + .../spec/functions/has_ip_network_spec.rb | 22 + .../stdlib/spec/functions/has_key_spec.rb | 15 + .../stdlib/spec/functions/hash_spec.rb | 14 + .../spec/functions/intersection_spec.rb | 21 + .../stdlib/spec/functions/is_a_spec.rb | 25 + .../stdlib/spec/functions/is_array_spec.rb | 19 + .../stdlib/spec/functions/is_bool_spec.rb | 15 + .../spec/functions/is_domain_name_spec.rb | 43 + .../stdlib/spec/functions/is_float_spec.rb | 22 + .../spec/functions/is_function_available.rb | 9 + .../stdlib/spec/functions/is_hash_spec.rb | 11 + .../stdlib/spec/functions/is_integer_spec.rb | 25 + .../spec/functions/is_ip_address_spec.rb | 23 + .../spec/functions/is_mac_address_spec.rb | 24 + .../stdlib/spec/functions/is_numeric_spec.rb | 28 + .../stdlib/spec/functions/is_string_spec.rb | 28 + .../functions/join_keys_to_values_spec.rb | 19 + .../stdlib/spec/functions/join_spec.rb | 19 + .../stdlib/spec/functions/keys_spec.rb | 19 + .../functions/load_module_metadata_spec.rb | 29 + .../stdlib/spec/functions/loadyaml_spec.rb | 24 + .../stdlib/spec/functions/lstrip_spec.rb | 34 + .../stdlib/spec/functions/max_spec.rb | 21 + .../stdlib/spec/functions/member_spec.rb | 21 + .../stdlib/spec/functions/merge_spec.rb | 25 + .../stdlib/spec/functions/min_spec.rb | 21 + .../stdlib/spec/functions/num2bool_spec.rb | 22 + .../stdlib/spec/functions/parsejson_spec.rb | 64 + .../stdlib/spec/functions/parseyaml_spec.rb | 81 + .../spec/functions/pick_default_spec.rb | 24 + .../stdlib/spec/functions/pick_spec.rb | 12 + .../stdlib/spec/functions/prefix_spec.rb | 28 + .../stdlib/spec/functions/private_spec.rb | 56 + .../stdlib/spec/functions/pw_hash_spec.rb | 69 + .../stdlib/spec/functions/range_spec.rb | 118 ++ .../stdlib/spec/functions/reject_spec.rb | 19 + .../stdlib/spec/functions/reverse_spec.rb | 31 + .../stdlib/spec/functions/rstrip_spec.rb | 34 + .../stdlib/spec/functions/seeded_rand_spec.rb | 53 + .../stdlib/spec/functions/shuffle_spec.rb | 33 + .../stdlib/spec/functions/size_spec.rb | 35 + .../stdlib/spec/functions/sort_spec.rb | 24 + .../stdlib/spec/functions/squeeze_spec.rb | 44 + .../stdlib/spec/functions/str2bool_spec.rb | 23 + .../spec/functions/str2saltedsha512_spec.rb | 17 + .../stdlib/spec/functions/strftime_spec.rb | 26 + .../stdlib/spec/functions/strip_spec.rb | 34 + .../stdlib/spec/functions/suffix_spec.rb | 44 + .../stdlib/spec/functions/swapcase_spec.rb | 40 + .../stdlib/spec/functions/time_spec.rb | 21 + .../stdlib/spec/functions/to_bytes_spec.rb | 72 + .../spec/functions/try_get_value_spec.rb | 100 ++ .../stdlib/spec/functions/type3x_spec.rb | 41 + .../stdlib/spec/functions/type_of_spec.rb | 25 + .../stdlib/spec/functions/type_spec.rb | 42 + .../stdlib/spec/functions/union_spec.rb | 24 + .../stdlib/spec/functions/unique_spec.rb | 27 + .../stdlib/spec/functions/unix2dos_spec.rb | 40 + .../stdlib/spec/functions/upcase_spec.rb | 26 + .../stdlib/spec/functions/uriescape_spec.rb | 36 + .../functions/validate_absolute_path_spec.rb | 62 + .../spec/functions/validate_array_spec.rb | 27 + .../spec/functions/validate_augeas_spec.rb | 75 + .../spec/functions/validate_bool_spec.rb | 25 + .../spec/functions/validate_cmd_spec.rb | 35 + .../spec/functions/validate_hash_spec.rb | 26 + .../spec/functions/validate_integer_spec.rb | 90 + .../functions/validate_ip_address_spec.rb | 46 + .../functions/validate_ipv4_address_spec.rb | 40 + .../functions/validate_ipv6_address_spec.rb | 32 + .../spec/functions/validate_numeric_spec.rb | 89 + .../stdlib/spec/functions/validate_re_spec.rb | 61 + .../spec/functions/validate_slength_spec.rb | 61 + .../spec/functions/validate_string_spec.rb | 21 + .../stdlib/spec/functions/values_at_spec.rb | 49 + .../stdlib/spec/functions/values_spec.rb | 19 + .../stdlib/spec/functions/zip_spec.rb | 15 + .../monkey_patches/alias_should_to_must.rb | 9 + .../spec/monkey_patches/publicize_methods.rb | 11 + .../spec/puppetlabs_spec_helper_clone.rb | 34 + modules/dependencies/stdlib/spec/spec.opts | 6 + .../dependencies/stdlib/spec/spec_helper.rb | 49 + .../stdlib/spec/spec_helper_acceptance.rb | 70 + .../spec/unit/facter/facter_dot_d_spec.rb | 32 + .../spec/unit/facter/package_provider_spec.rb | 44 + .../spec/unit/facter/pe_version_spec.rb | 88 + .../stdlib/spec/unit/facter/root_home_spec.rb | 65 + .../spec/unit/facter/service_provider_spec.rb | 37 + .../unit/facter/util/puppet_settings_spec.rb | 37 + .../parser/functions/is_absolute_path_spec.rb | 86 + .../puppet/provider/file_line/ruby_spec.rb | 440 +++++ .../spec/unit/puppet/type/anchor_spec.rb | 11 + .../spec/unit/puppet/type/file_line_spec.rb | 73 + .../http/apache/module/apache/CHANGELOG.md | 645 +++++++ .../http/apache/module/apache/CONTRIBUTING.md | 220 +++ .../apache/module/apache/examples/apache.pp | 7 + .../http/apache/module/apache/examples/dev.pp | 1 + .../apache/module/apache/examples/init.pp | 1 + .../module/apache/examples/mod_load_params.pp | 11 + .../apache/module/apache/examples/mods.pp | 9 + .../module/apache/examples/mods_custom.pp | 16 + .../http/apache/module/apache/examples/php.pp | 4 + .../apache/module/apache/examples/vhost.pp | 261 +++ .../apache/examples/vhost_directories.pp | 44 + .../module/apache/examples/vhost_filter.pp | 17 + .../module/apache/examples/vhost_ip_based.pp | 25 + .../module/apache/examples/vhost_proxypass.pp | 66 + .../module/apache/examples/vhost_ssl.pp | 23 + .../apache/examples/vhosts_without_listen.pp | 53 + .../http/apache/module/apache/files/httpd | 24 + .../lib/puppet/parser/functions/bool2httpd.rb | 30 + .../puppet/parser/functions/enclose_ipv6.rb | 45 + .../functions/validate_apache_log_level.rb | 27 + .../apache/lib/puppet/provider/a2mod.rb | 34 + .../apache/lib/puppet/provider/a2mod/a2mod.rb | 35 + .../lib/puppet/provider/a2mod/gentoo.rb | 116 ++ .../lib/puppet/provider/a2mod/modfix.rb | 12 + .../lib/puppet/provider/a2mod/redhat.rb | 60 + .../module/apache/lib/puppet/type/a2mod.rb | 30 + .../module/apache/manifests/balancer.pp | 82 + .../module/apache/manifests/balancermember.pp | 53 + .../module/apache/manifests/confd/no_accf.pp | 10 + .../module/apache/manifests/custom_config.pp | 73 + .../apache/manifests/default_confd_files.pp | 15 + .../module/apache/manifests/default_mods.pp | 179 ++ .../apache/manifests/default_mods/load.pp | 8 + .../apache/module/apache/manifests/dev.pp | 10 + .../module/apache/manifests/fastcgi/server.pp | 24 + .../apache/module/apache/manifests/mod.pp | 167 ++ .../module/apache/manifests/mod/actions.pp | 3 + .../module/apache/manifests/mod/alias.pp | 20 + .../module/apache/manifests/mod/auth_basic.pp | 3 + .../module/apache/manifests/mod/auth_cas.pp | 48 + .../module/apache/manifests/mod/auth_kerb.pp | 5 + .../apache/manifests/mod/auth_mellon.pp | 24 + .../module/apache/manifests/mod/authn_core.pp | 7 + .../module/apache/manifests/mod/authn_file.pp | 3 + .../apache/manifests/mod/authnz_ldap.pp | 19 + .../apache/manifests/mod/authz_default.pp | 9 + .../module/apache/manifests/mod/authz_user.pp | 3 + .../module/apache/manifests/mod/autoindex.pp | 12 + .../module/apache/manifests/mod/cache.pp | 3 + .../apache/module/apache/manifests/mod/cgi.pp | 10 + .../module/apache/manifests/mod/cgid.pp | 32 + .../apache/module/apache/manifests/mod/dav.pp | 3 + .../module/apache/manifests/mod/dav_fs.pp | 20 + .../module/apache/manifests/mod/dav_svn.pp | 20 + .../module/apache/manifests/mod/deflate.pp | 25 + .../apache/module/apache/manifests/mod/dev.pp | 5 + .../apache/module/apache/manifests/mod/dir.pp | 21 + .../module/apache/manifests/mod/disk_cache.pp | 40 + .../module/apache/manifests/mod/event.pp | 71 + .../module/apache/manifests/mod/expires.pp | 20 + .../module/apache/manifests/mod/ext_filter.pp | 24 + .../module/apache/manifests/mod/fastcgi.pp | 24 + .../module/apache/manifests/mod/fcgid.pp | 19 + .../module/apache/manifests/mod/filter.pp | 3 + .../module/apache/manifests/mod/geoip.pp | 31 + .../module/apache/manifests/mod/headers.pp | 3 + .../module/apache/manifests/mod/include.pp | 3 + .../module/apache/manifests/mod/info.pp | 18 + .../apache/module/apache/manifests/mod/itk.pp | 91 + .../module/apache/manifests/mod/ldap.pp | 19 + .../module/apache/manifests/mod/mime.pp | 22 + .../module/apache/manifests/mod/mime_magic.pp | 14 + .../apache/manifests/mod/negotiation.pp | 25 + .../apache/module/apache/manifests/mod/nss.pp | 26 + .../module/apache/manifests/mod/pagespeed.pp | 55 + .../module/apache/manifests/mod/passenger.pp | 90 + .../module/apache/manifests/mod/perl.pp | 3 + .../module/apache/manifests/mod/peruser.pp | 76 + .../apache/module/apache/manifests/mod/php.pp | 62 + .../module/apache/manifests/mod/prefork.pp | 77 + .../module/apache/manifests/mod/proxy.pp | 16 + .../module/apache/manifests/mod/proxy_ajp.pp | 4 + .../apache/manifests/mod/proxy_balancer.pp | 10 + .../apache/manifests/mod/proxy_connect.pp | 8 + .../module/apache/manifests/mod/proxy_html.pp | 37 + .../module/apache/manifests/mod/proxy_http.pp | 4 + .../module/apache/manifests/mod/python.pp | 5 + .../module/apache/manifests/mod/remoteip.pp | 27 + .../module/apache/manifests/mod/reqtimeout.pp | 14 + .../module/apache/manifests/mod/rewrite.pp | 4 + .../module/apache/manifests/mod/rpaf.pp | 20 + .../module/apache/manifests/mod/security.pp | 76 + .../module/apache/manifests/mod/setenvif.pp | 12 + .../module/apache/manifests/mod/shib.pp | 15 + .../module/apache/manifests/mod/speling.pp | 3 + .../apache/module/apache/manifests/mod/ssl.pp | 81 + .../module/apache/manifests/mod/status.pp | 46 + .../module/apache/manifests/mod/suexec.pp | 3 + .../module/apache/manifests/mod/suphp.pp | 14 + .../module/apache/manifests/mod/userdir.pp | 19 + .../module/apache/manifests/mod/version.pp | 10 + .../apache/manifests/mod/vhost_alias.pp | 3 + .../module/apache/manifests/mod/worker.pp | 135 ++ .../module/apache/manifests/mod/wsgi.pp | 41 + .../module/apache/manifests/mod/xsendfile.pp | 4 + .../apache/module/apache/manifests/mpm.pp | 127 ++ .../apache/manifests/namevirtualhost.pp | 10 + .../apache/module/apache/manifests/package.pp | 65 + .../apache/manifests/peruser/multiplexer.pp | 17 + .../apache/manifests/peruser/processor.pp | 17 + .../apache/module/apache/manifests/php.pp | 18 + .../apache/module/apache/manifests/proxy.pp | 15 + .../apache/module/apache/manifests/python.pp | 18 + .../apache/manifests/security/rule_link.pp | 13 + .../apache/module/apache/manifests/service.pp | 49 + .../apache/module/apache/manifests/version.pp | 45 + .../module/apache/manifests/vhost/custom.pp | 37 + .../spec/acceptance/apache_parameters_spec.rb | 501 ++++++ .../apache/spec/acceptance/apache_ssl_spec.rb | 93 + .../apache/spec/acceptance/class_spec.rb | 79 + .../spec/acceptance/custom_config_spec.rb | 94 + .../spec/acceptance/default_mods_spec.rb | 102 ++ .../module/apache/spec/acceptance/itk_spec.rb | 60 + .../spec/acceptance/mod_dav_svn_spec.rb | 65 + .../spec/acceptance/mod_deflate_spec.rb | 33 + .../apache/spec/acceptance/mod_fcgid_spec.rb | 57 + .../apache/spec/acceptance/mod_mime_spec.rb | 30 + .../spec/acceptance/mod_negotiation_spec.rb | 78 + .../spec/acceptance/mod_pagespeed_spec.rb | 74 + .../spec/acceptance/mod_passenger_spec.rb | 201 +++ .../apache/spec/acceptance/mod_php_spec.rb | 133 ++ .../spec/acceptance/mod_proxy_html_spec.rb | 35 + .../spec/acceptance/mod_security_spec.rb | 253 +++ .../apache/spec/acceptance/mod_suphp_spec.rb | 57 + .../acceptance/nodesets/centos-70-x64.yml | 11 + .../acceptance/nodesets/debian-607-x64.yml | 11 + .../acceptance/nodesets/debian-70rc1-x64.yml | 11 + .../acceptance/nodesets/debian-73-i386.yml | 11 + .../acceptance/nodesets/debian-73-x64.yml | 11 + .../acceptance/nodesets/debian-82-x64.yml | 10 + .../spec/acceptance/nodesets/default.yml | 10 + .../acceptance/nodesets/fedora-18-x64.yml | 11 + .../nodesets/ubuntu-server-10044-x64.yml | 10 + .../nodesets/ubuntu-server-12042-x64.yml | 10 + .../nodesets/ubuntu-server-1310-x64.yml | 11 + .../nodesets/ubuntu-server-1404-x64.yml | 11 + .../spec/acceptance/prefork_worker_spec.rb | 80 + .../apache/spec/acceptance/service_spec.rb | 18 + .../module/apache/spec/acceptance/version.rb | 76 + .../apache/spec/acceptance/vhost_spec.rb | 1530 +++++++++++++++++ .../module/apache/spec/classes/dev_spec.rb | 89 + .../apache/spec/classes/mod/alias_spec.rb | 96 ++ .../apache/spec/classes/mod/auth_cas_spec.rb | 54 + .../apache/spec/classes/mod/auth_kerb_spec.rb | 76 + .../spec/classes/mod/auth_mellon_spec.rb | 89 + .../spec/classes/mod/authnz_ldap_spec.rb | 78 + .../apache/spec/classes/mod/dav_svn_spec.rb | 79 + .../apache/spec/classes/mod/deflate_spec.rb | 126 ++ .../apache/spec/classes/mod/dev_spec.rb | 29 + .../apache/spec/classes/mod/dir_spec.rb | 138 ++ .../apache/spec/classes/mod/disk_cache.rb | 111 ++ .../apache/spec/classes/mod/event_spec.rb | 154 ++ .../apache/spec/classes/mod/expires_spec.rb | 84 + .../spec/classes/mod/ext_filter_spec.rb | 68 + .../apache/spec/classes/mod/fastcgi_spec.rb | 45 + .../apache/spec/classes/mod/fcgid_spec.rb | 143 ++ .../apache/spec/classes/mod/info_spec.rb | 224 +++ .../apache/spec/classes/mod/itk_spec.rb | 130 ++ .../apache/spec/classes/mod/ldap_spec.rb | 78 + .../spec/classes/mod/mime_magic_spec.rb | 112 ++ .../apache/spec/classes/mod/mime_spec.rb | 54 + .../spec/classes/mod/negotiation_spec.rb | 65 + .../apache/spec/classes/mod/pagespeed_spec.rb | 54 + .../apache/spec/classes/mod/passenger_spec.rb | 327 ++++ .../apache/spec/classes/mod/perl_spec.rb | 76 + .../apache/spec/classes/mod/peruser_spec.rb | 43 + .../apache/spec/classes/mod/php_spec.rb | 293 ++++ .../apache/spec/classes/mod/prefork_spec.rb | 134 ++ .../spec/classes/mod/proxy_connect_spec.rb | 65 + .../spec/classes/mod/proxy_html_spec.rb | 105 ++ .../apache/spec/classes/mod/python_spec.rb | 76 + .../apache/spec/classes/mod/remoteip_spec.rb | 53 + .../spec/classes/mod/reqtimeout_spec.rb | 150 ++ .../apache/spec/classes/mod/rpaf_spec.rb | 130 ++ .../apache/spec/classes/mod/security_spec.rb | 95 + .../apache/spec/classes/mod/shib_spec.rb | 44 + .../apache/spec/classes/mod/speling_spec.rb | 39 + .../apache/spec/classes/mod/ssl_spec.rb | 165 ++ .../apache/spec/classes/mod/status_spec.rb | 206 +++ .../apache/spec/classes/mod/suphp_spec.rb | 40 + .../apache/spec/classes/mod/worker_spec.rb | 189 ++ .../apache/spec/classes/mod/wsgi_spec.rb | 147 ++ .../module/apache/spec/classes/params_spec.rb | 24 + .../apache/spec/classes/service_spec.rb | 173 ++ .../spec/defines/balancermember_spec.rb | 37 + .../apache/spec/defines/custom_config_spec.rb | 138 ++ .../spec/defines/fastcgi_server_spec.rb | 133 ++ .../module/apache/spec/defines/mod_spec.rb | 166 ++ .../apache/spec/defines/modsec_link_spec.rb | 53 + .../apache/spec/defines/vhost_custom_spec.rb | 99 ++ .../module/apache/spec/defines/vhost_spec.rb | 1151 +++++++++++++ .../http/apache/module/apache/spec/spec.opts | 6 + .../apache/spec/spec_helper_acceptance.rb | 80 + .../spec/unit/provider/a2mod/gentoo_spec.rb | 182 ++ .../parser/functions/bool2httpd_spec.rb | 53 + .../parser/functions/enclose_ipv6_spec.rb | 69 + .../functions/validate_apache_log_level.rb | 39 + .../apache/templates/confd/no-accf.conf.erb | 4 + .../apache/templates/fastcgi/server.erb | 3 + .../module/apache/templates/httpd.conf.erb | 138 ++ .../apache/module/apache/templates/listen.erb | 6 + .../apache/templates/mod/alias.conf.erb | 13 + .../apache/templates/mod/auth_cas.conf.erb | 40 + .../apache/templates/mod/auth_mellon.conf.erb | 21 + .../apache/templates/mod/authnz_ldap.conf.erb | 5 + .../apache/templates/mod/autoindex.conf.erb | 56 + .../module/apache/templates/mod/cgid.conf.erb | 1 + .../apache/templates/mod/dav_fs.conf.erb | 1 + .../apache/templates/mod/deflate.conf.erb | 7 + .../module/apache/templates/mod/dir.conf.erb | 1 + .../apache/templates/mod/disk_cache.conf.erb | 4 + .../apache/templates/mod/event.conf.erb | 13 + .../apache/templates/mod/expires.conf.erb | 11 + .../apache/templates/mod/ext_filter.conf.erb | 6 + .../apache/templates/mod/fastcgi.conf.erb | 8 + .../apache/templates/mod/geoip.conf.erb | 25 + .../module/apache/templates/mod/info.conf.erb | 19 + .../module/apache/templates/mod/itk.conf.erb | 8 + .../module/apache/templates/mod/ldap.conf.erb | 14 + .../module/apache/templates/mod/load.erb | 7 + .../module/apache/templates/mod/mime.conf.erb | 38 + .../apache/templates/mod/mime_magic.conf.erb | 1 + .../apache/templates/mod/mpm_event.conf.erb | 9 + .../apache/templates/mod/negotiation.conf.erb | 2 + .../module/apache/templates/mod/nss.conf.erb | 228 +++ .../apache/templates/mod/pagespeed.conf.erb | 102 ++ .../apache/templates/mod/passenger.conf.erb | 52 + .../apache/templates/mod/peruser.conf.erb | 12 + .../module/apache/templates/mod/php5.conf.erb | 31 + .../apache/templates/mod/prefork.conf.erb | 8 + .../apache/templates/mod/proxy.conf.erb | 27 + .../apache/templates/mod/proxy_html.conf.erb | 18 + .../apache/templates/mod/remoteip.conf.erb | 23 + .../apache/templates/mod/reqtimeout.conf.erb | 3 + .../module/apache/templates/mod/rpaf.conf.erb | 15 + .../apache/templates/mod/security.conf.erb | 71 + .../templates/mod/security_crs.conf.erb | 428 +++++ .../apache/templates/mod/setenvif.conf.erb | 34 + .../module/apache/templates/mod/ssl.conf.erb | 31 + .../apache/templates/mod/status.conf.erb | 16 + .../apache/templates/mod/suphp.conf.erb | 19 + .../apache/templates/mod/unixd_fcgid.conf.erb | 5 + .../apache/templates/mod/userdir.conf.erb | 27 + .../apache/templates/mod/worker.conf.erb | 11 + .../module/apache/templates/mod/wsgi.conf.erb | 13 + .../apache/templates/namevirtualhost.erb | 8 + .../module/apache/templates/ports_header.erb | 5 + .../apache/templates/vhost/_access_log.erb | 21 + .../module/apache/templates/vhost/_action.erb | 4 + .../templates/vhost/_additional_includes.erb | 9 + .../apache/templates/vhost/_aliases.erb | 16 + .../vhost/_allow_encoded_slashes.erb | 4 + .../apache/templates/vhost/_auth_kerb.erb | 32 + .../module/apache/templates/vhost/_block.erb | 14 + .../apache/templates/vhost/_charsets.erb | 4 + .../templates/vhost/_custom_fragment.erb | 5 + .../apache/templates/vhost/_directories.erb | 300 ++++ .../apache/templates/vhost/_docroot.erb | 7 + .../templates/vhost/_error_document.erb | 7 + .../templates/vhost/_fallbackresource.erb | 4 + .../apache/templates/vhost/_fastcgi.erb | 22 + .../apache/templates/vhost/_file_footer.erb | 1 + .../apache/templates/vhost/_file_header.erb | 12 + .../apache/templates/vhost/_filters.erb | 10 + .../module/apache/templates/vhost/_header.erb | 10 + .../module/apache/templates/vhost/_itk.erb | 29 + .../apache/templates/vhost/_logging.erb | 10 + .../apache/templates/vhost/_passenger.erb | 18 + .../templates/vhost/_passenger_base_uris.erb | 7 + .../module/apache/templates/vhost/_php.erb | 12 + .../apache/templates/vhost/_php_admin.erb | 12 + .../module/apache/templates/vhost/_proxy.erb | 84 + .../module/apache/templates/vhost/_rack.erb | 7 + .../apache/templates/vhost/_redirect.erb | 25 + .../apache/templates/vhost/_requestheader.erb | 10 + .../apache/templates/vhost/_rewrite.erb | 50 + .../apache/templates/vhost/_scriptalias.erb | 24 + .../apache/templates/vhost/_security.erb | 20 + .../apache/templates/vhost/_serveralias.erb | 7 + .../templates/vhost/_serversignature.erb | 1 + .../module/apache/templates/vhost/_setenv.erb | 12 + .../module/apache/templates/vhost/_ssl.erb | 46 + .../apache/templates/vhost/_sslproxy.erb | 17 + .../module/apache/templates/vhost/_suexec.erb | 4 + .../module/apache/templates/vhost/_suphp.erb | 11 + .../module/apache/templates/vhost/_wsgi.erb | 27 + 692 files changed, 35471 insertions(+) create mode 100644 modules/dependencies/stdlib/CHANGELOG.md create mode 100644 modules/dependencies/stdlib/CONTRIBUTING.md create mode 100644 modules/dependencies/stdlib/Gemfile create mode 100644 modules/dependencies/stdlib/LICENSE create mode 100644 modules/dependencies/stdlib/README.markdown create mode 100644 modules/dependencies/stdlib/README_DEVELOPER.markdown create mode 100644 modules/dependencies/stdlib/README_SPECS.markdown create mode 100644 modules/dependencies/stdlib/RELEASE_PROCESS.markdown create mode 100644 modules/dependencies/stdlib/Rakefile create mode 100644 modules/dependencies/stdlib/checksums.json create mode 100644 modules/dependencies/stdlib/examples/file_line.pp create mode 100644 modules/dependencies/stdlib/examples/has_interface_with.pp create mode 100644 modules/dependencies/stdlib/examples/has_ip_address.pp create mode 100644 modules/dependencies/stdlib/examples/has_ip_network.pp create mode 100644 modules/dependencies/stdlib/examples/init.pp create mode 100644 modules/dependencies/stdlib/lib/facter/facter_dot_d.rb create mode 100644 modules/dependencies/stdlib/lib/facter/package_provider.rb create mode 100644 modules/dependencies/stdlib/lib/facter/pe_version.rb create mode 100644 modules/dependencies/stdlib/lib/facter/puppet_vardir.rb create mode 100644 modules/dependencies/stdlib/lib/facter/root_home.rb create mode 100644 modules/dependencies/stdlib/lib/facter/service_provider.rb create mode 100644 modules/dependencies/stdlib/lib/facter/util/puppet_settings.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/functions/is_a.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/functions/type_of.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/abs.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/any2array.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/assert_private.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/base64.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/basename.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/bool2num.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/bool2str.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/camelcase.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/capitalize.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/ceiling.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/chomp.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/chop.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/concat.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/convert_base.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/count.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/deep_merge.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/defined_with_params.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/delete.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/delete_at.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/delete_undef_values.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/delete_values.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/difference.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/dirname.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/dos2unix.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/downcase.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/empty.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_packages.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_resource.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/flatten.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/floor.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rand_string.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/get_module_path.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/getparam.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/getvar.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/grep.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/has_interface_with.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_network.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/has_key.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/hash.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/intersection.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_absolute_path.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_array.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_bool.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_domain_name.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_float.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_function_available.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_hash.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_integer.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_ip_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_mac_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_numeric.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/is_string.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/join.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/join_keys_to_values.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/keys.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/load_module_metadata.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/loadyaml.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/lstrip.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/max.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/member.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/merge.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/min.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/num2bool.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/parsejson.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/parseyaml.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/pick.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/pick_default.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/prefix.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/private.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/pw_hash.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/range.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/reject.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/reverse.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/rstrip.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/seeded_rand.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/shuffle.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/size.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/sort.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/squeeze.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/str2bool.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/str2saltedsha512.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/strftime.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/strip.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/suffix.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/swapcase.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/time.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/to_bytes.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/try_get_value.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/type.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/type3x.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/union.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/unique.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/unix2dos.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/upcase.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/uriescape.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_absolute_path.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_array.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_augeas.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_bool.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_cmd.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_hash.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_integer.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ip_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv4_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv6_address.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_numeric.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_re.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_slength.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/validate_string.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/values.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/values_at.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/parser/functions/zip.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/provider/file_line/ruby.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/type/anchor.rb create mode 100644 modules/dependencies/stdlib/lib/puppet/type/file_line.rb create mode 100644 modules/dependencies/stdlib/manifests/init.pp create mode 100644 modules/dependencies/stdlib/manifests/stages.pp create mode 100644 modules/dependencies/stdlib/metadata.json create mode 100755 modules/dependencies/stdlib/spec/acceptance/abs_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/anchor_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/any2array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/base64_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/bool2num_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/build_csv.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/capitalize_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/ceiling_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/chomp_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/chop_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/concat_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/count_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/deep_merge_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/defined_with_params_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/delete_at_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/delete_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/delete_undef_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/delete_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/difference_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/dirname_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/downcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/empty_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/ensure_resource_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/flatten_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/floor_spec.rb create mode 100644 modules/dependencies/stdlib/spec/acceptance/fqdn_rand_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/fqdn_rotate_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/get_module_path_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/getparam_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/getvar_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/grep_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/has_interface_with_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/has_ip_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/has_ip_network_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/has_key_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/intersection_spec.rb create mode 100644 modules/dependencies/stdlib/spec/acceptance/is_a_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_domain_name_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_float_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_function_available_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_integer_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_ip_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_mac_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_numeric_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/is_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/join_keys_to_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/join_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/keys_spec.rb create mode 100644 modules/dependencies/stdlib/spec/acceptance/loadyaml_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/lstrip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/max_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/member_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/merge_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/min_spec.rb create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/centos-59-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/centos-6-vcloud.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64-pe.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/centos-65-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/default.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/fedora-18-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/sles-11-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-i386.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-x86_64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008-x86_64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008r2-x86_64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012-x86_64.yml create mode 100644 modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012r2-x86_64.yml create mode 100755 modules/dependencies/stdlib/spec/acceptance/num2bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/parsejson_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/parseyaml_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/pick_default_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/pick_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/prefix_spec.rb create mode 100644 modules/dependencies/stdlib/spec/acceptance/pw_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/range_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/reject_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/reverse_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/rstrip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/shuffle_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/size_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/sort_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/squeeze_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/str2bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/str2saltedsha512_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/strftime_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/strip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/suffix_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/swapcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/time_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/to_bytes_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/try_get_value_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/type_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/union_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/unique_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/unsupported_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/upcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/uriescape_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_absolute_path_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_augeas_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_cmd_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_ipv4_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_ipv6_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_re_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_slength_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/validate_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/values_at_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/acceptance/zip_spec.rb create mode 100644 modules/dependencies/stdlib/spec/fixtures/dscacheutil/root create mode 100644 modules/dependencies/stdlib/spec/fixtures/lsuser/root create mode 100755 modules/dependencies/stdlib/spec/functions/abs_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/any2array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/assert_private_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/base64_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/basename_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/bool2num_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/bool2str_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/camelcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/capitalize_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/ceiling_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/chomp_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/chop_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/concat_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/convert_base_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/count_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/deep_merge_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/defined_with_params_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/delete_at_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/delete_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/delete_undef_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/delete_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/difference_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/dirname_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/dos2unix_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/downcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/empty_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/ensure_packages_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/ensure_resource_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/flatten_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/floor_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/fqdn_rand_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/fqdn_rotate_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/get_module_path_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/getparam_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/getvar_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/grep_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/has_interface_with_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/has_ip_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/has_ip_network_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/has_key_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/intersection_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/is_a_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_domain_name_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_float_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_function_available.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_integer_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_ip_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_mac_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_numeric_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/is_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/join_keys_to_values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/join_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/keys_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/load_module_metadata_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/loadyaml_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/lstrip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/max_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/member_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/merge_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/min_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/num2bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/parsejson_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/parseyaml_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/pick_default_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/pick_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/prefix_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/private_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/pw_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/range_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/reject_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/reverse_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/rstrip_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/seeded_rand_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/shuffle_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/size_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/sort_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/squeeze_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/str2bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/str2saltedsha512_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/strftime_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/strip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/suffix_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/swapcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/time_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/to_bytes_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/try_get_value_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/type3x_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/type_of_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/type_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/union_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/unique_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/unix2dos_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/upcase_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/uriescape_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_absolute_path_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_array_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_augeas_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_bool_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_cmd_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_hash_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_integer_spec.rb create mode 100644 modules/dependencies/stdlib/spec/functions/validate_ip_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_ipv4_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_ipv6_address_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_numeric_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_re_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_slength_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/validate_string_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/values_at_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/values_spec.rb create mode 100755 modules/dependencies/stdlib/spec/functions/zip_spec.rb create mode 100755 modules/dependencies/stdlib/spec/monkey_patches/alias_should_to_must.rb create mode 100755 modules/dependencies/stdlib/spec/monkey_patches/publicize_methods.rb create mode 100644 modules/dependencies/stdlib/spec/puppetlabs_spec_helper_clone.rb create mode 100644 modules/dependencies/stdlib/spec/spec.opts create mode 100755 modules/dependencies/stdlib/spec/spec_helper.rb create mode 100755 modules/dependencies/stdlib/spec/spec_helper_acceptance.rb create mode 100755 modules/dependencies/stdlib/spec/unit/facter/facter_dot_d_spec.rb create mode 100644 modules/dependencies/stdlib/spec/unit/facter/package_provider_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/facter/pe_version_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/facter/root_home_spec.rb create mode 100644 modules/dependencies/stdlib/spec/unit/facter/service_provider_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/facter/util/puppet_settings_spec.rb create mode 100644 modules/dependencies/stdlib/spec/unit/puppet/parser/functions/is_absolute_path_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/puppet/type/anchor_spec.rb create mode 100755 modules/dependencies/stdlib/spec/unit/puppet/type/file_line_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/CHANGELOG.md create mode 100644 modules/services/unix/http/apache/module/apache/CONTRIBUTING.md create mode 100644 modules/services/unix/http/apache/module/apache/examples/apache.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/dev.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/init.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/mod_load_params.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/mods.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/mods_custom.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/php.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost_directories.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost_filter.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost_ip_based.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost_proxypass.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhost_ssl.pp create mode 100644 modules/services/unix/http/apache/module/apache/examples/vhosts_without_listen.pp create mode 100644 modules/services/unix/http/apache/module/apache/files/httpd create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/bool2httpd.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/enclose_ipv6.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/validate_apache_log_level.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/a2mod.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/gentoo.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/modfix.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/redhat.rb create mode 100644 modules/services/unix/http/apache/module/apache/lib/puppet/type/a2mod.rb create mode 100644 modules/services/unix/http/apache/module/apache/manifests/balancer.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/balancermember.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/confd/no_accf.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/custom_config.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/default_confd_files.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/default_mods.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/default_mods/load.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/dev.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/fastcgi/server.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/actions.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/alias.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/auth_basic.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/auth_cas.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/auth_kerb.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/auth_mellon.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/authn_core.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/authn_file.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/authnz_ldap.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/authz_default.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/authz_user.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/autoindex.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/cache.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/cgi.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/cgid.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/dav.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/dav_fs.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/dav_svn.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/deflate.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/dev.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/dir.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/disk_cache.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/event.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/expires.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/ext_filter.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/fastcgi.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/fcgid.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/filter.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/geoip.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/headers.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/include.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/info.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/itk.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/ldap.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/mime.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/mime_magic.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/negotiation.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/nss.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/pagespeed.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/passenger.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/perl.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/peruser.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/php.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/prefork.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy_ajp.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy_balancer.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy_connect.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy_html.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/proxy_http.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/python.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/remoteip.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/reqtimeout.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/rewrite.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/rpaf.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/security.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/setenvif.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/shib.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/speling.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/ssl.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/status.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/suexec.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/suphp.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/userdir.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/version.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/vhost_alias.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/worker.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/wsgi.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mod/xsendfile.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/mpm.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/namevirtualhost.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/package.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/peruser/multiplexer.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/peruser/processor.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/php.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/proxy.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/python.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/security/rule_link.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/service.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/version.pp create mode 100644 modules/services/unix/http/apache/module/apache/manifests/vhost/custom.pp create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/apache_parameters_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/apache_ssl_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/class_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/custom_config_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/default_mods_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/itk_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_dav_svn_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_deflate_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_fcgid_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_mime_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_negotiation_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_pagespeed_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_passenger_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_php_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_proxy_html_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_security_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/mod_suphp_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/centos-70-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-607-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-i386.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-82-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/default.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/fedora-18-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/prefork_worker_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/service_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/version.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/acceptance/vhost_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/dev_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/alias_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_cas_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_kerb_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_mellon_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/authnz_ldap_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/dav_svn_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/deflate_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/dev_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/dir_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/disk_cache.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/event_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/expires_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/ext_filter_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/fastcgi_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/fcgid_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/info_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/itk_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/ldap_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_magic_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/negotiation_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/pagespeed_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/passenger_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/perl_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/peruser_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/php_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/prefork_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_connect_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_html_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/python_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/remoteip_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/reqtimeout_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/rpaf_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/security_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/shib_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/speling_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/ssl_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/status_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/suphp_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/worker_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/mod/wsgi_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/params_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/classes/service_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/balancermember_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/custom_config_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/fastcgi_server_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/mod_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/modsec_link_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/vhost_custom_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/defines/vhost_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/spec.opts create mode 100644 modules/services/unix/http/apache/module/apache/spec/spec_helper_acceptance.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/unit/provider/a2mod/gentoo_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb create mode 100644 modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb create mode 100644 modules/services/unix/http/apache/module/apache/templates/confd/no-accf.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/fastcgi/server.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/httpd.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/listen.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/alias.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/auth_cas.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/auth_mellon.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/authnz_ldap.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/autoindex.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/cgid.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/dav_fs.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/deflate.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/dir.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/disk_cache.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/event.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/expires.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/ext_filter.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/fastcgi.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/geoip.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/info.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/itk.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/ldap.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/load.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/mime.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/mime_magic.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/mpm_event.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/negotiation.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/nss.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/pagespeed.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/passenger.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/peruser.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/php5.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/prefork.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/proxy.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/proxy_html.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/remoteip.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/reqtimeout.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/rpaf.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/security.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/security_crs.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/setenvif.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/ssl.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/status.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/suphp.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/unixd_fcgid.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/userdir.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/worker.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/mod/wsgi.conf.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/namevirtualhost.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/ports_header.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_access_log.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_action.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_additional_includes.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_aliases.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_allow_encoded_slashes.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_auth_kerb.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_block.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_charsets.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_custom_fragment.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_directories.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_docroot.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_error_document.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_fallbackresource.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_fastcgi.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_file_footer.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_file_header.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_filters.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_header.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_itk.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_logging.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_passenger.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_passenger_base_uris.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_php.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_php_admin.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_proxy.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_rack.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_redirect.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_requestheader.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_rewrite.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_scriptalias.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_security.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_serveralias.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_serversignature.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_setenv.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_ssl.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_sslproxy.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_suexec.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_suphp.erb create mode 100644 modules/services/unix/http/apache/module/apache/templates/vhost/_wsgi.erb diff --git a/modules/dependencies/stdlib/CHANGELOG.md b/modules/dependencies/stdlib/CHANGELOG.md new file mode 100644 index 000000000..2698dde27 --- /dev/null +++ b/modules/dependencies/stdlib/CHANGELOG.md @@ -0,0 +1,630 @@ +## Supported Release 4.11.0 +###Summary + +Provides a validate_absolute_paths and Debian 8 support. There is a fix to the is_package_provider fact and a test improvement. + +####Features +- Adds new parser called is_absolute_path +- Supports Debian 8 + +####Bugfixes +- Allow package_provider fact to resolve on PE 3.x + +####Improvements +- ensures that the test passes independently of changes to rubygems for ensure_resource + +##2015-12-15 - Supported Release 4.10.0 +###Summary + +Includes the addition of several new functions and considerable improvements to the existing functions, tests and documentation. Includes some bug fixes which includes compatibility, test and fact issues. + +####Features +- Adds service_provider fact +- Adds is_a() function +- Adds package_provider fact +- Adds validate_ip_address function +- Adds seeded_rand function + +####Bugfixes +- Fix backwards compatibility from an improvement to the parseyaml function +- Renaming of load_module_metadata test to include _spec.rb +- Fix root_home fact on AIX 5.x, now '-c' rather than '-C' +- Fixed Gemfile to work with ruby 1.8.7 + +####Improvements +- (MODULES-2462) Improvement of parseyaml function +- Improvement of str2bool function +- Improvement to readme +- Improvement of intersection function +- Improvement of validate_re function +- Improved speed on Facter resolution of service_provider +- empty function now handles numeric values +- Package_provider now prevents deprecation warning about the allow_virtual parameter +- load_module_metadata now succeeds on empty file +- Check added to ensure puppetversion value is not nil +- Improvement to bool2str to return a string of choice using boolean +- Improvement to naming convention in validate_ipv4_address function + +## Supported Release 4.9.1 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + +##2015-09-08 - Supported Release 4.9.0 +###Summary + +This release adds new features including the new functions dos2unix, unix2dos, try_get_value, convert_base as well as other features and improvements. + +####Features +- (MODULES-2370) allow `match` parameter to influence `ensure => absent` behavior +- (MODULES-2410) Add new functions dos2unix and unix2dos +- (MODULE-2456) Modify union to accept more than two arrays +- Adds a convert_base function, which can convert numbers between bases +- Add a new function "try_get_value" + +####Bugfixes +- n/a + +####Improvements +- (MODULES-2478) Support root_home fact on AIX through "lsuser" command +- Acceptance test improvements +- Unit test improvements +- Readme improvements + +## 2015-08-10 - Supported Release 4.8.0 +### Summary +This release adds a function for reading metadata.json from any module, and expands file\_line's abilities. + +#### Features +- New parameter `replace` on `file_line` +- New function `load_module_metadata()` to load metadata.json and return the content as a hash. +- Added hash support to `size()` + +#### Bugfixes +- Fix various docs typos +- Fix `file_line` resource on puppet < 3.3 + +##2015-06-22 - Supported Release 4.7.0 +###Summary + +Adds Solaris 12 support along with improved Puppet 4 support. There are significant test improvements, and some minor fixes. + +####Features +- Add support for Solaris 12 + +####Bugfixes +- Fix for AIO Puppet 4 +- Fix time for ruby 1.8.7 +- Specify rspec-puppet version +- range() fix for typeerror and missing functionality +- Fix pw_hash() on JRuby < 1.7.17 +- fqdn_rand_string: fix argument error message +- catch and rescue from looking up non-existent facts +- Use puppet_install_helper, for Puppet 4 + +####Improvements +- Enforce support for Puppet 4 testing +- fqdn_rotate/fqdn_rand_string acceptance tests and implementation +- Simplify mac address regex +- validate_integer, validate_numeric: explicitely reject hashes in arrays +- Readme edits +- Remove all the pops stuff for rspec-puppet +- Sync via modulesync +- Add validate_slength optional 3rd arg +- Move tests directory to examples directory + +##2015-04-14 - Supported Release 4.6.0 +###Summary + +Adds functions and function argument abilities, and improves compatibility with the new puppet parser + +####Features +- MODULES-444: `concat()` can now take more than two arrays +- `basename()` added to have Ruby File.basename functionality +- `delete()` can now take an array of items to remove +- `prefix()` can now take a hash +- `upcase()` can now take a hash or array of upcaseable things +- `validate_absolute_path()` can now take an array +- `validate_cmd()` can now use % in the command to embed the validation file argument in the string +- MODULES-1473: deprecate `type()` function in favor of `type3x()` +- MODULES-1473: Add `type_of()` to give better type information on future parser +- Deprecate `private()` for `assert_private()` due to future parser +- Adds `ceiling()` to take the ceiling of a number +- Adds `fqdn_rand_string()` to generate random string based on fqdn +- Adds `pw_hash()` to generate password hashes +- Adds `validate_integer()` +- Adds `validate_numeric()` (like `validate_integer()` but also accepts floats) + +####Bugfixes +- Fix seeding of `fqdn_rotate()` +- `ensure_resource()` is more verbose on debug mode +- Stricter argument checking for `dirname()` +- Fix `is_domain_name()` to better match RFC +- Fix `uriescape()` when called with array +- Fix `file_line` resource when using the `after` attribute with `match` + +##2015-01-14 - Supported Release 4.5.1 +###Summary + +This release changes the temporary facter_dot_d cache locations outside of the /tmp directory due to a possible security vunerability. CVE-2015-1029 + +####Bugfixes +- Facter_dot_d cache will now be stored in puppet libdir instead of tmp + +##2014-12-15 - Supported Release 4.5.0 +###Summary + +This release improves functionality of the member function and adds improved future parser support. + +####Features +- MODULES-1329: Update member() to allow the variable to be an array. +- Sync .travis.yml, Gemfile, Rakefile, and CONTRIBUTING.md via modulesync + +####Bugfixes +- Fix range() to work with numeric ranges with the future parser +- Accurately express SLES support in metadata.json (was missing 10SP4 and 12) +- Don't require `line` to match the `match` parameter + +##2014-11-10 - Supported Release 4.4.0 +###Summary +This release has an overhauled readme, new private manifest function, and fixes many future parser bugs. + +####Features +- All new shiny README +- New `private()` function for making private manifests (yay!) + +####Bugfixes +- Code reuse in `bool2num()` and `zip()` +- Fix many functions to handle `generate()` no longer returning a string on new puppets +- `concat()` no longer modifies the first argument (whoops) +- strict variable support for `getvar()`, `member()`, `values_at`, and `has_interface_with()` +- `to_bytes()` handles PB and EB now +- Fix `tempfile` ruby requirement for `validate_augeas()` and `validate_cmd()` +- Fix `validate_cmd()` for windows +- Correct `validate_string()` docs to reflect non-handling of `undef` +- Fix `file_line` matching on older rubies + + +##2014-07-15 - Supported Release 4.3.2 +###Summary + +This release merely updates metadata.json so the module can be uninstalled and +upgraded via the puppet module command. + +##2014-07-14 - Supported Release 4.3.1 +### Summary +This supported release updates the metadata.json to work around upgrade behavior of the PMT. + +#### Bugfixes +- Synchronize metadata.json with PMT-generated metadata to pass checksums + +##2014-06-27 - Supported Release 4.3.0 +### Summary +This release is the first supported release of the stdlib 4 series. It remains +backwards-compatible with the stdlib 3 series. It adds two new functions, one bugfix, and many testing updates. + +#### Features +- New `bool2str()` function +- New `camelcase()` function + +#### Bugfixes +- Fix `has_interface_with()` when interfaces fact is nil + +##2014-06-04 - Release 4.2.2 +### Summary + +This release adds PE3.3 support in the metadata and fixes a few tests. + +## 2014-05-08 - Release - 4.2.1 +### Summary +This release moves a stray symlink that can cause problems. + +## 2014-05-08 - Release - 4.2.0 +### Summary +This release adds many new functions and fixes, and continues to be backwards compatible with stdlib 3.x + +#### Features +- New `base64()` function +- New `deep_merge()` function +- New `delete_undef_values()` function +- New `delete_values()` function +- New `difference()` function +- New `intersection()` function +- New `is_bool()` function +- New `pick_default()` function +- New `union()` function +- New `validate_ipv4_address` function +- New `validate_ipv6_address` function +- Update `ensure_packages()` to take an option hash as a second parameter. +- Update `range()` to take an optional third argument for range step +- Update `validate_slength()` to take an optional third argument for minimum length +- Update `file_line` resource to take `after` and `multiple` attributes + +#### Bugfixes +- Correct `is_string`, `is_domain_name`, `is_array`, `is_float`, and `is_function_available` for parsing odd types such as bools and hashes. +- Allow facts.d facts to contain `=` in the value +- Fix `root_home` fact on darwin systems +- Fix `concat()` to work with a second non-array argument +- Fix `floor()` to work with integer strings +- Fix `is_integer()` to return true if passed integer strings +- Fix `is_numeric()` to return true if passed integer strings +- Fix `merge()` to work with empty strings +- Fix `pick()` to raise the correct error type +- Fix `uriescape()` to use the default URI.escape list +- Add/update unit & acceptance tests. + + +##2014-03-04 - Supported Release - 3.2.1 +###Summary +This is a supported release + +####Bugfixes +- Fixed `is_integer`/`is_float`/`is_numeric` for checking the value of arithmatic expressions. + +####Known bugs +* No known bugs + +--- + +##### 2013-05-06 - Jeff McCune - 4.1.0 + + * (#20582) Restore facter\_dot\_d to stdlib for PE users (3b887c8) + * (maint) Update Gemfile with GEM\_FACTER\_VERSION (f44d535) + +##### 2013-05-06 - Alex Cline - 4.1.0 + + * Terser method of string to array conversion courtesy of ethooz. (d38bce0) + +##### 2013-05-06 - Alex Cline 4.1.0 + + * Refactor ensure\_resource expectations (b33cc24) + +##### 2013-05-06 - Alex Cline 4.1.0 + + * Changed str-to-array conversion and removed abbreviation. (de253db) + +##### 2013-05-03 - Alex Cline 4.1.0 + + * (#20548) Allow an array of resource titles to be passed into the ensure\_resource function (e08734a) + +##### 2013-05-02 - Raphaël Pinson - 4.1.0 + + * Add a dirname function (2ba9e47) + +##### 2013-04-29 - Mark Smith-Guerrero - 4.1.0 + + * (maint) Fix a small typo in hash() description (928036a) + +##### 2013-04-12 - Jeff McCune - 4.0.2 + + * Update user information in gemspec to make the intent of the Gem clear. + +##### 2013-04-11 - Jeff McCune - 4.0.1 + + * Fix README function documentation (ab3e30c) + +##### 2013-04-11 - Jeff McCune - 4.0.0 + + * stdlib 4.0 drops support with Puppet 2.7 + * stdlib 4.0 preserves support with Puppet 3 + +##### 2013-04-11 - Jeff McCune - 4.0.0 + + * Add ability to use puppet from git via bundler (9c5805f) + +##### 2013-04-10 - Jeff McCune - 4.0.0 + + * (maint) Make stdlib usable as a Ruby GEM (e81a45e) + +##### 2013-04-10 - Erik Dalén - 4.0.0 + + * Add a count function (f28550e) + +##### 2013-03-31 - Amos Shapira - 4.0.0 + + * (#19998) Implement any2array (7a2fb80) + +##### 2013-03-29 - Steve Huff - 4.0.0 + + * (19864) num2bool match fix (8d217f0) + +##### 2013-03-20 - Erik Dalén - 4.0.0 + + * Allow comparisons of Numeric and number as String (ff5dd5d) + +##### 2013-03-26 - Richard Soderberg - 4.0.0 + + * add suffix function to accompany the prefix function (88a93ac) + +##### 2013-03-19 - Kristof Willaert - 4.0.0 + + * Add floor function implementation and unit tests (0527341) + +##### 2012-04-03 - Eric Shamow - 4.0.0 + + * (#13610) Add is\_function\_available to stdlib (961dcab) + +##### 2012-12-17 - Justin Lambert - 4.0.0 + + * str2bool should return a boolean if called with a boolean (5d5a4d4) + +##### 2012-10-23 - Uwe Stuehler - 4.0.0 + + * Fix number of arguments check in flatten() (e80207b) + +##### 2013-03-11 - Jeff McCune - 4.0.0 + + * Add contributing document (96e19d0) + +##### 2013-03-04 - Raphaël Pinson - 4.0.0 + + * Add missing documentation for validate\_augeas and validate\_cmd to README.markdown (a1510a1) + +##### 2013-02-14 - Joshua Hoblitt - 4.0.0 + + * (#19272) Add has\_element() function (95cf3fe) + +##### 2013-02-07 - Raphaël Pinson - 4.0.0 + + * validate\_cmd(): Use Puppet::Util::Execution.execute when available (69248df) + +##### 2012-12-06 - Raphaël Pinson - 4.0.0 + + * Add validate\_augeas function (3a97c23) + +##### 2012-12-06 - Raphaël Pinson - 4.0.0 + + * Add validate\_cmd function (6902cc5) + +##### 2013-01-14 - David Schmitt - 4.0.0 + + * Add geppetto project definition (b3fc0a3) + +##### 2013-01-02 - Jaka Hudoklin - 4.0.0 + + * Add getparam function to get defined resource parameters (20e0e07) + +##### 2013-01-05 - Jeff McCune - 4.0.0 + + * (maint) Add Travis CI Support (d082046) + +##### 2012-12-04 - Jeff McCune - 4.0.0 + + * Clarify that stdlib 3 supports Puppet 3 (3a6085f) + +##### 2012-11-30 - Erik Dalén - 4.0.0 + + * maint: style guideline fixes (7742e5f) + +##### 2012-11-09 - James Fryman - 4.0.0 + + * puppet-lint cleanup (88acc52) + +##### 2012-11-06 - Joe Julian - 4.0.0 + + * Add function, uriescape, to URI.escape strings. Redmine #17459 (fd52b8d) + +##### 2012-09-18 - Chad Metcalf - 3.2.0 + + * Add an ensure\_packages function. (8a8c09e) + +##### 2012-11-23 - Erik Dalén - 3.2.0 + + * (#17797) min() and max() functions (9954133) + +##### 2012-05-23 - Peter Meier - 3.2.0 + + * (#14670) autorequire a file\_line resource's path (dfcee63) + +##### 2012-11-19 - Joshua Harlan Lifton - 3.2.0 + + * Add join\_keys\_to\_values function (ee0f2b3) + +##### 2012-11-17 - Joshua Harlan Lifton - 3.2.0 + + * Extend delete function for strings and hashes (7322e4d) + +##### 2012-08-03 - Gary Larizza - 3.2.0 + + * Add the pick() function (ba6dd13) + +##### 2012-03-20 - Wil Cooley - 3.2.0 + + * (#13974) Add predicate functions for interface facts (f819417) + +##### 2012-11-06 - Joe Julian - 3.2.0 + + * Add function, uriescape, to URI.escape strings. Redmine #17459 (70f4a0e) + +##### 2012-10-25 - Jeff McCune - 3.1.1 + + * (maint) Fix spec failures resulting from Facter API changes (97f836f) + +##### 2012-10-23 - Matthaus Owens - 3.1.0 + + * Add PE facts to stdlib (cdf3b05) + +##### 2012-08-16 - Jeff McCune - 3.0.1 + + * Fix accidental removal of facts\_dot\_d.rb in 3.0.0 release + +##### 2012-08-16 - Jeff McCune - 3.0.0 + + * stdlib 3.0 drops support with Puppet 2.6 + * stdlib 3.0 preserves support with Puppet 2.7 + +##### 2012-08-07 - Dan Bode - 3.0.0 + + * Add function ensure\_resource and defined\_with\_params (ba789de) + +##### 2012-07-10 - Hailee Kenney - 3.0.0 + + * (#2157) Remove facter\_dot\_d for compatibility with external facts (f92574f) + +##### 2012-04-10 - Chris Price - 3.0.0 + + * (#13693) moving logic from local spec\_helper to puppetlabs\_spec\_helper (85f96df) + +##### 2012-10-25 - Jeff McCune - 2.5.1 + + * (maint) Fix spec failures resulting from Facter API changes (97f836f) + +##### 2012-10-23 - Matthaus Owens - 2.5.0 + + * Add PE facts to stdlib (cdf3b05) + +##### 2012-08-15 - Dan Bode - 2.5.0 + + * Explicitly load functions used by ensure\_resource (9fc3063) + +##### 2012-08-13 - Dan Bode - 2.5.0 + + * Add better docs about duplicate resource failures (97d327a) + +##### 2012-08-13 - Dan Bode - 2.5.0 + + * Handle undef for parameter argument (4f8b133) + +##### 2012-08-07 - Dan Bode - 2.5.0 + + * Add function ensure\_resource and defined\_with\_params (a0cb8cd) + +##### 2012-08-20 - Jeff McCune - 2.5.0 + + * Disable tests that fail on 2.6.x due to #15912 (c81496e) + +##### 2012-08-20 - Jeff McCune - 2.5.0 + + * (Maint) Fix mis-use of rvalue functions as statements (4492913) + +##### 2012-08-20 - Jeff McCune - 2.5.0 + + * Add .rspec file to repo root (88789e8) + +##### 2012-06-07 - Chris Price - 2.4.0 + + * Add support for a 'match' parameter to file\_line (a06c0d8) + +##### 2012-08-07 - Erik Dalén - 2.4.0 + + * (#15872) Add to\_bytes function (247b69c) + +##### 2012-07-19 - Jeff McCune - 2.4.0 + + * (Maint) use PuppetlabsSpec::PuppetInternals.scope (master) (deafe88) + +##### 2012-07-10 - Hailee Kenney - 2.4.0 + + * (#2157) Make facts\_dot\_d compatible with external facts (5fb0ddc) + +##### 2012-03-16 - Steve Traylen - 2.4.0 + + * (#13205) Rotate array/string randomley based on fqdn, fqdn\_rotate() (fef247b) + +##### 2012-05-22 - Peter Meier - 2.3.3 + + * fix regression in #11017 properly (f0a62c7) + +##### 2012-05-10 - Jeff McCune - 2.3.3 + + * Fix spec tests using the new spec\_helper (7d34333) + +##### 2012-05-10 - Puppet Labs - 2.3.2 + + * Make file\_line default to ensure => present (1373e70) + * Memoize file\_line spec instance variables (20aacc5) + * Fix spec tests using the new spec\_helper (1ebfa5d) + * (#13595) initialize\_everything\_for\_tests couples modules Puppet ver (3222f35) + * (#13439) Fix MRI 1.9 issue with spec\_helper (15c5fd1) + * (#13439) Fix test failures with Puppet 2.6.x (665610b) + * (#13439) refactor spec helper for compatibility with both puppet 2.7 and master (82194ca) + * (#13494) Specify the behavior of zero padded strings (61891bb) + +##### 2012-03-29 Puppet Labs - 2.1.3 + +* (#11607) Add Rakefile to enable spec testing +* (#12377) Avoid infinite loop when retrying require json + +##### 2012-03-13 Puppet Labs - 2.3.1 + +* (#13091) Fix LoadError bug with puppet apply and puppet\_vardir fact + +##### 2012-03-12 Puppet Labs - 2.3.0 + +* Add a large number of new Puppet functions +* Backwards compatibility preserved with 2.2.x + +##### 2011-12-30 Puppet Labs - 2.2.1 + +* Documentation only release for the Forge + +##### 2011-12-30 Puppet Labs - 2.1.2 + +* Documentation only release for PE 2.0.x + +##### 2011-11-08 Puppet Labs - 2.2.0 + +* #10285 - Refactor json to use pson instead. +* Maint - Add watchr autotest script +* Maint - Make rspec tests work with Puppet 2.6.4 +* #9859 - Add root\_home fact and tests + +##### 2011-08-18 Puppet Labs - 2.1.1 + +* Change facts.d paths to match Facter 2.0 paths. +* /etc/facter/facts.d +* /etc/puppetlabs/facter/facts.d + +##### 2011-08-17 Puppet Labs - 2.1.0 + +* Add R.I. Pienaar's facts.d custom facter fact +* facts defined in /etc/facts.d and /etc/puppetlabs/facts.d are + automatically loaded now. + +##### 2011-08-04 Puppet Labs - 2.0.0 + +* Rename whole\_line to file\_line +* This is an API change and as such motivating a 2.0.0 release according to semver.org. + +##### 2011-08-04 Puppet Labs - 1.1.0 + +* Rename append\_line to whole\_line +* This is an API change and as such motivating a 1.1.0 release. + +##### 2011-08-04 Puppet Labs - 1.0.0 + +* Initial stable release +* Add validate\_array and validate\_string functions +* Make merge() function work with Ruby 1.8.5 +* Add hash merging function +* Add has\_key function +* Add loadyaml() function +* Add append\_line native + +##### 2011-06-21 Jeff McCune - 0.1.7 + +* Add validate\_hash() and getvar() functions + +##### 2011-06-15 Jeff McCune - 0.1.6 + +* Add anchor resource type to provide containment for composite classes + +##### 2011-06-03 Jeff McCune - 0.1.5 + +* Add validate\_bool() function to stdlib + +##### 0.1.4 2011-05-26 Jeff McCune + +* Move most stages after main + +##### 0.1.3 2011-05-25 Jeff McCune + +* Add validate\_re() function + +##### 0.1.2 2011-05-24 Jeff McCune + +* Update to add annotated tag + +##### 0.1.1 2011-05-24 Jeff McCune + +* Add stdlib::stages class with a standard set of stages diff --git a/modules/dependencies/stdlib/CONTRIBUTING.md b/modules/dependencies/stdlib/CONTRIBUTING.md new file mode 100644 index 000000000..f1cbde4bb --- /dev/null +++ b/modules/dependencies/stdlib/CONTRIBUTING.md @@ -0,0 +1,220 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 3. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% rake spec_clean +% rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://puppetlabs.com/community/get-help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/modules/dependencies/stdlib/Gemfile b/modules/dependencies/stdlib/Gemfile new file mode 100644 index 000000000..8221514c0 --- /dev/null +++ b/modules/dependencies/stdlib/Gemfile @@ -0,0 +1,61 @@ +source ENV['GEM_SOURCE'] || 'https://rubygems.org' + +def location_for(place, fake_version = nil) + if place =~ /^(git[:@][^#]*)#(.*)/ + [fake_version, { :git => $1, :branch => $2, :require => false }].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false }] + else + [place, { :require => false }] + end +end + +group :development, :unit_tests do + # rspec must be v2 for ruby 1.8.7 + if RUBY_VERSION >= '1.8.7' and RUBY_VERSION < '1.9' + gem 'rspec', '~> 2.0' + else + gem 'rspec', '~> 3.1.0', :require => false + end + + gem 'rake', '~> 10.1.0', :require => false + gem 'rspec-puppet', '~> 2.2', :require => false + gem 'mocha', :require => false + # keep for its rake task for now + gem 'puppetlabs_spec_helper', :require => false + gem 'puppet-lint', :require => false + gem 'metadata-json-lint', :require => false + gem 'pry', :require => false + gem 'simplecov', :require => false +end + +beaker_version = ENV['BEAKER_VERSION'] +beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] +group :system_tests do + if beaker_version + gem 'beaker', *location_for(beaker_version) + end + if beaker_rspec_version + gem 'beaker-rspec', *location_for(beaker_rspec_version) + else + gem 'beaker-rspec', :require => false + end + gem 'serverspec', :require => false + gem 'beaker-puppet_install_helper', :require => false +end + +facterversion = ENV['GEM_FACTER_VERSION'] || ENV['FACTER_GEM_VERSION'] +if facterversion + gem 'facter', *location_for(facterversion) +else + gem 'facter', :require => false +end + +puppetversion = ENV['GEM_PUPPET_VERSION'] || ENV['PUPPET_GEM_VERSION'] +if puppetversion + gem 'puppet', *location_for(puppetversion) +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/modules/dependencies/stdlib/LICENSE b/modules/dependencies/stdlib/LICENSE new file mode 100644 index 000000000..ec0587c0d --- /dev/null +++ b/modules/dependencies/stdlib/LICENSE @@ -0,0 +1,19 @@ +Copyright (C) 2011 Puppet Labs Inc + +and some parts: + +Copyright (C) 2011 Krzysztof Wilczynski + +Puppet Labs can be contacted at: info@puppetlabs.com + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/modules/dependencies/stdlib/README.markdown b/modules/dependencies/stdlib/README.markdown new file mode 100644 index 000000000..a6ed1fbc6 --- /dev/null +++ b/modules/dependencies/stdlib/README.markdown @@ -0,0 +1,1256 @@ +#stdlib + +####Table of Contents + +1. [Overview](#overview) +2. [Module Description - What the module does and why it is useful](#module-description) +3. [Setup - The basics of getting started with stdlib](#setup) +4. [Usage - Configuration options and additional functionality](#usage) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) + +##Overview + +Adds a standard library of resources for Puppet modules. + +##Module Description + +This module provides a standard library of resources for the development of Puppet modules. Puppet modules make heavy use of this standard library. The stdlib module adds the following resources to Puppet: + + * Stages + * Facts + * Functions + * Defined resource types + * Types + * Providers + +> *Note:* As of version 3.7, Puppet Enterprise no longer includes the stdlib module. If you're running Puppet Enterprise, you should install the most recent release of stdlib for compatibility with Puppet modules. + +##Setup + +Installing the stdlib module adds the functions, facts, and resources of this standard library to Puppet. + +##Usage + +After you've installed stdlib, all of its functions, facts, and resources are available for module use or development. + +If you want to use a standardized set of run stages for Puppet, `include stdlib` in your manifest. + +* `stdlib`: Most of stdlib's features are automatically loaded by Puppet. To use standardized run stages in Puppet, declare this class in your manifest with `include stdlib`. + + When declared, stdlib declares all other classes in the module. The only other class currently included in the module is `stdlib::stages`. + +The `stdlib::stages` class declares various run stages for deploying infrastructure, language runtimes, and application layers. The high level stages are (in order): + + * setup + * main + * runtime + * setup_infra + * deploy_infra + * setup_app + * deploy_app + * deploy + + Sample usage: + + ~~~ + node default { + include stdlib + class { java: stage => 'runtime' } + } + ~~~ + +## Reference + +### Classes + +#### Public Classes + + The stdlib class has no parameters. + +#### Private Classes + +* `stdlib::stages`: Manages a standard set of run stages for Puppet. It is managed by the stdlib class and should not be declared independently. + +### Types + +#### `file_line` + +Ensures that a given line is contained within a file. The implementation matches the full line, including whitespace at the beginning and end. If the line is not contained in the given file, Puppet appends the line to the end of the file to ensure the desired state. Multiple resources can be declared to manage multiple lines in the same file. + +Example: + + file_line { 'sudo_rule': + path => '/etc/sudoers', + line => '%sudo ALL=(ALL) ALL', + } + + file_line { 'sudo_rule_nopw': + path => '/etc/sudoers', + line => '%sudonopw ALL=(ALL) NOPASSWD: ALL', + } + +In this example, Puppet ensures that both of the specified lines are contained in the file `/etc/sudoers`. + +Match Example: + + file_line { 'bashrc_proxy': + ensure => present, + path => '/etc/bashrc', + line => 'export HTTP_PROXY=http://squid.puppetlabs.vm:3128', + match => '^export\ HTTP_PROXY\=', + } + +In this code example, `match` looks for a line beginning with export followed by HTTP_PROXY and replaces it with the value in line. + +Match Example With `ensure => absent`: + + file_line { 'bashrc_proxy': + ensure => absent, + path => '/etc/bashrc', + line => 'export HTTP_PROXY=http://squid.puppetlabs.vm:3128', + match => '^export\ HTTP_PROXY\=', + match_for_absence => true, + } + +In this code example, `match` looks for a line beginning with export +followed by HTTP_PROXY and delete it. If multiple lines match, an +error will be raised unless the `multiple => true` parameter is set. + +**Autorequires:** If Puppet is managing the file that contains the line being managed, the `file_line` resource autorequires that file. + +##### Parameters + +All parameters are optional, unless otherwise noted. + +* `after`: Specifies the line after which Puppet adds any new lines. (Existing lines are added in place.) Valid options: String. Default: Undefined. +* `ensure`: Ensures whether the resource is present. Valid options: 'present', 'absent'. Default: 'present'. +* `line`: **Required.** Sets the line to be added to the file located by the `path` parameter. Valid options: String. Default: Undefined. +* `match`: Specifies a regular expression to run against existing lines in the file; if a match is found, it is replaced rather than adding a new line. A regex comparison is performed against the line value, and if it does not match, an exception is raised. Valid options: String containing a regex. Default: Undefined. +* `match_for_absence`: An optional value to determine if match should be applied when `ensure => absent`. If set to true and match is set, the line that matches match will be deleted. If set to false (the default), match is ignored when `ensure => absent` and the value of `line` is used instead. Default: false. +* `multiple`: Determines if `match` and/or `after` can change multiple lines. If set to false, an exception will be raised if more than one line matches. Valid options: 'true', 'false'. Default: Undefined. +* `name`: Sets the name to use as the identity of the resource. This is necessary if you want the resource namevar to differ from the supplied `title` of the resource. Valid options: String. Default: Undefined. +* `path`: **Required.** Defines the file in which Puppet will ensure the line specified by `line`. Must be an absolute path to the file. +* `replace`: Defines whether the resource will overwrite an existing line that matches the `match` parameter. If set to false and a line is found matching the `match` param, the line will not be placed in the file. Valid options: true, false, yes, no. Default: true + +### Functions + +#### `abs` + +Returns the absolute value of a number; for example, '-34.56' becomes '34.56'. Takes a single integer and float value as an argument. *Type*: rvalue. + +#### `any2array` + +Converts any object to an array containing that object. Empty argument lists are converted to an empty array. Arrays are left untouched. Hashes are converted to arrays of alternating keys and values. *Type*: rvalue. + +#### `base64` + +Converts a string to and from base64 encoding. Requires an action ('encode', 'decode') and either a plain or base64-encoded string. *Type*: rvalue. + +#### `basename` + +Returns the `basename` of a path (optionally stripping an extension). For example: + * ('/path/to/a/file.ext') returns 'file.ext' + * ('relative/path/file.ext') returns 'file.ext' + * ('/path/to/a/file.ext', '.ext') returns 'file' + +*Type*: rvalue. + +#### `bool2num` + +Converts a boolean to a number. Converts values: + * 'false', 'f', '0', 'n', and 'no' to 0. + * 'true', 't', '1', 'y', and 'yes' to 1. + Requires a single boolean or string as an input. *Type*: rvalue. + +#### `bool2str` + +Converts a boolean to a string using optionally supplied arguments. The optional second and third arguments represent what true and false are converted to respectively. If only one argument is given, it is converted from a boolean to a string containing 'true' or 'false'. + +*Examples:* +~~~ +bool2str(true) => 'true' +bool2str(true, 'yes', 'no') => 'yes' +bool2str(false, 't', 'f') => 'f' +~~~ + +Requires a single boolean as input. *Type*: rvalue. + +#### `capitalize` + +Capitalizes the first character of a string or array of strings and lowercases the remaining characters of each string. Requires either a single string or an array as an input. *Type*: rvalue. + +#### `ceiling` + +Returns the smallest integer greater than or equal to the argument. Takes a single numeric value as an argument. *Type*: rvalue. + +#### `chomp` + +Removes the record separator from the end of a string or an array of strings; for example, 'hello\n' becomes 'hello'. Requires a single string or array as an input. *Type*: rvalue. + +#### `chop` + +Returns a new string with the last character removed. If the string ends with '\r\n', both characters are removed. Applying `chop` to an empty string returns an empty string. If you want to merely remove record separators, then you should use the `chomp` function. Requires a string or an array of strings as input. *Type*: rvalue. + +#### `concat` + +Appends the contents of multiple arrays onto the first array given. For example: + * `concat(['1','2','3'],'4')` returns ['1','2','3','4']. + * `concat(['1','2','3'],'4',['5','6','7'])` returns ['1','2','3','4','5','6','7']. + *Type*: rvalue. + +#### `convert_base` + +Converts a given integer or base 10 string representing an integer to a specified base, as a string. For example: + * `convert_base(5, 2)` results in: '101' + * `convert_base('254', '16')` results in: 'fe' + +#### `count` + +If called with only an array, it counts the number of elements that are **not** nil/undef. If called with a second argument, counts the number of elements in an array that matches the second argument. *Type*: rvalue. + +#### `defined_with_params` + +Takes a resource reference and an optional hash of attributes. Returns 'true' if a resource with the specified attributes has already been added to the catalog. Returns 'false' otherwise. + + ~~~ + user { 'dan': + ensure => present, + } + + if ! defined_with_params(User[dan], {'ensure' => 'present' }) { + user { 'dan': ensure => present, } + } + ~~~ + +*Type*: rvalue. + +#### `delete` + +Deletes all instances of a given element from an array, substring from a string, or key from a hash. For example, `delete(['a','b','c','b'], 'b')` returns ['a','c']; `delete('abracadabra', 'bra')` returns 'acada'. `delete({'a' => 1,'b' => 2,'c' => 3},['b','c'])` returns {'a'=> 1}. *Type*: rvalue. + +#### `delete_at` + +Deletes a determined indexed value from an array. For example, `delete_at(['a','b','c'], 1)` returns ['a','c']. *Type*: rvalue. + +#### `delete_values` + +Deletes all instances of a given value from a hash. For example, `delete_values({'a'=>'A','b'=>'B','c'=>'C','B'=>'D'}, 'B')` returns {'a'=>'A','c'=>'C','B'=>'D'} *Type*: rvalue. + +#### `delete_undef_values` + +Deletes all instances of the undef value from an array or hash. For example, `$hash = delete_undef_values({a=>'A', b=>'', c=>undef, d => false})` returns {a => 'A', b => '', d => false}. *Type*: rvalue. + +#### `difference` + +Returns the difference between two arrays. The returned array is a copy of the original array, removing any items that also appear in the second array. For example, `difference(["a","b","c"],["b","c","d"])` returns ["a"]. *Type*: rvalue. + +#### `dirname` + +Returns the `dirname` of a path. For example, `dirname('/path/to/a/file.ext')` returns '/path/to/a'. *Type*: rvalue. + +#### `dos2unix` + +Returns the Unix version of the given string. Very useful when using a File resource with a cross-platform template. *Type*: rvalue. + +~~~ +file{$config_file: + ensure => file, + content => dos2unix(template('my_module/settings.conf.erb')), +} +~~~ + +See also [unix2dos](#unix2dos). + +#### `downcase` + +Converts the case of a string or of all strings in an array to lowercase. *Type*: rvalue. + +#### `empty` + +Returns true if the argument is an array or hash that contains no elements, or an empty string. Returns false when the argument is a numerical value. *Type*: rvalue. + +#### `ensure_packages` + +Takes a list of packages and only installs them if they don't already exist. It optionally takes a hash as a second parameter to be passed as the third argument to the `ensure_resource()` function. *Type*: statement. + +#### `ensure_resource` + +Takes a resource type, title, and a hash of attributes that describe the resource(s). + +~~~ +user { 'dan': + ensure => present, +} +~~~ + +This example only creates the resource if it does not already exist: + + `ensure_resource('user', 'dan', {'ensure' => 'present' })` + +If the resource already exists, but does not match the specified parameters, this function attempts to recreate the resource, leading to a duplicate resource definition error. + +An array of resources can also be passed in, and each will be created with the type and parameters specified if it doesn't already exist. + + `ensure_resource('user', ['dan','alex'], {'ensure' => 'present'})` + +*Type*: statement. + +#### `flatten` + +Flattens deeply nested arrays and returns a single flat array as a result. For example, `flatten(['a', ['b', ['c']]])` returns ['a','b','c']. *Type*: rvalue. + +#### `floor` + +Takes a single numeric value as an argument, and returns the largest integer less than or equal to the argument. *Type*: rvalue. + +#### `fqdn_rand_string` + +Generates a random alphanumeric string using an optionally-specified character set (default is alphanumeric), combining the `$fqdn` fact and an optional seed for repeatable randomness. + +*Usage:* +~~~ +fqdn_rand_string(LENGTH, [CHARSET], [SEED]) +~~~ +*Examples:* +~~~ +fqdn_rand_string(10) +fqdn_rand_string(10, 'ABCDEF!@#$%^') +fqdn_rand_string(10, '', 'custom seed') +~~~ + +*Type*: rvalue. + +#### `fqdn_rotate` + +Rotates an array or string a random number of times, combining the `$fqdn` fact and an optional seed for repeatable randomness. + +*Usage:* + +~~~ +fqdn_rotate(VALUE, [SEED]) +~~~ + +*Examples:* + +~~~ +fqdn_rotate(['a', 'b', 'c', 'd']) +fqdn_rotate('abcd') +fqdn_rotate([1, 2, 3], 'custom seed') +~~~ + +*Type*: rvalue. + +#### `get_module_path` + +Returns the absolute path of the specified module for the current environment. + + `$module_path = get_module_path('stdlib')` + +*Type*: rvalue. + +#### `getparam` + +Takes a resource reference and the name of the parameter, and returns the value of the resource's parameter. + +For example, the following returns 'param_value': + + ~~~ + define example_resource($param) { + } + + example_resource { "example_resource_instance": + param => "param_value" + } + + getparam(Example_resource["example_resource_instance"], "param") + ~~~ + +*Type*: rvalue. + +#### `getvar` + +Looks up a variable in a remote namespace. + +For example: + + ~~~ + $foo = getvar('site::data::foo') + # Equivalent to $foo = $site::data::foo + ~~~ + +This is useful if the namespace itself is stored in a string: + + ~~~ + $datalocation = 'site::data' + $bar = getvar("${datalocation}::bar") + # Equivalent to $bar = $site::data::bar + ~~~ + +*Type*: rvalue. + +#### `grep` + +Searches through an array and returns any elements that match the provided regular expression. For example, `grep(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['aaa','aaaddd']. *Type*: rvalue. + +#### `has_interface_with` + +Returns a boolean based on kind and value: + * macaddress + * netmask + * ipaddress + * network + +*Examples:* + + ~~~ + has_interface_with("macaddress", "x:x:x:x:x:x") + has_interface_with("ipaddress", "127.0.0.1") => true + ~~~ + +If no kind is given, then the presence of the interface is checked: + + ~~~ + has_interface_with("lo") => true + ~~~ + +*Type*: rvalue. + +#### `has_ip_address` + +Returns 'true' if the client has the requested IP address on some interface. This function iterates through the `interfaces` fact and checks the `ipaddress_IFACE` facts, performing a simple string comparison. *Type*: rvalue. + +#### `has_ip_network` + +Returns 'true' if the client has an IP address within the requested network. This function iterates through the `interfaces` fact and checks the `network_IFACE` facts, performing a simple string comparision. *Type*: rvalue. + +#### `has_key` + +Determines if a hash has a certain key value. + +*Example*: + + ~~~ + $my_hash = {'key_one' => 'value_one'} + if has_key($my_hash, 'key_two') { + notice('we will not reach here') + } + if has_key($my_hash, 'key_one') { + notice('this will be printed') + } + ~~~ + +*Type*: rvalue. + +#### `hash` + +Converts an array into a hash. For example, `hash(['a',1,'b',2,'c',3])` returns {'a'=>1,'b'=>2,'c'=>3}. *Type*: rvalue. + +#### `intersection` + +Returns an array an intersection of two. For example, `intersection(["a","b","c"],["b","c","d"])` returns ["b","c"]. *Type*: rvalue. + +#### `is_a` + +Boolean check to determine whether a variable is of a given data type. This is equivalent to the `=~` type checks. This function is available only in Puppet 4 or in Puppet 3 with the "future" parser. + + ~~~ + foo = 3 + $bar = [1,2,3] + $baz = 'A string!' + + if $foo.is_a(Integer) { + notify { 'foo!': } + } + if $bar.is_a(Array) { + notify { 'bar!': } + } + if $baz.is_a(String) { + notify { 'baz!': } + } + ~~~ + +See the [the Puppet type system](https://docs.puppetlabs.com/references/latest/type.html#about-resource-types) for more information about types. +See the [`assert_type()`](https://docs.puppetlabs.com/references/latest/function.html#asserttype) function for flexible ways to assert the type of a value. + +#### `is_absolute_path` + +Returns 'true' if the given path is absolute. *Type*: rvalue. + +#### `is_array` + +Returns 'true' if the variable passed to this function is an array. *Type*: rvalue. + +#### `is_bool` + +Returns 'true' if the variable passed to this function is a boolean. *Type*: rvalue. + +#### `is_domain_name` + +Returns 'true' if the string passed to this function is a syntactically correct domain name. *Type*: rvalue. + +#### `is_float` + +Returns 'true' if the variable passed to this function is a float. *Type*: rvalue. + +#### `is_function_available` + +Accepts a string as an argument and determines whether the Puppet runtime has access to a function by that name. It returns 'true' if the function exists, 'false' if not. *Type*: rvalue. + +#### `is_hash` + +Returns 'true' if the variable passed to this function is a hash. *Type*: rvalue. + +#### `is_integer` + +Returns 'true' if the variable returned to this string is an integer. *Type*: rvalue. + +#### `is_ip_address` + +Returns 'true' if the string passed to this function is a valid IP address. *Type*: rvalue. + +#### `is_mac_address` + +Returns 'true' if the string passed to this function is a valid MAC address. *Type*: rvalue. + +#### `is_numeric` + +Returns 'true' if the variable passed to this function is a number. *Type*: rvalue. + +#### `is_string` + +Returns 'true' if the variable passed to this function is a string. *Type*: rvalue. + +#### `join` + +Joins an array into a string using a separator. For example, `join(['a','b','c'], ",")` results in: "a,b,c". *Type*: rvalue. + +#### `join_keys_to_values` + +Joins each key of a hash to that key's corresponding value with a separator. Keys and values are cast to strings. The return value is an array in which each element is one joined key/value pair. For example, `join_keys_to_values({'a'=>1,'b'=>2}, " is ")` results in ["a is 1","b is 2"]. *Type*: rvalue. + +#### `keys` + +Returns the keys of a hash as an array. *Type*: rvalue. + +#### `loadyaml` + +Loads a YAML file containing an array, string, or hash, and returns the data in the corresponding native data type. For example: + + ~~~ + $myhash = loadyaml('/etc/puppet/data/myhash.yaml') + ~~~ + +*Type*: rvalue. + +#### `load_module_metadata` + +Loads the metadata.json of a target module. Can be used to determine module version and authorship for dynamic support of modules. + + ~~~ + $metadata = load_module_metadata('archive') + notify { $metadata['author']: } + ~~~ + +If you do not want to fail the catalog compilation when a module's metadata file is absent: + + ~~~ + $metadata = load_module_metadata('mysql', true) + if empty($metadata) { + notify { "This module does not have a metadata.json file.": } + } + ~~~ + +*Type*: rvalue. + +#### `lstrip` + +Strips spaces to the left of a string. *Type*: rvalue. + +#### `max` + +Returns the highest value of all arguments. Requires at least one argument. *Type*: rvalue. + +#### `member` + +This function determines if a variable is a member of an array. The variable can be either a string, array, or fixnum. For example, `member(['a','b'], 'b')` and `member(['a','b','c'], ['b','c'])` return 'true', while `member(['a','b'], 'c')` and `member(['a','b','c'], ['c','d'])` return 'false'. *Note*: This function does not support nested arrays. If the first argument contains nested arrays, it will not recurse through them. + +*Type*: rvalue. + +#### `merge` + +Merges two or more hashes together and returns the resulting hash. + +*Example*: + + ~~~ + $hash1 = {'one' => 1, 'two' => 2} + $hash2 = {'two' => 'dos', 'three' => 'tres'} + $merged_hash = merge($hash1, $hash2) + # The resulting hash is equivalent to: + # $merged_hash = {'one' => 1, 'two' => 'dos', 'three' => 'tres'} + ~~~ + +When there is a duplicate key, the key in the rightmost hash "wins." *Type*: rvalue. + +#### `min` + +Returns the lowest value of all arguments. Requires at least one argument. *Type*: rvalue. + +#### `num2bool` + +Converts a number or a string representation of a number into a true boolean. Zero or anything non-numeric becomes 'false'. Numbers greater than 0 become 'true'. *Type*: rvalue. + +#### `parsejson` + +Converts a string of JSON into the correct Puppet structure. *Type*: rvalue. The optional second argument is returned if the data was not correct. + +#### `parseyaml` + +Converts a string of YAML into the correct Puppet structure. *Type*: rvalue. The optional second argument is returned if the data was not correct. + +#### `pick` + +From a list of values, returns the first value that is not undefined or an empty string. Takes any number of arguments, and raises an error if all values are undefined or empty. + + ~~~ + $real_jenkins_version = pick($::jenkins_version, '1.449') + ~~~ + +*Type*: rvalue. + +#### `pick_default` + +Returns the first value in a list of values. Contrary to the `pick()` function, the `pick_default()` does not fail if all arguments are empty. This allows it to use an empty value as default. *Type*: rvalue. + +#### `prefix` + +Applies a prefix to all elements in an array, or to the keys in a hash. +For example: +* `prefix(['a','b','c'], 'p')` returns ['pa','pb','pc'] +* `prefix({'a'=>'b','b'=>'c','c'=>'d'}, 'p')` returns {'pa'=>'b','pb'=>'c','pc'=>'d'}. + +*Type*: rvalue. + +#### `assert_private` + +Sets the current class or definition as private. Calling the class or definition from outside the current module will fail. + +For example, `assert_private()` called in class `foo::bar` outputs the following message if class is called from outside module `foo`: + + ~~~ + Class foo::bar is private + ~~~ + + To specify the error message you want to use: + + ~~~ + assert_private("You're not supposed to do that!") + ~~~ + +*Type*: statement. + +#### `pw_hash` + +Hashes a password using the crypt function. Provides a hash usable on most POSIX systems. + +The first argument to this function is the password to hash. If it is undef or an empty string, this function returns undef. + +The second argument to this function is which type of hash to use. It will be converted into the appropriate crypt(3) hash specifier. Valid hash types are: + +|Hash type |Specifier| +|---------------------|---------| +|MD5 |1 | +|SHA-256 |5 | +|SHA-512 (recommended)|6 | + +The third argument to this function is the salt to use. + +*Type*: rvalue. + +**Note:** this uses the Puppet master's implementation of crypt(3). If your environment contains several different operating systems, ensure that they are compatible before using this function. + +#### `range` + +Extrapolates a range as an array when given in the form of '(start, stop)'. For example, `range("0", "9")` returns [0,1,2,3,4,5,6,7,8,9]. Zero-padded strings are converted to integers automatically, so `range("00", "09")` returns [0,1,2,3,4,5,6,7,8,9]. + +Non-integer strings are accepted; `range("a", "c")` returns ["a","b","c"], and `range("host01", "host10")` returns ["host01", "host02", ..., "host09", "host10"]. + +Passing a third argument will cause the generated range to step by that interval, e.g. `range("0", "9", "2")` returns ["0","2","4","6","8"]. + +*Type*: rvalue. + +#### `reject` + +Searches through an array and rejects all elements that match the provided regular expression. For example, `reject(['aaa','bbb','ccc','aaaddd'], 'aaa')` returns ['bbb','ccc']. *Type*: rvalue. + +#### `reverse` + +Reverses the order of a string or array. *Type*: rvalue. + +#### `rstrip` + +Strips spaces to the right of the string. *Type*: rvalue. + +#### `seeded_rand` + +Takes an integer max value and a string seed value and returns a repeatable random integer smaller than max. Like `fqdn_rand`, but does not add node specific data to the seed. *Type*: rvalue. + +#### `shuffle` + +Randomizes the order of a string or array elements. *Type*: rvalue. + +#### `size` + +Returns the number of elements in a string, an array or a hash. *Type*: rvalue. + +#### `sort` + +Sorts strings and arrays lexically. *Type*: rvalue. + +#### `squeeze` + +Returns a new string where runs of the same character that occur in this set are replaced by a single character. *Type*: rvalue. + +#### `str2bool` + +Converts certain strings to a boolean. This attempts to convert strings that contain the values '1', 't', 'y', or 'yes' to true. Strings that contain values '0', 'f', 'n', or 'no', or that are an empty string or undefined are converted to false. Any other value causes an error. *Type*: rvalue. + +#### `str2saltedsha512` + +Converts a string to a salted-SHA512 password hash, used for OS X versions >= 10.7. Given any string, this function returns a hex version of a salted-SHA512 password hash, which can be inserted into your Puppet +manifests as a valid password attribute. *Type*: rvalue. + +#### `strftime` + +Returns formatted time. For example, `strftime("%s")` returns the time since Unix epoch, and `strftime("%Y-%m-%d")` returns the date. *Type*: rvalue. + + *Format:* + + * `%a`: The abbreviated weekday name ('Sun') + * `%A`: The full weekday name ('Sunday') + * `%b`: The abbreviated month name ('Jan') + * `%B`: The full month name ('January') + * `%c`: The preferred local date and time representation + * `%C`: Century (20 in 2009) + * `%d`: Day of the month (01..31) + * `%D`: Date (%m/%d/%y) + * `%e`: Day of the month, blank-padded ( 1..31) + * `%F`: Equivalent to %Y-%m-%d (the ISO 8601 date format) + * `%h`: Equivalent to %b + * `%H`: Hour of the day, 24-hour clock (00..23) + * `%I`: Hour of the day, 12-hour clock (01..12) + * `%j`: Day of the year (001..366) + * `%k`: Hour, 24-hour clock, blank-padded ( 0..23) + * `%l`: Hour, 12-hour clock, blank-padded ( 0..12) + * `%L`: Millisecond of the second (000..999) + * `%m`: Month of the year (01..12) + * `%M`: Minute of the hour (00..59) + * `%n`: Newline (\n) + * `%N`: Fractional seconds digits, default is 9 digits (nanosecond) + * `%3N`: Millisecond (3 digits) + * `%6N`: Microsecond (6 digits) + * `%9N`: Nanosecond (9 digits) + * `%p`: Meridian indicator ('AM' or 'PM') + * `%P`: Meridian indicator ('am' or 'pm') + * `%r`: Time, 12-hour (same as %I:%M:%S %p) + * `%R`: Time, 24-hour (%H:%M) + * `%s`: Number of seconds since the Unix epoch, 1970-01-01 00:00:00 UTC. + * `%S`: Second of the minute (00..60) + * `%t`: Tab character ( ) + * `%T`: Time, 24-hour (%H:%M:%S) + * `%u`: Day of the week as a decimal, Monday being 1. (1..7) + * `%U`: Week number of the current year, starting with the first Sunday as the first day of the first week (00..53) + * `%v`: VMS date (%e-%b-%Y) + * `%V`: Week number of year according to ISO 8601 (01..53) + * `%W`: Week number of the current year, starting with the first Monday as the first day of the first week (00..53) + * `%w`: Day of the week (Sunday is 0, 0..6) + * `%x`: Preferred representation for the date alone, no time + * `%X`: Preferred representation for the time alone, no date + * `%y`: Year without a century (00..99) + * `%Y`: Year with century + * `%z`: Time zone as hour offset from UTC (e.g. +0900) + * `%Z`: Time zone name + * `%%`: Literal '%' character + +#### `strip` + +Removes leading and trailing whitespace from a string or from every string inside an array. For example, `strip(" aaa ")` results in "aaa". *Type*: rvalue. + +#### `suffix` + +Applies a suffix to all elements in an array. For example, `suffix(['a','b','c'], 'p')` returns ['ap','bp','cp']. *Type*: rvalue. + +#### `swapcase` + +Swaps the existing case of a string. For example, `swapcase("aBcD")` results in "AbCd". *Type*: rvalue. + +#### `time` + +Returns the current Unix epoch time as an integer. For example, `time()` returns something like '1311972653'. *Type*: rvalue. + +#### `to_bytes` + +Converts the argument into bytes, for example "4 kB" becomes "4096". Takes a single string value as an argument. *Type*: rvalue. + +#### `try_get_value` + +*Type*: rvalue. + +Retrieves a value within multiple layers of hashes and arrays via a string containing a path. The path is a string of hash keys or array indexes starting with zero, separated by the path separator character (default "/"). The function goes through the structure by each path component and tries to return the value at the end of the path. + +In addition to the required path argument, the function accepts the default argument. It is returned if the path is not correct, if no value was found, or if any other error has occurred. The last argument can set the path separator character. + +~~~ruby +$data = { + 'a' => { + 'b' => [ + 'b1', + 'b2', + 'b3', + ] + } +} + +$value = try_get_value($data, 'a/b/2') +# $value = 'b3' + +# with all possible options +$value = try_get_value($data, 'a/b/2', 'not_found', '/') +# $value = 'b3' + +# using the default value +$value = try_get_value($data, 'a/b/c/d', 'not_found') +# $value = 'not_found' + +# using custom separator +$value = try_get_value($data, 'a|b', [], '|') +# $value = ['b1','b2','b3'] +~~~ + +1. **$data** The data structure we are working with. +2. **'a/b/2'** The path string. +3. **'not_found'** The default value. It will be returned if nothing is found. + (optional, defaults to *undef*) +4. **'/'** The path separator character. + (optional, defaults to *'/'*) + +#### `type3x` + +Returns a string description of the type when passed a value. Type can be a string, array, hash, float, integer, or boolean. This function will be removed when Puppet 3 support is dropped and the new type system can be used. *Type*: rvalue. + +#### `type_of` + +Returns the literal type when passed a value. Requires the new parser. Useful for comparison of types with `<=` such as in `if type_of($some_value) <= Array[String] { ... }` (which is equivalent to `if $some_value =~ Array[String] { ... }`) *Type*: rvalue. + +#### `union` + +Returns a union of two or more arrays, without duplicates. For example, `union(["a","b","c"],["b","c","d"])` returns ["a","b","c","d"]. *Type*: rvalue. + +#### `unique` + +Removes duplicates from strings and arrays. For example, `unique("aabbcc")` returns 'abc', and `unique(["a","a","b","b","c","c"])` returns ["a","b","c"]. *Type*: rvalue. + +#### `unix2dos` + +Returns the DOS version of the given string. Very useful when using a File resource with a cross-platform template. *Type*: rvalue. + +~~~ +file{$config_file: + ensure => file, + content => unix2dos(template('my_module/settings.conf.erb')), +} +~~~ + +See also [dos2unix](#dos2unix). + +#### `upcase` + +Converts an object, array or hash of objects that respond to upcase to uppercase. For example, `upcase('abcd')` returns 'ABCD'. *Type*: rvalue. + +#### `uriescape` + +URLEncodes a string or array of strings. Requires either a single string or an array as an input. *Type*: rvalue. + +#### `validate_absolute_path` + +Validates that a given string represents an absolute path in the filesystem. Works for Windows and Unix style paths. + +The following values pass: + +~~~ +$my_path = 'C:/Program Files (x86)/Puppet Labs/Puppet' +validate_absolute_path($my_path) +$my_path2 = '/var/lib/puppet' +validate_absolute_path($my_path2) +$my_path3 = ['C:/Program Files (x86)/Puppet Labs/Puppet','C:/Program Files/Puppet Labs/Puppet'] +validate_absolute_path($my_path3) +$my_path4 = ['/var/lib/puppet','/usr/share/puppet'] +validate_absolute_path($my_path4) +~~~ + +The following values fail, causing compilation to abort: + +~~~ +validate_absolute_path(true) +validate_absolute_path('../var/lib/puppet') +validate_absolute_path('var/lib/puppet') +validate_absolute_path([ 'var/lib/puppet', '/var/foo' ]) +validate_absolute_path([ '/var/lib/puppet', 'var/foo' ]) +$undefined = undef +validate_absolute_path($undefined) +~~~ + +*Type*: statement. + +#### `validate_array` + +Validates that all passed values are array data structures. Aborts catalog compilation if any value fails this check. + +The following values pass: + +~~~ +$my_array = [ 'one', 'two' ] +validate_array($my_array) +~~~ + +The following values fail, causing compilation to abort: + +~~~ +validate_array(true) +validate_array('some_string') +$undefined = undef +validate_array($undefined) +~~~ + +*Type*: statement. + +#### `validate_augeas` + +Performs validation of a string using an Augeas lens. The first argument of this function should be the string to test, and the second argument should be the name of the Augeas lens to use. If Augeas fails to parse the string with the lens, the compilation aborts with a parse error. + +A third optional argument lists paths which should **not** be found in the file. The `$file` variable points to the location of the temporary file being tested in the Augeas tree. + +For example, to make sure your $passwdcontent never contains user `foo`: + +~~~ +validate_augeas($passwdcontent, 'Passwd.lns', ['$file/foo']) +~~~ + +To ensure that no users use the '/bin/barsh' shell: + +~~~ +validate_augeas($passwdcontent, 'Passwd.lns', ['$file/*[shell="/bin/barsh"]'] +~~~ + +You can pass a fourth argument as the error message raised and shown to the user: + +~~~ +validate_augeas($sudoerscontent, 'Sudoers.lns', [], 'Failed to validate sudoers content with Augeas') +~~~ + +*Type*: statement. + +#### `validate_bool` + +Validates that all passed values are either true or false. Aborts catalog compilation if any value fails this check. + +The following values will pass: + +~~~ +$iamtrue = true +validate_bool(true) +validate_bool(true, true, false, $iamtrue) +~~~ + +The following values will fail, causing compilation to abort: + +~~~ +$some_array = [ true ] +validate_bool("false") +validate_bool("true") +validate_bool($some_array) +~~~ + +*Type*: statement. + +#### `validate_cmd` + +Performs validation of a string with an external command. The first argument of this function should be a string to test, and the second argument should be a path to a test command taking a % as a placeholder for the file path (will default to the end of the command if no % placeholder given). If the command is launched against a tempfile containing the passed string, or returns a non-null value, compilation will abort with a parse error. + +If a third argument is specified, this will be the error message raised and seen by the user. + +~~~ +# Defaults to end of path +validate_cmd($sudoerscontent, '/usr/sbin/visudo -c -f', 'Visudo failed to validate sudoers content') +~~~ +~~~ +# % as file location +validate_cmd($haproxycontent, '/usr/sbin/haproxy -f % -c', 'Haproxy failed to validate config content') +~~~ + +*Type*: statement. + +#### `validate_hash` + +Validates that all passed values are hash data structures. Aborts catalog compilation if any value fails this check. + + The following values will pass: + + ~~~ + $my_hash = { 'one' => 'two' } + validate_hash($my_hash) + ~~~ + + The following values will fail, causing compilation to abort: + + ~~~ + validate_hash(true) + validate_hash('some_string') + $undefined = undef + validate_hash($undefined) + ~~~ + +*Type*: statement. + +#### `validate_integer` + +Validates that the first argument is an integer (or an array of integers). Aborts catalog compilation if any of the checks fail. + + The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. + + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check + if (all elements of) the first argument are greater or equal to the given minimum. + + It will fail if the first argument is not an integer or array of integers, and if arg 2 and arg 3 are not convertable to an integer. + + The following values will pass: + + ~~~ + validate_integer(1) + validate_integer(1, 2) + validate_integer(1, 1) + validate_integer(1, 2, 0) + validate_integer(2, 2, 2) + validate_integer(2, '', 0) + validate_integer(2, undef, 0) + $foo = undef + validate_integer(2, $foo, 0) + validate_integer([1,2,3,4,5], 6) + validate_integer([1,2,3,4,5], 6, 0) + ~~~ + + * Plus all of the above, but any combination of values passed as strings ('1' or "1"). + * Plus all of the above, but with (correct) combinations of negative integer values. + + The following values will fail, causing compilation to abort: + + ~~~ + validate_integer(true) + validate_integer(false) + validate_integer(7.0) + validate_integer({ 1 => 2 }) + $foo = undef + validate_integer($foo) + validate_integer($foobaridontexist) + + validate_integer(1, 0) + validate_integer(1, true) + validate_integer(1, '') + validate_integer(1, undef) + validate_integer(1, , 0) + validate_integer(1, 2, 3) + validate_integer(1, 3, 2) + validate_integer(1, 3, true) + ~~~ + + * Plus all of the above, but any combination of values passed as strings ('false' or "false"). + * Plus all of the above, but with incorrect combinations of negative integer values. + * Plus all of the above, but with non-integer items in arrays or maximum / minimum argument. + + *Type*: statement. + +#### `validate_ip_address` + +Validates that the argument is an IP address, regardless of it is an IPv4 or an IPv6 +address. It also validates IP address with netmask. The argument must be given as a string. + +The following values will pass: + + ~~~ + validate_ip_address('0.0.0.0') + validate_ip_address('8.8.8.8') + validate_ip_address('127.0.0.1') + validate_ip_address('194.232.104.150') + validate_ip_address('3ffe:0505:0002::') + validate_ip_address('::1/64') + validate_ip_address('fe80::a00:27ff:fe94:44d6/64') + validate_ip_address('8.8.8.8/32') + ~~~ + +The following values will fail, causing compilation to abort: + + ~~~ + validate_ip_address(1) + validate_ip_address(true) + validate_ip_address(0.0.0.256) + validate_ip_address('::1', {}) + validate_ip_address('0.0.0.0.0') + validate_ip_address('3.3.3') + validate_ip_address('23.43.9.22/64') + validate_ip_address('260.2.32.43') + ~~~ + + +#### `validate_numeric` + +Validates that the first argument is a numeric value (or an array of numeric values). Aborts catalog compilation if any of the checks fail. + + The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. + + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check + if (all elements of) the first argument are greater or equal to the given minimum. + + It will fail if the first argument is not a numeric (Integer or Float) or array of numerics, and if arg 2 and arg 3 are not convertable to a numeric. + + For passing and failing usage, see `validate_integer()`. It is all the same for validate_numeric, yet now floating point values are allowed, too. + +*Type*: statement. + +#### `validate_re` + +Performs simple validation of a string against one or more regular expressions. The first argument of this function should be the string to +test, and the second argument should be a stringified regular expression (without the // delimiters) or an array of regular expressions. If none of the regular expressions match the string passed in, compilation aborts with a parse error. + + You can pass a third argument as the error message raised and shown to the user. + + The following strings validate against the regular expressions: + + ~~~ + validate_re('one', '^one$') + validate_re('one', [ '^one', '^two' ]) + ~~~ + + The following string fails to validate, causing compilation to abort: + + ~~~ + validate_re('one', [ '^two', '^three' ]) + ~~~ + + To set the error message: + + ~~~ + validate_re($::puppetversion, '^2.7', 'The $puppetversion fact value does not match 2.7') + ~~~ + + Note: Compilation terminates if the first argument is not a string. Always use quotes to force stringification: + + ~~~ + validate_re("${::operatingsystemmajrelease}", '^[57]$') + ~~~ + +*Type*: statement. + +#### `validate_slength` + +Validates that the first argument is a string (or an array of strings), and is less than or equal to the length of the second argument. It fails if the first argument is not a string or array of strings, or if the second argument is not convertable to a number. Optionally, a minimum string length can be given as the third argument. + + The following values pass: + + ~~~ + validate_slength("discombobulate",17) + validate_slength(["discombobulate","moo"],17) + validate_slength(["discombobulate","moo"],17,3) + ~~~ + + The following values fail: + + ~~~ + validate_slength("discombobulate",1) + validate_slength(["discombobulate","thermometer"],5) + validate_slength(["discombobulate","moo"],17,10) + ~~~ + +*Type*: statement. + +#### `validate_string` + +Validates that all passed values are string data structures. Aborts catalog compilation if any value fails this check. + +The following values pass: + + ~~~ + $my_string = "one two" + validate_string($my_string, 'three') + ~~~ + + The following values fail, causing compilation to abort: + + ~~~ + validate_string(true) + validate_string([ 'some', 'array' ]) + ~~~ + +*Note:* validate_string(undef) will not fail in this version of the functions API (incl. current and future parser). + +Instead, use: + + ~~~ + if $var == undef { + fail('...') + } + ~~~ + +*Type*: statement. + +#### `values` + +Returns the values of a given hash. For example, given `$hash = {'a'=1, 'b'=2, 'c'=3} values($hash)` returns [1,2,3]. + +*Type*: rvalue. + +#### `values_at` + +Finds values inside an array based on location. The first argument is the array you want to analyze, and the second argument can be a combination of: + + * A single numeric index + * A range in the form of 'start-stop' (eg. 4-9) + * An array combining the above + + For example, `values_at(['a','b','c'], 2)` returns ['c']; `values_at(['a','b','c'], ["0-1"])` returns ['a','b']; and `values_at(['a','b','c','d','e'], [0, "2-3"])` returns ['a','c','d']. + +*Type*: rvalue. + +#### `zip` + +Takes one element from first array given and merges corresponding elements from second array given. This generates a sequence of n-element arrays, where *n* is one more than the count of arguments. For example, `zip(['1','2','3'],['4','5','6'])` results in ["1", "4"], ["2", "5"], ["3", "6"]. *Type*: rvalue. + +## Limitations + +As of Puppet Enterprise 3.7, the stdlib module is no longer included in PE. PE users should install the most recent release of stdlib for compatibility with Puppet modules. + +###Version Compatibility + +Versions | Puppet 2.6 | Puppet 2.7 | Puppet 3.x | Puppet 4.x | +:---------------|:-----:|:---:|:---:|:----: +**stdlib 2.x** | **yes** | **yes** | no | no +**stdlib 3.x** | no | **yes** | **yes** | no +**stdlib 4.x** | no | **yes** | **yes** | no +**stdlib 4.6+** | no | **yes** | **yes** | **yes** +**stdlib 5.x** | no | no | **yes** | **yes** + +**stdlib 5.x**: When released, stdlib 5.x will drop support for Puppet 2.7.x. Please see [this discussion](https://github.com/puppetlabs/puppetlabs-stdlib/pull/176#issuecomment-30251414). + +## Development + +Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). + +To report or research a bug with any part of this module, please go to +[http://tickets.puppetlabs.com/browse/PUP](http://tickets.puppetlabs.com/browse/PUP). + +## Contributors + +The list of contributors can be found at: [https://github.com/puppetlabs/puppetlabs-stdlib/graphs/contributors](https://github.com/puppetlabs/puppetlabs-stdlib/graphs/contributors). diff --git a/modules/dependencies/stdlib/README_DEVELOPER.markdown b/modules/dependencies/stdlib/README_DEVELOPER.markdown new file mode 100644 index 000000000..04349ed79 --- /dev/null +++ b/modules/dependencies/stdlib/README_DEVELOPER.markdown @@ -0,0 +1,35 @@ +Puppet Specific Facts +===================== + +Facter is meant to stand alone and apart from Puppet. However, Facter often +runs inside Puppet and all custom facts included in the stdlib module will +almost always be evaluated in the context of Puppet and Facter working +together. + +Still, we don't want to write custom facts that blow up in the users face if +Puppet is not loaded in memory. This is often the case if the user runs +`facter` without also supplying the `--puppet` flag. + +Ah! But Jeff, the custom fact won't be in the `$LOAD_PATH` unless the user +supplies `--facter`! You might say... + +Not (always) true I say! If the user happens to have a CWD of +`/stdlib/lib` then the facts will automatically be evaluated and +blow up. + +In any event, it's pretty easy to write a fact that has no value if Puppet is +not loaded. Simply do it like this: + + Facter.add(:node_vardir) do + setcode do + # This will be nil if Puppet is not available. + Facter::Util::PuppetSettings.with_puppet do + Puppet[:vardir] + end + end + end + +The `Facter::Util::PuppetSettings.with_puppet` method accepts a block and +yields to it only if the Puppet library is loaded. If the Puppet library is +not loaded, then the method silently returns `nil` which Facter interprets as +an undefined fact value. The net effect is that the fact won't be set. diff --git a/modules/dependencies/stdlib/README_SPECS.markdown b/modules/dependencies/stdlib/README_SPECS.markdown new file mode 100644 index 000000000..917b6310d --- /dev/null +++ b/modules/dependencies/stdlib/README_SPECS.markdown @@ -0,0 +1,7 @@ +NOTE +==== + +This project's specs depend on puppet core, and thus they require the +`puppetlabs_spec_helper` project. For more information please see the README +in that project, which can be found here: [puppetlabs spec +helper](https://github.com/puppetlabs/puppetlabs_spec_helper) diff --git a/modules/dependencies/stdlib/RELEASE_PROCESS.markdown b/modules/dependencies/stdlib/RELEASE_PROCESS.markdown new file mode 100644 index 000000000..0f9328ed0 --- /dev/null +++ b/modules/dependencies/stdlib/RELEASE_PROCESS.markdown @@ -0,0 +1,24 @@ +# Contributing to this module # + + * Work in a topic branch + * Submit a github pull request + * Address any comments / feeback + * Merge into master using --no-ff + +# Releasing this module # + + * This module adheres to http://semver.org/ + * Look for API breaking changes using git diff vX.Y.Z..master + * If no API breaking changes, the minor version may be bumped. + * If there are API breaking changes, the major version must be bumped. + * If there are only small minor changes, the patch version may be bumped. + * Update the CHANGELOG + * Update the Modulefile + * Commit these changes with a message along the lines of "Update CHANGELOG and + Modulefile for release" + * Create an annotated tag with git tag -a vX.Y.Z -m 'version X.Y.Z' (NOTE the + leading v as per semver.org) + * Push the tag with git push origin --tags + * Build a new package with puppet-module or the rake build task if it exists + * Publish the new package to the forge + * Bonus points for an announcement to puppet-users. diff --git a/modules/dependencies/stdlib/Rakefile b/modules/dependencies/stdlib/Rakefile new file mode 100644 index 000000000..e136b8e41 --- /dev/null +++ b/modules/dependencies/stdlib/Rakefile @@ -0,0 +1,7 @@ +require 'rubygems' +# keep for compatibility for now +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] + diff --git a/modules/dependencies/stdlib/checksums.json b/modules/dependencies/stdlib/checksums.json new file mode 100644 index 000000000..c5a0ff5cc --- /dev/null +++ b/modules/dependencies/stdlib/checksums.json @@ -0,0 +1,397 @@ +{ + "CHANGELOG.md": "e6c29b7255b7dfc5616775fc117ad386", + "CONTRIBUTING.md": "e2b8e8e433fc76b3798b7fe435f49375", + "Gemfile": "b939796eac78cc16c39f75a2a2a33d3d", + "LICENSE": "38a048b9d82e713d4e1b2573e370a756", + "README.markdown": "170929477abbf63681211212229a5731", + "README_DEVELOPER.markdown": "220a8b28521b5c5d2ea87c4ddb511165", + "README_SPECS.markdown": "82bb4c6abbb711f40778b162ec0070c1", + "RELEASE_PROCESS.markdown": "94b92bc99ac4106ba1a74d5c04e520f9", + "Rakefile": "75050dfcd01aaa7d2ec03c5d80098d9c", + "examples/file_line.pp": "48f7f162127beffea8f8e3e58db2355a", + "examples/has_interface_with.pp": "d69d520cf3ff4d0b495480afaca359ef", + "examples/has_ip_address.pp": "32f42575e49aa66f0f2398a70ae2a9f4", + "examples/has_ip_network.pp": "bfb8db068c58d77c4dd7ae9697536537", + "examples/init.pp": "b52fd907330ddbd9c3e070cf39f7b317", + "lib/facter/facter_dot_d.rb": "878e161fc0c3682fb1a554fe28b8be60", + "lib/facter/package_provider.rb": "1473dd2347de164f583bbf66dcfc956a", + "lib/facter/pe_version.rb": "60d47406026c8201e51394227ddf780d", + "lib/facter/puppet_vardir.rb": "c7ddc97e8a84ded3dd93baa5b9b3283d", + "lib/facter/root_home.rb": "35702ae0c7410ec4d2101113e2f697fa", + "lib/facter/service_provider.rb": "66cc42526eae631e306b397391f1f01c", + "lib/facter/util/puppet_settings.rb": "9f1d2593d0ae56bfca89d4b9266aeee1", + "lib/puppet/functions/is_a.rb": "9dad7f8c9b75348cd97aca986ac0b29a", + "lib/puppet/functions/type_of.rb": "71e19f89e167c45ec691ea6c7d319625", + "lib/puppet/parser/functions/abs.rb": "32161bd0435fdfc2aec2fc559d2b454b", + "lib/puppet/parser/functions/any2array.rb": "a81e71d6b67a551d38770ba9a1948a75", + "lib/puppet/parser/functions/assert_private.rb": "1365284f9e474ecec24cfe43ee8e7cf4", + "lib/puppet/parser/functions/base64.rb": "ae25adf92295df67ebd9edfabc9ecdd6", + "lib/puppet/parser/functions/basename.rb": "c61952b3f68fd86408c84fca2c3febb1", + "lib/puppet/parser/functions/bool2num.rb": "f953f5fc094c2ae3908a72d8840ba291", + "lib/puppet/parser/functions/bool2str.rb": "6334ac6d24a8aa49a2243fb425f47311", + "lib/puppet/parser/functions/camelcase.rb": "71c67b71eac4b7f46a0dd22cb915d2e6", + "lib/puppet/parser/functions/capitalize.rb": "da131748a9d32da9eb0b6438e39377eb", + "lib/puppet/parser/functions/ceiling.rb": "dfa9b1c75ce89344026b3b5aed2d190f", + "lib/puppet/parser/functions/chomp.rb": "2b7dc42f9967edd34cfa0ba9a97229ca", + "lib/puppet/parser/functions/chop.rb": "0ec76f54afd94201f35785dfeb2092b5", + "lib/puppet/parser/functions/concat.rb": "2a12f95e94669129827ee2f2a26349c3", + "lib/puppet/parser/functions/convert_base.rb": "c3b3e59a49318af98dcb88aed7156629", + "lib/puppet/parser/functions/count.rb": "9eb74eccd93e2b3c87fd5ea14e329eba", + "lib/puppet/parser/functions/deep_merge.rb": "d83696855578fb81b64b9e92b9c7cc7c", + "lib/puppet/parser/functions/defined_with_params.rb": "ffab4433d03f32b551f2ea024a2948fc", + "lib/puppet/parser/functions/delete.rb": "cec92c5de6d748c8dc93ca7d25ac1c68", + "lib/puppet/parser/functions/delete_at.rb": "6bc24b79390d463d8be95396c963381a", + "lib/puppet/parser/functions/delete_undef_values.rb": "b32d4a3925753b2eb2c318cbd7f14404", + "lib/puppet/parser/functions/delete_values.rb": "39b147f7d369bb5f809044b6341954a2", + "lib/puppet/parser/functions/difference.rb": "e31b95fbaf974cf853a510177368bfb9", + "lib/puppet/parser/functions/dirname.rb": "8a5579f9a9a13fd737ba65eccf8e6d5a", + "lib/puppet/parser/functions/dos2unix.rb": "be8359a5106a7832be4180e8207dd586", + "lib/puppet/parser/functions/downcase.rb": "73121616d73339cf8dd10e0de61a6c50", + "lib/puppet/parser/functions/empty.rb": "b4ad0c3c00cbc56f745fbc05af1efa00", + "lib/puppet/parser/functions/ensure_packages.rb": "fbed5c0c9bf82b7746e01f15f89d184f", + "lib/puppet/parser/functions/ensure_resource.rb": "de703fe63392b939fc2b4392975263de", + "lib/puppet/parser/functions/flatten.rb": "25777b76f9719162a8bab640e5595b7a", + "lib/puppet/parser/functions/floor.rb": "42cad4c689231a51526c55a6f0985d1f", + "lib/puppet/parser/functions/fqdn_rand_string.rb": "9ac5f18e563094aee62ef7586267025d", + "lib/puppet/parser/functions/fqdn_rotate.rb": "770d510a2e50d19b2dd42b6edef3fb1f", + "lib/puppet/parser/functions/get_module_path.rb": "d4bf50da25c0b98d26b75354fa1bcc45", + "lib/puppet/parser/functions/getparam.rb": "4dd7a0e35f4a3780dcfc9b19b4e0006e", + "lib/puppet/parser/functions/getvar.rb": "344f1ce85dcb7512d37e8702ccbabb66", + "lib/puppet/parser/functions/grep.rb": "5682995af458b05f3b53dd794c4bf896", + "lib/puppet/parser/functions/has_interface_with.rb": "e135f09dbecc038c3aa9ae03127617ef", + "lib/puppet/parser/functions/has_ip_address.rb": "ee207f47906455a5aa49c4fb219dd325", + "lib/puppet/parser/functions/has_ip_network.rb": "b4d726c8b2a0afac81ced8a3a28aa731", + "lib/puppet/parser/functions/has_key.rb": "7cd9728c38f0b0065f832dabd62b0e7e", + "lib/puppet/parser/functions/hash.rb": "9d072527dfc7354b69292e9302906530", + "lib/puppet/parser/functions/intersection.rb": "c8f4f8b861c9c297c87b08bdbfb94caa", + "lib/puppet/parser/functions/is_absolute_path.rb": "94ea1869c438d23f7f659c87ced8080a", + "lib/puppet/parser/functions/is_array.rb": "875ca4356cb0d7a10606fb146b4a3d11", + "lib/puppet/parser/functions/is_bool.rb": "e693b7c4b5366cff1380b6e0c7dd7b11", + "lib/puppet/parser/functions/is_domain_name.rb": "6ca1f2708add756a6803b29d593d5830", + "lib/puppet/parser/functions/is_float.rb": "10e0d3ecf75fac15e415aee79acf70dc", + "lib/puppet/parser/functions/is_function_available.rb": "628428bbcd9313ce09783d9484330e09", + "lib/puppet/parser/functions/is_hash.rb": "8c7d9a05084dab0389d1b779c8a05b1a", + "lib/puppet/parser/functions/is_integer.rb": "c665be82686aa4729959bb42c66a7510", + "lib/puppet/parser/functions/is_ip_address.rb": "a714a736c1560e8739aaacd9030cca00", + "lib/puppet/parser/functions/is_mac_address.rb": "6dd3c96437d49e68630869b0b464e7f2", + "lib/puppet/parser/functions/is_numeric.rb": "93ddc9d4c0834a5e5e0562d7b3cdce91", + "lib/puppet/parser/functions/is_string.rb": "2bd9a652bbb2668323eee6c57729ff64", + "lib/puppet/parser/functions/join.rb": "a285a05c015ae278608f6454aef211ea", + "lib/puppet/parser/functions/join_keys_to_values.rb": "f29da49531228f6ca5b3aa0df00a14c2", + "lib/puppet/parser/functions/keys.rb": "eb6ac815ea14fbf423580ed903ef7bad", + "lib/puppet/parser/functions/load_module_metadata.rb": "805c5476a6e7083d133e167129885924", + "lib/puppet/parser/functions/loadyaml.rb": "6da5dc9256c9e7a6549bb15c72cb9f9d", + "lib/puppet/parser/functions/lstrip.rb": "20a9b1fa077c16f34e0ef5448b895698", + "lib/puppet/parser/functions/max.rb": "f652fd0b46ef7d2fbdb42b141f8fdd1d", + "lib/puppet/parser/functions/member.rb": "2b5d7fb8f87f1c7d195933c57ca32e91", + "lib/puppet/parser/functions/merge.rb": "f3dcc5c83440cdda2036cce69b61a14b", + "lib/puppet/parser/functions/min.rb": "0d2a1b7e735ab251c5469e735fa3f4c6", + "lib/puppet/parser/functions/num2bool.rb": "605c12fa518c87ed2c66ae153e0686ce", + "lib/puppet/parser/functions/parsejson.rb": "600f4d747678f55e163025ba87488af2", + "lib/puppet/parser/functions/parseyaml.rb": "1e6a3a38eb2c1b0329ae1ebaaa0f062c", + "lib/puppet/parser/functions/pick.rb": "bf01f13bbfe2318e7f6a302ac7c4433f", + "lib/puppet/parser/functions/pick_default.rb": "ad3ea60262de408767786d37a54d45dc", + "lib/puppet/parser/functions/prefix.rb": "e377fd64bd63dde6c9660aa75aca4942", + "lib/puppet/parser/functions/private.rb": "1500a21d5cf19961c5b1d476df892d92", + "lib/puppet/parser/functions/pw_hash.rb": "d82221f667050026cd6d155432a31802", + "lib/puppet/parser/functions/range.rb": "76f693d1dd50ffee409e58ff6d9a58bb", + "lib/puppet/parser/functions/reject.rb": "689f6a7c961a55fe9dcd240921f4c7f9", + "lib/puppet/parser/functions/reverse.rb": "b234b54b8cd62b2d67ccd70489ffdccf", + "lib/puppet/parser/functions/rstrip.rb": "b4e4ada41f7c1d2fcad073ce6344980f", + "lib/puppet/parser/functions/seeded_rand.rb": "2ad22e7613d894ae779c0c5b0e65dade", + "lib/puppet/parser/functions/shuffle.rb": "d50f72b0aeb921e64d2482f62488e2f3", + "lib/puppet/parser/functions/size.rb": "ab3b5b8cf2369d76969a7cb2564e018f", + "lib/puppet/parser/functions/sort.rb": "504b033b438461ca4f9764feeb017833", + "lib/puppet/parser/functions/squeeze.rb": "541f85b4203b55c9931d3d6ecd5c75f8", + "lib/puppet/parser/functions/str2bool.rb": "e380cfbc3395404ac8232ff960b22bca", + "lib/puppet/parser/functions/str2saltedsha512.rb": "49afad7b386be38ce53deaefef326e85", + "lib/puppet/parser/functions/strftime.rb": "e02e01a598ca5d7d6eee0ba22440304a", + "lib/puppet/parser/functions/strip.rb": "85d70ab95492e3e4ca5f0b5ec3f284a9", + "lib/puppet/parser/functions/suffix.rb": "109279db4180441e75545dbd5f273298", + "lib/puppet/parser/functions/swapcase.rb": "b17a9f3cb0271451d309e4b4f52dd651", + "lib/puppet/parser/functions/time.rb": "8cb0b8320c60b4a21725634154a9f1db", + "lib/puppet/parser/functions/to_bytes.rb": "65437027687b6172173b3a211a799e37", + "lib/puppet/parser/functions/try_get_value.rb": "2ef0cc8141dfd72f45b5e854dde26a0f", + "lib/puppet/parser/functions/type.rb": "4709f7ab8a8aad62d77a3c5d91a3aa08", + "lib/puppet/parser/functions/type3x.rb": "f9bf4de8341afb0c677c26b40ec8a2b2", + "lib/puppet/parser/functions/union.rb": "3cf57ea53f2522f586264feb67293cd6", + "lib/puppet/parser/functions/unique.rb": "c1bb4a8aeebd09ba3e4c8bc3702cfd60", + "lib/puppet/parser/functions/unix2dos.rb": "b1f5087fcaca69d9395094204cce887a", + "lib/puppet/parser/functions/upcase.rb": "8decededec9eb33e58f961eb86f0888f", + "lib/puppet/parser/functions/uriescape.rb": "d912ba09ba3f58c70988e662e05ffbe8", + "lib/puppet/parser/functions/validate_absolute_path.rb": "51c81d562fcc6c2df49ce5cfefd721ff", + "lib/puppet/parser/functions/validate_array.rb": "72b29289b8af1cfc3662ef9be78911b8", + "lib/puppet/parser/functions/validate_augeas.rb": "61e828e7759ba3e1e563e1fdd68aa80f", + "lib/puppet/parser/functions/validate_bool.rb": "a712634a000024398b3c6cd4ecc46463", + "lib/puppet/parser/functions/validate_cmd.rb": "57b3b128c035802fb67754eed3a88475", + "lib/puppet/parser/functions/validate_hash.rb": "e9cfaca68751524efe16ecf2f958a9a0", + "lib/puppet/parser/functions/validate_integer.rb": "438c7fdd25f7f6a208ac48c9b75a390f", + "lib/puppet/parser/functions/validate_ip_address.rb": "4d8423bf126b102cf88489aec9a10186", + "lib/puppet/parser/functions/validate_ipv4_address.rb": "ea5a7e87f51fc5a961cdc7369b3c9d00", + "lib/puppet/parser/functions/validate_ipv6_address.rb": "4699238e4cad60e7e1428905523eaeb7", + "lib/puppet/parser/functions/validate_numeric.rb": "60b0c6d5b8b170ea77498a8580bd3158", + "lib/puppet/parser/functions/validate_re.rb": "53613813ba02914f2692f0edd7e12fab", + "lib/puppet/parser/functions/validate_slength.rb": "5f0db124caae4866f474a60c589ba632", + "lib/puppet/parser/functions/validate_string.rb": "cf6a20877a27b1073d63fdd522af50bb", + "lib/puppet/parser/functions/values.rb": "066a6e4170e5034edb9a80463dff2bb5", + "lib/puppet/parser/functions/values_at.rb": "325a899e0201e8df5bd483fec6f12d76", + "lib/puppet/parser/functions/zip.rb": "a89d5e802bc1e63e52020c2ddbaaca2c", + "lib/puppet/provider/file_line/ruby.rb": "0b7ed2917e70902b5c40362370edcbb0", + "lib/puppet/type/anchor.rb": "bbd36bb49c3b554f8602d8d3df366c0c", + "lib/puppet/type/file_line.rb": "3969f0a0443825260c2c678aaeab2792", + "manifests/init.pp": "9560a09f657d7eebbfdb920cefcc1d4f", + "manifests/stages.pp": "72eb4fa624474faf23b39e57cf1590bd", + "metadata.json": "4abe196243390fada13e20c7f4460fca", + "spec/acceptance/abs_spec.rb": "538db8d037db814b455a6d741e91bb8d", + "spec/acceptance/anchor_spec.rb": "3a366ecab2fda6c20acd70eeb57c5080", + "spec/acceptance/any2array_spec.rb": "de86ead0205acbb3eca3a8a4792bdac8", + "spec/acceptance/base64_spec.rb": "1684d5dd176dd5bbd4c3c6b1e64fbcea", + "spec/acceptance/bool2num_spec.rb": "bf53ceac40d0a67551c618b11809f3f8", + "spec/acceptance/build_csv.rb": "f28ef587de764ade1513091c4906412c", + "spec/acceptance/capitalize_spec.rb": "e77ea2c37144a75a67969c0d0839adfd", + "spec/acceptance/ceiling_spec.rb": "b2718dc74a39399e342ef96fe0d00fdc", + "spec/acceptance/chomp_spec.rb": "fb0862a6b7eeb3c290e280788e705061", + "spec/acceptance/chop_spec.rb": "4e7ab2d3a441b88b667a0d8ea5b174c1", + "spec/acceptance/concat_spec.rb": "6d88764fde8859e2db6b604f69fe2e17", + "spec/acceptance/count_spec.rb": "d82cfcad2461b16872455d6347a8b114", + "spec/acceptance/deep_merge_spec.rb": "c335a947f1666e185e0210e661f1c78a", + "spec/acceptance/defined_with_params_spec.rb": "f27c54ade9872c63c69316f62b03c119", + "spec/acceptance/delete_at_spec.rb": "9c028b703ee0286565c9877757678f3f", + "spec/acceptance/delete_spec.rb": "31e6dfcb9cc7c16b20d47c00e6a85a1d", + "spec/acceptance/delete_undef_values_spec.rb": "6e6a66aee0c383c843b5f92ef8c8410c", + "spec/acceptance/delete_values_spec.rb": "22c9b4914d4cbc0153aa3862cb4fb50e", + "spec/acceptance/difference_spec.rb": "289f4f1788feaacb304ffd54971c7e7e", + "spec/acceptance/dirname_spec.rb": "84db53878c4400a6c684c924cff05cfc", + "spec/acceptance/downcase_spec.rb": "0f094849b94a94df491ee01186473104", + "spec/acceptance/empty_spec.rb": "e5094267eb1eae007addc5e76b6d43d1", + "spec/acceptance/ensure_resource_spec.rb": "c0193d79f1db1985d313bedb93a4c7ae", + "spec/acceptance/flatten_spec.rb": "83fb08cc168a105c1d5d0df66b1d9e84", + "spec/acceptance/floor_spec.rb": "d7267b2914b1da6406224abb7489ca86", + "spec/acceptance/fqdn_rand_string_spec.rb": "17b047b80e008b5eb45b4cbe64036983", + "spec/acceptance/fqdn_rotate_spec.rb": "b00226e2ae28acf4ffea8a96b6e64f01", + "spec/acceptance/get_module_path_spec.rb": "2658cdcd1abd4b7d20f53c4aced3c72a", + "spec/acceptance/getparam_spec.rb": "4d32dc5a0ee34d045242c36d77a3b482", + "spec/acceptance/getvar_spec.rb": "ba2f081a88be97c0e7004a6296294f23", + "spec/acceptance/grep_spec.rb": "98818b8b0557b80d6ff519f70ea7617c", + "spec/acceptance/has_interface_with_spec.rb": "30e27096050c43b7efdb5e6c0d54f53b", + "spec/acceptance/has_ip_address_spec.rb": "2812117ec4b88556039e8488d53c0cb0", + "spec/acceptance/has_ip_network_spec.rb": "ca75b43ff1256ead9052f2db7620db99", + "spec/acceptance/has_key_spec.rb": "6509a26a0886f7d591eaa926b2f92407", + "spec/acceptance/hash_spec.rb": "1c626457ba056bdd3936e28aa5bf503e", + "spec/acceptance/intersection_spec.rb": "40f586af7f95408a5d4a2882a4aa98f1", + "spec/acceptance/is_a_spec.rb": "03e612e76d9004ec625d9e30bb17af04", + "spec/acceptance/is_array_spec.rb": "c2ff70ce59b90b50a5aed67abaa5399d", + "spec/acceptance/is_bool_spec.rb": "c001fdecff6b0a3c9dc78774987a0b15", + "spec/acceptance/is_domain_name_spec.rb": "63e84285c26d8717fd5d4dda01e3f432", + "spec/acceptance/is_float_spec.rb": "2f0164b4d732166aa46055a2cf7b4ea9", + "spec/acceptance/is_function_available_spec.rb": "7745eba89f8719c9ca7ebf04d5b005f7", + "spec/acceptance/is_hash_spec.rb": "cff723cd8fddac45033af5dc8406d4e4", + "spec/acceptance/is_integer_spec.rb": "c09201d17d3914bba197872897fa3413", + "spec/acceptance/is_ip_address_spec.rb": "aa14cf9abf404c3fe1e761ea957871fe", + "spec/acceptance/is_mac_address_spec.rb": "30ff4c6a63be58daa3568305617ca2a7", + "spec/acceptance/is_numeric_spec.rb": "fb9829c7a1a8d4a58836df6ff4c3386d", + "spec/acceptance/is_string_spec.rb": "df3022de123b72f0022728eb2d8ce857", + "spec/acceptance/join_keys_to_values_spec.rb": "8aa128bbaeea65aab8d92badee3ca2b5", + "spec/acceptance/join_spec.rb": "c6378ed481265152bba9871fc5501ee6", + "spec/acceptance/keys_spec.rb": "20486e3ebee53e50dc9de3b78b9d6ae6", + "spec/acceptance/loadyaml_spec.rb": "bd440cb6779026bd07d83f1aceb2781b", + "spec/acceptance/lstrip_spec.rb": "e29ab4039b65660ec2bd76a298adcae0", + "spec/acceptance/max_spec.rb": "209cda4b83d677743afb1a8870330618", + "spec/acceptance/member_spec.rb": "d6088a4fa6321791a3067d9b9cf8914a", + "spec/acceptance/merge_spec.rb": "5f168188fa0d6b31ba5b3dac49fb609c", + "spec/acceptance/min_spec.rb": "152a7db28434a0d0378561d4f64cddcc", + "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", + "spec/acceptance/nodesets/centos-6-vcloud.yml": "bdf9ce9d3b0f0b4995666ae9d64d878d", + "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", + "spec/acceptance/nodesets/centos-64-x64.yml": "092dd2c588a9f87fa1fb12997c0723ef", + "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/default.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/fedora-18-x64.yml": "80e41b1ee16ea489f53164bfdae58855", + "spec/acceptance/nodesets/sles-11-x64.yml": "44e4c6c15c018333bfa9840a5e702f66", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", + "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", + "spec/acceptance/nodesets/windows-2003-i386.yml": "b518fc01fab99ee6a9afccec5bc0c1c4", + "spec/acceptance/nodesets/windows-2003-x86_64.yml": "5c783eaa8ea4734edc836e89e923dfa1", + "spec/acceptance/nodesets/windows-2008-x86_64.yml": "3082234eafcfaf7a9579d9ebdb8bc409", + "spec/acceptance/nodesets/windows-2008r2-x86_64.yml": "dfeff32a4cc3fffa872c8281d990a840", + "spec/acceptance/nodesets/windows-2012-x86_64.yml": "8bed73362ee1f43d21ea1903a729f955", + "spec/acceptance/nodesets/windows-2012r2-x86_64.yml": "3f4f6112d24db02989b8ab79d3a1256f", + "spec/acceptance/num2bool_spec.rb": "e4a00b913b08c68a689837e9f9336cb2", + "spec/acceptance/parsejson_spec.rb": "5753b9dd66e4fd464c132b39487b922c", + "spec/acceptance/parseyaml_spec.rb": "991f6f7b729812535155643c11846bcb", + "spec/acceptance/pick_default_spec.rb": "1bc2562380ef6f6cded5ec90a03922be", + "spec/acceptance/pick_spec.rb": "272c54c8f9398f499768331bdb4276ee", + "spec/acceptance/prefix_spec.rb": "da620568c6771e7d492ec1ff697c531c", + "spec/acceptance/pw_hash_spec.rb": "721fe0da04d798a353799fd651bcd0fc", + "spec/acceptance/range_spec.rb": "65e5b98ceca257658604d988fbec7d03", + "spec/acceptance/reject_spec.rb": "b5185f1a6071c9bdc7aca92e6f899c3e", + "spec/acceptance/reverse_spec.rb": "7bdee543e82532e97bbf7a067140031c", + "spec/acceptance/rstrip_spec.rb": "28a64ceb7cb5ae8a93d31f49816190ab", + "spec/acceptance/shuffle_spec.rb": "8a8652e57d56f2b4946cdf4d20052b7a", + "spec/acceptance/size_spec.rb": "ae17d8a55921a0570972200c7c9327e1", + "spec/acceptance/sort_spec.rb": "d44b1b8c090f0f00a2f38515fda431ea", + "spec/acceptance/squeeze_spec.rb": "adcd65fa4e72203b97f1f14c8835c2cd", + "spec/acceptance/str2bool_spec.rb": "55ad165ceef6b9ba32bf20ca3b53b44c", + "spec/acceptance/str2saltedsha512_spec.rb": "b684c4214d06ae3d5bae055262a5ccaa", + "spec/acceptance/strftime_spec.rb": "0f4eadbd74445b35de4a42c9790fbcc1", + "spec/acceptance/strip_spec.rb": "6767da5bc735beb5362aeee6ff692c9e", + "spec/acceptance/suffix_spec.rb": "07dfc7eed48b75fcc1b93d0308243eda", + "spec/acceptance/swapcase_spec.rb": "5c3c1bc19a09fed6e01881f79b0b4ea5", + "spec/acceptance/time_spec.rb": "044b2f634a1fa6ecc735998d68a93b73", + "spec/acceptance/to_bytes_spec.rb": "f9df1f234b9409f5eaf56ef24e651c36", + "spec/acceptance/try_get_value_spec.rb": "db7c47f372f9d9725987ebe13e6039eb", + "spec/acceptance/type_spec.rb": "4297e038a8ff7e6ecb859b8b68c7b3a6", + "spec/acceptance/union_spec.rb": "f24e166bc838c9c8cbd75ad3f8f9d15b", + "spec/acceptance/unique_spec.rb": "9b00b21cefde3b5391f50eeb9cd2493b", + "spec/acceptance/unsupported_spec.rb": "09b9265ecb05252cd5e5a18327c7ae97", + "spec/acceptance/upcase_spec.rb": "ffd1d6f9e6ec24131fb78983c53a75f9", + "spec/acceptance/uriescape_spec.rb": "13daa387714cbfc63b587aaa8dbf7fcd", + "spec/acceptance/validate_absolute_path_spec.rb": "8b9ebfae80329231d84fcab606a3eeaf", + "spec/acceptance/validate_array_spec.rb": "382641719e754622ffae562d10e38bf7", + "spec/acceptance/validate_augeas_spec.rb": "c26b8ca2184a9dd87033a0c6f0553093", + "spec/acceptance/validate_bool_spec.rb": "08bc139459204cf0a35098a5bc30ab95", + "spec/acceptance/validate_cmd_spec.rb": "e9260c49d880e4de54f77bf4fd70cff4", + "spec/acceptance/validate_hash_spec.rb": "70ceacc18a0dee97b26ab2e50f925706", + "spec/acceptance/validate_ipv4_address_spec.rb": "dc901bbd05c3764a93cb49154cea6e4b", + "spec/acceptance/validate_ipv6_address_spec.rb": "c0872c56230ac2800cd5723eaa5bc53a", + "spec/acceptance/validate_re_spec.rb": "b289909078d6ae0d015419f518566698", + "spec/acceptance/validate_slength_spec.rb": "f0a05c1c2b895b096cb7326df4821594", + "spec/acceptance/validate_string_spec.rb": "6c9ced99fb1e263e66e25427d24f8f7b", + "spec/acceptance/values_at_spec.rb": "669b26c4d47742051472003518c3aa61", + "spec/acceptance/values_spec.rb": "9681223bb1bd755c28946ef0bcd6ece9", + "spec/acceptance/zip_spec.rb": "86d1b555745ee873da68c71f1e46ed21", + "spec/fixtures/dscacheutil/root": "e1a7622f55f3d1be258c9a5b16b474be", + "spec/fixtures/lsuser/root": "2ed657fa157372a81634539bb1a56be8", + "spec/functions/abs_spec.rb": "7c0ebbd787b788d32b9bb21fe9061a2f", + "spec/functions/any2array_spec.rb": "c5990164adbaaf4f6536df4022309176", + "spec/functions/assert_private_spec.rb": "3bf58bd53467248cc221b9f846b13d98", + "spec/functions/base64_spec.rb": "56e192ac379469d3cccd5cf73d41f4e5", + "spec/functions/basename_spec.rb": "9711895262a628309bb70e0fe69aa07e", + "spec/functions/bool2num_spec.rb": "6609136ff067b90d41cf27bf8838c3ea", + "spec/functions/bool2str_spec.rb": "52560617234393f960aedb496b49a628", + "spec/functions/camelcase_spec.rb": "4a13d3323535291fef3f40a96710acdb", + "spec/functions/capitalize_spec.rb": "31a8d497b274653d5ede70a0187d4053", + "spec/functions/ceiling_spec.rb": "47bd74569f8979d9195df06a863de93b", + "spec/functions/chomp_spec.rb": "6749a0b358b34e73843e1a284cead44a", + "spec/functions/chop_spec.rb": "6e33e61f50459191387c87e474d3d127", + "spec/functions/concat_spec.rb": "f2d83c38f9ac79b02285e056b3c52dd3", + "spec/functions/convert_base_spec.rb": "f031e84b18cb010bc6233be3e4bcff83", + "spec/functions/count_spec.rb": "d91a084665ecd902586d26c99d45beed", + "spec/functions/deep_merge_spec.rb": "d70a71c7e9363c75224fffd40fc5efdd", + "spec/functions/defined_with_params_spec.rb": "9185955113fd14a7b2fbaa0228669d00", + "spec/functions/delete_at_spec.rb": "a5443ac5879992af9c4470e59f0355cf", + "spec/functions/delete_spec.rb": "822310fa89d455233c32553660df67d3", + "spec/functions/delete_undef_values_spec.rb": "6bee6b89a507130a009a9e8b5ef3e130", + "spec/functions/delete_values_spec.rb": "0d2d17c0cacd7f3871ea7ab2f5b96d93", + "spec/functions/difference_spec.rb": "2caaab5edb42ddc426e65348b12ebcc3", + "spec/functions/dirname_spec.rb": "5c905655d551b1956b6c9eda4ee96569", + "spec/functions/dos2unix_spec.rb": "95c13597be9e67e79e69ed0e6c3d325a", + "spec/functions/downcase_spec.rb": "e2c24d41c6fb840f7b66c5205c942780", + "spec/functions/empty_spec.rb": "e6d06c193869ce8c97d3e67d5c5c5b4f", + "spec/functions/ensure_packages_spec.rb": "76e89bf81ae98e52d2a07263c0e8d4f4", + "spec/functions/ensure_resource_spec.rb": "57634d7b6f86ac77dc47fb5da36410c2", + "spec/functions/flatten_spec.rb": "6fb563c36daf40599a414c1f3af8dc0b", + "spec/functions/floor_spec.rb": "7d110b1f994432e1c6c7c004a3dedbe4", + "spec/functions/fqdn_rand_string_spec.rb": "2edaae1764df4d751684d8ceda7b9cda", + "spec/functions/fqdn_rotate_spec.rb": "e9b1ce122788f18611cf64696d666328", + "spec/functions/get_module_path_spec.rb": "e0b1664ce848a00f918b8fc3c8099be0", + "spec/functions/getparam_spec.rb": "dbbdde0a72653feb479e9fb971b94ec7", + "spec/functions/getvar_spec.rb": "18a9340442dd59cea8a6c98e95d38f4d", + "spec/functions/grep_spec.rb": "b9d0722e7708351b0114c46d4272f760", + "spec/functions/has_interface_with_spec.rb": "473c000e461c3497f8461eb17cf73430", + "spec/functions/has_ip_address_spec.rb": "7b36b993ea32757e74be9909906bd165", + "spec/functions/has_ip_network_spec.rb": "23021acd604dc4ca3a1fef62e8863d8e", + "spec/functions/has_key_spec.rb": "6bc81bc7d179d4b680e7065a60b76562", + "spec/functions/hash_spec.rb": "4519b75eeb8eb0bba80b4594c297cf5e", + "spec/functions/intersection_spec.rb": "fcd475963335b3efee99c3ddd0ddd969", + "spec/functions/is_a_spec.rb": "51b1f473786fbd1d723febf20281de23", + "spec/functions/is_array_spec.rb": "7ea00635b395f231fce6467c95410b05", + "spec/functions/is_bool_spec.rb": "9173b8fd7cb5aea4504f0fa860d883c9", + "spec/functions/is_domain_name_spec.rb": "4ea3825d5b77a5d75eab8228dcc738f9", + "spec/functions/is_float_spec.rb": "42b7f071e02af58e3154643b84445af1", + "spec/functions/is_function_available.rb": "f8ab234d536532c3629ff6a5068e7877", + "spec/functions/is_hash_spec.rb": "11563529f0f1f821769edb3131277100", + "spec/functions/is_integer_spec.rb": "799bef092df12fa590e71473db957d11", + "spec/functions/is_ip_address_spec.rb": "195e89d0c32eae24e4a51d12b8c59009", + "spec/functions/is_mac_address_spec.rb": "748b7e3dffae6d4097da9cc29a37e94d", + "spec/functions/is_numeric_spec.rb": "d131e94cf670075e8c46576b5109c2b6", + "spec/functions/is_string_spec.rb": "f41f332f93fc05b57ee9611cdbe73c11", + "spec/functions/join_keys_to_values_spec.rb": "b95f8f32888a96c4239c87cf9785d288", + "spec/functions/join_spec.rb": "2181956bf08efe90f932a17e5138a25c", + "spec/functions/keys_spec.rb": "8a6772daf2ae821e98d392f5266fdf67", + "spec/functions/load_module_metadata_spec.rb": "bcc48736e28992853c4f6b16d397daed", + "spec/functions/loadyaml_spec.rb": "f4f50af8016ffd187a0358b78634a259", + "spec/functions/lstrip_spec.rb": "58644ca945b38ec8b3d8729423aacf69", + "spec/functions/max_spec.rb": "47de8d59070d8d51b2184731f5d1aa43", + "spec/functions/member_spec.rb": "02891f40caaca15a5aba43443c7d2ccb", + "spec/functions/merge_spec.rb": "56297527d192640bbe82c7ccf1e39815", + "spec/functions/min_spec.rb": "8b38e2a989912406cd2c57dcd3a460c4", + "spec/functions/num2bool_spec.rb": "7c4fd30e41a11b1bd0d9e5233340f16b", + "spec/functions/parsejson_spec.rb": "656300186e986725982595c262f7eccd", + "spec/functions/parseyaml_spec.rb": "67b3be346368a2070535585a51bcd7c2", + "spec/functions/pick_default_spec.rb": "bef7bb2f755e665775aa0085c6897fb2", + "spec/functions/pick_spec.rb": "8fe02695ea909e993119254accc61f1a", + "spec/functions/prefix_spec.rb": "95956321291a0f6d1e2f45572569fe3b", + "spec/functions/private_spec.rb": "f404771c4590a0cd7ce61ddff8f3eb7b", + "spec/functions/pw_hash_spec.rb": "640609cc73b4c8bbcdfc88c3e9797664", + "spec/functions/range_spec.rb": "e73c3bb7f2c25540780c3bad19b30994", + "spec/functions/reject_spec.rb": "e0eb0546885dd0aef023dfa4694155db", + "spec/functions/reverse_spec.rb": "cb48f198c2a9efe224a00d67e68d978f", + "spec/functions/rstrip_spec.rb": "f0391a775d335e2a5c9335d50c657f4b", + "spec/functions/seeded_rand_spec.rb": "d7d80c3458706e83a8087e17c8a7b6ab", + "spec/functions/shuffle_spec.rb": "6ab6083720cfd4dfa99556e5ef81f576", + "spec/functions/size_spec.rb": "51495c464a203d9e1919008209f05cd5", + "spec/functions/sort_spec.rb": "d9533dd37c6263b92895f7eba8485248", + "spec/functions/squeeze_spec.rb": "549af334b7f9dd5f06d6b45c3e3e8303", + "spec/functions/str2bool_spec.rb": "607b25fb0badd0da5acb86c63437c8be", + "spec/functions/str2saltedsha512_spec.rb": "07586b0026757cd39229c12c7221808b", + "spec/functions/strftime_spec.rb": "f1a34fc930940213abfba3095d5d8065", + "spec/functions/strip_spec.rb": "0cb8537f2e7df14f42247349ab3161a6", + "spec/functions/suffix_spec.rb": "599768b95090323b8046215d26597f3c", + "spec/functions/swapcase_spec.rb": "90bace1b004aa63d46eb6481c6dce2b1", + "spec/functions/time_spec.rb": "6dc8f5b42cf89345d2de424bfe19be90", + "spec/functions/to_bytes_spec.rb": "b771f8490d922de46a519e407d358139", + "spec/functions/try_get_value_spec.rb": "b917b899f5d29764dd4b1b07e07ec6ce", + "spec/functions/type3x_spec.rb": "eed4ce3a2bc92d14effedefef9690654", + "spec/functions/type_of_spec.rb": "83755d9390b9c00e086a007edff7fd9b", + "spec/functions/type_spec.rb": "7a61b4af7d3d83be590d783a7e5e80f8", + "spec/functions/union_spec.rb": "089b03e9a6ef25cdcf68157bb986d8a8", + "spec/functions/unique_spec.rb": "b793c531b4d227ae55d05a187b706fb8", + "spec/functions/unix2dos_spec.rb": "628c8a0c608d1fa0dd09bd1b5af97c1f", + "spec/functions/upcase_spec.rb": "4f0461a20c03d618f0c18da39bebcf65", + "spec/functions/uriescape_spec.rb": "1458afbe7e7e11dcaad8d295a7f2be59", + "spec/functions/validate_absolute_path_spec.rb": "26e00ce6122016b9b53797806e681682", + "spec/functions/validate_array_spec.rb": "df0bcf372b3efdd1f4de16b508987616", + "spec/functions/validate_augeas_spec.rb": "d598e89a23912be9f24d39b809f30b47", + "spec/functions/validate_bool_spec.rb": "93cfbecbe8cc4707ada13f48f5c8c8a6", + "spec/functions/validate_cmd_spec.rb": "05eb581532fc689ff91212413b2e678d", + "spec/functions/validate_hash_spec.rb": "56f4b7e42a4d3f62172982fa639f5cc3", + "spec/functions/validate_integer_spec.rb": "0a2677479c8bf0257bdd54c3d0db1f81", + "spec/functions/validate_ip_address_spec.rb": "e4ba65ff0c87b28b29f05e1637b7e700", + "spec/functions/validate_ipv4_address_spec.rb": "dc1af709faa724ccc51d9c5aba1d6356", + "spec/functions/validate_ipv6_address_spec.rb": "5f27c395b286385c489df5ee119580bc", + "spec/functions/validate_numeric_spec.rb": "dd5fcc7421002c85252d0a9421a5a99b", + "spec/functions/validate_re_spec.rb": "430e57fd80d3f29f4ba8be62c5463e62", + "spec/functions/validate_slength_spec.rb": "92252419e0d311a7bd6b426edb3c1040", + "spec/functions/validate_string_spec.rb": "779473e87660081e610c397f0157331a", + "spec/functions/values_at_spec.rb": "c318f66de43f8e6095d28f733f55ec5d", + "spec/functions/values_spec.rb": "5550da71a69514f8be87a12b575d5228", + "spec/functions/zip_spec.rb": "4c991f26985096b3e8b336cef528aa00", + "spec/monkey_patches/alias_should_to_must.rb": "b19ee31563afb91a72f9869f9d7362ff", + "spec/monkey_patches/publicize_methods.rb": "c690e444b77c871375d321e413e28ca1", + "spec/puppetlabs_spec_helper_clone.rb": "8ad7f8e9186fc52a1a35d6b5c07d2571", + "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", + "spec/spec_helper.rb": "46e1ca48cf3f80d585bd9add370f1039", + "spec/spec_helper_acceptance.rb": "4da340042246df9b9e3dc221a5807528", + "spec/unit/facter/facter_dot_d_spec.rb": "420339a544851f2c7ee6fa4c651bdce8", + "spec/unit/facter/package_provider_spec.rb": "3a6ba799822fbcabc9adab5880260b7a", + "spec/unit/facter/pe_version_spec.rb": "d0fa6c0d5b01a4b9fd36ed4168635e9f", + "spec/unit/facter/root_home_spec.rb": "036c160d5543f4f3e80a300a3a170b77", + "spec/unit/facter/service_provider_spec.rb": "a97efb411817a44c511cd6cd79d9af8c", + "spec/unit/facter/util/puppet_settings_spec.rb": "6f9df9b10a1b39245ecdf002616a4122", + "spec/unit/puppet/parser/functions/is_absolute_path_spec.rb": "52f8d3b9011fb1fd8a2a429fe8b2ae08", + "spec/unit/puppet/provider/file_line/ruby_spec.rb": "662ad5db7b02dbddbcc015d4a35ac5bc", + "spec/unit/puppet/type/anchor_spec.rb": "06a669dffa44d716bf19b4e7f5f1d75d", + "spec/unit/puppet/type/file_line_spec.rb": "e3e13f1b31c734e13e5198259efa8445" +} \ No newline at end of file diff --git a/modules/dependencies/stdlib/examples/file_line.pp b/modules/dependencies/stdlib/examples/file_line.pp new file mode 100644 index 000000000..85b132586 --- /dev/null +++ b/modules/dependencies/stdlib/examples/file_line.pp @@ -0,0 +1,9 @@ +# This is a simple smoke test +# of the file_line resource type. +file { '/tmp/dansfile': + ensure => file, +} -> +file_line { 'dans_line': + line => 'dan is awesome', + path => '/tmp/dansfile', +} diff --git a/modules/dependencies/stdlib/examples/has_interface_with.pp b/modules/dependencies/stdlib/examples/has_interface_with.pp new file mode 100644 index 000000000..a578dd279 --- /dev/null +++ b/modules/dependencies/stdlib/examples/has_interface_with.pp @@ -0,0 +1,9 @@ +include ::stdlib +info('has_interface_with(\'lo\'):', has_interface_with('lo')) +info('has_interface_with(\'loX\'):', has_interface_with('loX')) +info('has_interface_with(\'ipaddress\', \'127.0.0.1\'):', has_interface_with('ipaddress', '127.0.0.1')) +info('has_interface_with(\'ipaddress\', \'127.0.0.100\'):', has_interface_with('ipaddress', '127.0.0.100')) +info('has_interface_with(\'network\', \'127.0.0.0\'):', has_interface_with('network', '127.0.0.0')) +info('has_interface_with(\'network\', \'128.0.0.0\'):', has_interface_with('network', '128.0.0.0')) +info('has_interface_with(\'netmask\', \'255.0.0.0\'):', has_interface_with('netmask', '255.0.0.0')) +info('has_interface_with(\'netmask\', \'256.0.0.0\'):', has_interface_with('netmask', '256.0.0.0')) diff --git a/modules/dependencies/stdlib/examples/has_ip_address.pp b/modules/dependencies/stdlib/examples/has_ip_address.pp new file mode 100644 index 000000000..594143d66 --- /dev/null +++ b/modules/dependencies/stdlib/examples/has_ip_address.pp @@ -0,0 +1,3 @@ +include ::stdlib +info('has_ip_address(\'192.168.1.256\'):', has_ip_address('192.168.1.256')) +info('has_ip_address(\'127.0.0.1\'):', has_ip_address('127.0.0.1')) diff --git a/modules/dependencies/stdlib/examples/has_ip_network.pp b/modules/dependencies/stdlib/examples/has_ip_network.pp new file mode 100644 index 000000000..1f1130dc7 --- /dev/null +++ b/modules/dependencies/stdlib/examples/has_ip_network.pp @@ -0,0 +1,3 @@ +include ::stdlib +info('has_ip_network(\'127.0.0.0\'):', has_ip_network('127.0.0.0')) +info('has_ip_network(\'128.0.0.0\'):', has_ip_network('128.0.0.0')) diff --git a/modules/dependencies/stdlib/examples/init.pp b/modules/dependencies/stdlib/examples/init.pp new file mode 100644 index 000000000..ad2797213 --- /dev/null +++ b/modules/dependencies/stdlib/examples/init.pp @@ -0,0 +1 @@ +include ::stdlib diff --git a/modules/dependencies/stdlib/lib/facter/facter_dot_d.rb b/modules/dependencies/stdlib/lib/facter/facter_dot_d.rb new file mode 100644 index 000000000..d85940de5 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/facter_dot_d.rb @@ -0,0 +1,202 @@ +# A Facter plugin that loads facts from /etc/facter/facts.d +# and /etc/puppetlabs/facter/facts.d. +# +# Facts can be in the form of JSON, YAML or Text files +# and any executable that returns key=value pairs. +# +# In the case of scripts you can also create a file that +# contains a cache TTL. For foo.sh store the ttl as just +# a number in foo.sh.ttl +# +# The cache is stored in $libdir/facts_dot_d.cache as a mode +# 600 file and will have the end result of not calling your +# fact scripts more often than is needed + +class Facter::Util::DotD + require 'yaml' + + def initialize(dir="/etc/facts.d", cache_file=File.join(Puppet[:libdir], "facts_dot_d.cache")) + @dir = dir + @cache_file = cache_file + @cache = nil + @types = {".txt" => :txt, ".json" => :json, ".yaml" => :yaml} + end + + def entries + Dir.entries(@dir).reject { |f| f =~ /^\.|\.ttl$/ }.sort.map { |f| File.join(@dir, f) } + rescue + [] + end + + def fact_type(file) + extension = File.extname(file) + + type = @types[extension] || :unknown + + type = :script if type == :unknown && File.executable?(file) + + return type + end + + def txt_parser(file) + File.readlines(file).each do |line| + if line =~ /^([^=]+)=(.+)$/ + var = $1; val = $2 + + Facter.add(var) do + setcode { val } + end + end + end + rescue Exception => e + Facter.warn("Failed to handle #{file} as text facts: #{e.class}: #{e}") + end + + def json_parser(file) + begin + require 'json' + rescue LoadError + retry if require 'rubygems' + raise + end + + JSON.load(File.read(file)).each_pair do |f, v| + Facter.add(f) do + setcode { v } + end + end + rescue Exception => e + Facter.warn("Failed to handle #{file} as json facts: #{e.class}: #{e}") + end + + def yaml_parser(file) + require 'yaml' + + YAML.load_file(file).each_pair do |f, v| + Facter.add(f) do + setcode { v } + end + end + rescue Exception => e + Facter.warn("Failed to handle #{file} as yaml facts: #{e.class}: #{e}") + end + + def script_parser(file) + result = cache_lookup(file) + ttl = cache_time(file) + + unless result + result = Facter::Util::Resolution.exec(file) + + if ttl > 0 + Facter.debug("Updating cache for #{file}") + cache_store(file, result) + cache_save! + end + else + Facter.debug("Using cached data for #{file}") + end + + result.split("\n").each do |line| + if line =~ /^(.+)=(.+)$/ + var = $1; val = $2 + + Facter.add(var) do + setcode { val } + end + end + end + rescue Exception => e + Facter.warn("Failed to handle #{file} as script facts: #{e.class}: #{e}") + Facter.debug(e.backtrace.join("\n\t")) + end + + def cache_save! + cache = load_cache + File.open(@cache_file, "w", 0600) { |f| f.write(YAML.dump(cache)) } + rescue + end + + def cache_store(file, data) + load_cache + + @cache[file] = {:data => data, :stored => Time.now.to_i} + rescue + end + + def cache_lookup(file) + cache = load_cache + + return nil if cache.empty? + + ttl = cache_time(file) + + if cache[file] + now = Time.now.to_i + + return cache[file][:data] if ttl == -1 + return cache[file][:data] if (now - cache[file][:stored]) <= ttl + return nil + else + return nil + end + rescue + return nil + end + + def cache_time(file) + meta = file + ".ttl" + + return File.read(meta).chomp.to_i + rescue + return 0 + end + + def load_cache + unless @cache + if File.exist?(@cache_file) + @cache = YAML.load_file(@cache_file) + else + @cache = {} + end + end + + return @cache + rescue + @cache = {} + return @cache + end + + def create + entries.each do |fact| + type = fact_type(fact) + parser = "#{type}_parser" + + if respond_to?("#{type}_parser") + Facter.debug("Parsing #{fact} using #{parser}") + + send(parser, fact) + end + end + end +end + + +mdata = Facter.version.match(/(\d+)\.(\d+)\.(\d+)/) +if mdata + (major, minor, patch) = mdata.captures.map { |v| v.to_i } + if major < 2 + # Facter 1.7 introduced external facts support directly + unless major == 1 and minor > 6 + Facter::Util::DotD.new("/etc/facter/facts.d").create + Facter::Util::DotD.new("/etc/puppetlabs/facter/facts.d").create + + # Windows has a different configuration directory that defaults to a vendor + # specific sub directory of the %COMMON_APPDATA% directory. + if Dir.const_defined? 'COMMON_APPDATA' then + windows_facts_dot_d = File.join(Dir::COMMON_APPDATA, 'PuppetLabs', 'facter', 'facts.d') + Facter::Util::DotD.new(windows_facts_dot_d).create + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/facter/package_provider.rb b/modules/dependencies/stdlib/lib/facter/package_provider.rb new file mode 100644 index 000000000..1a0bac9b2 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/package_provider.rb @@ -0,0 +1,21 @@ +# Fact: package_provider +# +# Purpose: Returns the default provider Puppet will choose to manage packages +# on this system +# +# Resolution: Instantiates a dummy package resource and return the provider +# +# Caveats: +# +require 'puppet/type' +require 'puppet/type/package' + +Facter.add(:package_provider) do + setcode do + if Gem::Version.new(Facter.value(:puppetversion).split(' ')[0]) >= Gem::Version.new('3.6') + Puppet::Type.type(:package).newpackage(:name => 'dummy', :allow_virtual => 'true')[:provider].to_s + else + Puppet::Type.type(:package).newpackage(:name => 'dummy')[:provider].to_s + end + end +end diff --git a/modules/dependencies/stdlib/lib/facter/pe_version.rb b/modules/dependencies/stdlib/lib/facter/pe_version.rb new file mode 100644 index 000000000..c9f2181c0 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/pe_version.rb @@ -0,0 +1,58 @@ +# Fact: is_pe, pe_version, pe_major_version, pe_minor_version, pe_patch_version +# +# Purpose: Return various facts about the PE state of the system +# +# Resolution: Uses a regex match against puppetversion to determine whether the +# machine has Puppet Enterprise installed, and what version (overall, major, +# minor, patch) is installed. +# +# Caveats: +# +Facter.add("pe_version") do + setcode do + puppet_ver = Facter.value("puppetversion") + if puppet_ver != nil + pe_ver = puppet_ver.match(/Puppet Enterprise (\d+\.\d+\.\d+)/) + pe_ver[1] if pe_ver + else + nil + end + end +end + +Facter.add("is_pe") do + setcode do + if Facter.value(:pe_version).to_s.empty? then + false + else + true + end + end +end + +Facter.add("pe_major_version") do + confine :is_pe => true + setcode do + if pe_version = Facter.value(:pe_version) + pe_version.to_s.split('.')[0] + end + end +end + +Facter.add("pe_minor_version") do + confine :is_pe => true + setcode do + if pe_version = Facter.value(:pe_version) + pe_version.to_s.split('.')[1] + end + end +end + +Facter.add("pe_patch_version") do + confine :is_pe => true + setcode do + if pe_version = Facter.value(:pe_version) + pe_version.to_s.split('.')[2] + end + end +end diff --git a/modules/dependencies/stdlib/lib/facter/puppet_vardir.rb b/modules/dependencies/stdlib/lib/facter/puppet_vardir.rb new file mode 100644 index 000000000..0e6af40e4 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/puppet_vardir.rb @@ -0,0 +1,26 @@ +# This facter fact returns the value of the Puppet vardir setting for the node +# running puppet or puppet agent. The intent is to enable Puppet modules to +# automatically have insight into a place where they can place variable data, +# regardless of the node's platform. +# +# The value should be directly usable in a File resource path attribute. + + +begin + require 'facter/util/puppet_settings' +rescue LoadError => e + # puppet apply does not add module lib directories to the $LOAD_PATH (See + # #4248). It should (in the future) but for the time being we need to be + # defensive which is what this rescue block is doing. + rb_file = File.join(File.dirname(__FILE__), 'util', 'puppet_settings.rb') + load rb_file if File.exists?(rb_file) or raise e +end + +Facter.add(:puppet_vardir) do + setcode do + # This will be nil if Puppet is not available. + Facter::Util::PuppetSettings.with_puppet do + Puppet[:vardir] + end + end +end diff --git a/modules/dependencies/stdlib/lib/facter/root_home.rb b/modules/dependencies/stdlib/lib/facter/root_home.rb new file mode 100644 index 000000000..87c765718 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/root_home.rb @@ -0,0 +1,45 @@ +# A facter fact to determine the root home directory. +# This varies on PE supported platforms and may be +# reconfigured by the end user. + +module Facter::Util::RootHome + class << self + def get_root_home + root_ent = Facter::Util::Resolution.exec("getent passwd root") + # The home directory is the sixth element in the passwd entry + # If the platform doesn't have getent, root_ent will be nil and we should + # return it straight away. + root_ent && root_ent.split(":")[5] + end + end +end + +Facter.add(:root_home) do + setcode { Facter::Util::RootHome.get_root_home } +end + +Facter.add(:root_home) do + confine :kernel => :darwin + setcode do + str = Facter::Util::Resolution.exec("dscacheutil -q user -a name root") + hash = {} + str.split("\n").each do |pair| + key,value = pair.split(/:/) + hash[key] = value + end + hash['dir'].strip + end +end + +Facter.add(:root_home) do + confine :kernel => :aix + root_home = nil + setcode do + str = Facter::Util::Resolution.exec("lsuser -c -a home root") + str && str.split("\n").each do |line| + next if line =~ /^#/ + root_home = line.split(/:/)[1] + end + root_home + end +end diff --git a/modules/dependencies/stdlib/lib/facter/service_provider.rb b/modules/dependencies/stdlib/lib/facter/service_provider.rb new file mode 100644 index 000000000..a11792115 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/service_provider.rb @@ -0,0 +1,17 @@ +# Fact: service_provider +# +# Purpose: Returns the default provider Puppet will choose to manage services +# on this system +# +# Resolution: Instantiates a dummy service resource and return the provider +# +# Caveats: +# +require 'puppet/type' +require 'puppet/type/service' + +Facter.add(:service_provider) do + setcode do + Puppet::Type.type(:service).newservice(:name => 'dummy')[:provider].to_s + end +end diff --git a/modules/dependencies/stdlib/lib/facter/util/puppet_settings.rb b/modules/dependencies/stdlib/lib/facter/util/puppet_settings.rb new file mode 100644 index 000000000..1ad945218 --- /dev/null +++ b/modules/dependencies/stdlib/lib/facter/util/puppet_settings.rb @@ -0,0 +1,21 @@ +module Facter + module Util + module PuppetSettings + # This method is intended to provide a convenient way to evaluate a + # Facter code block only if Puppet is loaded. This is to account for the + # situation where the fact happens to be in the load path, but Puppet is + # not loaded for whatever reason. Perhaps the user is simply running + # facter without the --puppet flag and they happen to be working in a lib + # directory of a module. + def self.with_puppet + begin + Module.const_get("Puppet") + rescue NameError + nil + else + yield + end + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/functions/is_a.rb b/modules/dependencies/stdlib/lib/puppet/functions/is_a.rb new file mode 100644 index 000000000..da98b0352 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/functions/is_a.rb @@ -0,0 +1,32 @@ +# Boolean check to determine whether a variable is of a given data type. This is equivalent to the `=~` type checks. +# +# @example how to check a data type +# # check a data type +# foo = 3 +# $bar = [1,2,3] +# $baz = 'A string!' +# +# if $foo.is_a(Integer) { +# notify { 'foo!': } +# } +# if $bar.is_a(Array) { +# notify { 'bar!': } +# } +# if $baz.is_a(String) { +# notify { 'baz!': } +# } +# +# See the documentation for "The Puppet Type System" for more information about types. +# See the `assert_type()` function for flexible ways to assert the type of a value. +# +Puppet::Functions.create_function(:is_a) do + dispatch :is_a do + param 'Any', :value + param 'Type', :type + end + + def is_a(value, type) + # See puppet's lib/puppet/pops/evaluator/evaluator_impl.rb eval_MatchExpression + Puppet::Pops::Types::TypeCalculator.instance?(type, value) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/functions/type_of.rb b/modules/dependencies/stdlib/lib/puppet/functions/type_of.rb new file mode 100644 index 000000000..02cdd4db7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/functions/type_of.rb @@ -0,0 +1,17 @@ +# Returns the type when passed a value. +# +# @example how to compare values' types +# # compare the types of two values +# if type_of($first_value) != type_of($second_value) { fail("first_value and second_value are different types") } +# @example how to compare against an abstract type +# unless type_of($first_value) <= Numeric { fail("first_value must be Numeric") } +# unless type_of{$first_value) <= Collection[1] { fail("first_value must be an Array or Hash, and contain at least one element") } +# +# See the documentation for "The Puppet Type System" for more information about types. +# See the `assert_type()` function for flexible ways to assert the type of a value. +# +Puppet::Functions.create_function(:type_of) do + def type_of(value) + Puppet::Pops::Types::TypeCalculator.infer_set(value) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/abs.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/abs.rb new file mode 100644 index 000000000..11d2d7fea --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/abs.rb @@ -0,0 +1,36 @@ +# +# abs.rb +# + +module Puppet::Parser::Functions + newfunction(:abs, :type => :rvalue, :doc => <<-EOS + Returns the absolute value of a number, for example -34.56 becomes + 34.56. Takes a single integer and float value as an argument. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "abs(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + # Numbers in Puppet are often string-encoded which is troublesome ... + if value.is_a?(String) + if value.match(/^-?(?:\d+)(?:\.\d+){1}$/) + value = value.to_f + elsif value.match(/^-?\d+$/) + value = value.to_i + else + raise(Puppet::ParseError, 'abs(): Requires float or ' + + 'integer to work with') + end + end + + # We have numeric value to handle ... + result = value.abs + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/any2array.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/any2array.rb new file mode 100644 index 000000000..e71407e89 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/any2array.rb @@ -0,0 +1,33 @@ +# +# any2array.rb +# + +module Puppet::Parser::Functions + newfunction(:any2array, :type => :rvalue, :doc => <<-EOS +This converts any object to an array containing that object. Empty argument +lists are converted to an empty array. Arrays are left untouched. Hashes are +converted to arrays of alternating keys and values. + EOS + ) do |arguments| + + if arguments.empty? + return [] + end + + if arguments.length == 1 + if arguments[0].kind_of?(Array) + return arguments[0] + elsif arguments[0].kind_of?(Hash) + result = [] + arguments[0].each do |key, value| + result << key << value + end + return result + end + end + + return arguments + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/assert_private.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/assert_private.rb new file mode 100644 index 000000000..66c79cce3 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/assert_private.rb @@ -0,0 +1,29 @@ +# +# assert_private.rb +# + +module Puppet::Parser::Functions + newfunction(:assert_private, :doc => <<-'EOS' + Sets the current class or definition as private. + Calling the class or definition from outside the current module will fail. + EOS + ) do |args| + + raise(Puppet::ParseError, "assert_private(): Wrong number of arguments "+ + "given (#{args.size}}) for 0 or 1)") if args.size > 1 + + scope = self + if scope.lookupvar('module_name') != scope.lookupvar('caller_module_name') + message = nil + if args[0] and args[0].is_a? String + message = args[0] + else + manifest_name = scope.source.name + manifest_type = scope.source.type + message = (manifest_type.to_s == 'hostclass') ? 'Class' : 'Definition' + message += " #{manifest_name} is private" + end + raise(Puppet::ParseError, message) + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/base64.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/base64.rb new file mode 100644 index 000000000..617ba31b6 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/base64.rb @@ -0,0 +1,37 @@ +module Puppet::Parser::Functions + + newfunction(:base64, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + + Base64 encode or decode a string based on the command and the string submitted + + Usage: + + $encodestring = base64('encode','thestring') + $decodestring = base64('decode','dGhlc3RyaW5n') + + ENDHEREDOC + + require 'base64' + + raise Puppet::ParseError, ("base64(): Wrong number of arguments (#{args.length}; must be = 2)") unless args.length == 2 + + actions = ['encode','decode'] + + unless actions.include?(args[0]) + raise Puppet::ParseError, ("base64(): the first argument must be one of 'encode' or 'decode'") + end + + unless args[1].is_a?(String) + raise Puppet::ParseError, ("base64(): the second argument must be a string to base64") + end + + case args[0] + when 'encode' + result = Base64.encode64(args[1]) + when 'decode' + result = Base64.decode64(args[1]) + end + + return result + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/basename.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/basename.rb new file mode 100644 index 000000000..f7e443847 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/basename.rb @@ -0,0 +1,34 @@ +module Puppet::Parser::Functions + newfunction(:basename, :type => :rvalue, :doc => <<-EOS + Strips directory (and optional suffix) from a filename + EOS + ) do |arguments| + + if arguments.size < 1 then + raise(Puppet::ParseError, "basename(): No arguments given") + elsif arguments.size > 2 then + raise(Puppet::ParseError, "basename(): Too many arguments given (#{arguments.size})") + else + + unless arguments[0].is_a?(String) + raise(Puppet::ParseError, 'basename(): Requires string as first argument') + end + + if arguments.size == 1 then + rv = File.basename(arguments[0]) + elsif arguments.size == 2 then + + unless arguments[1].is_a?(String) + raise(Puppet::ParseError, 'basename(): Requires string as second argument') + end + + rv = File.basename(arguments[0], arguments[1]) + end + + end + + return rv + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2num.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2num.rb new file mode 100644 index 000000000..6ad6cf4e8 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2num.rb @@ -0,0 +1,26 @@ +# +# bool2num.rb +# + +module Puppet::Parser::Functions + newfunction(:bool2num, :type => :rvalue, :doc => <<-EOS + Converts a boolean to a number. Converts the values: + false, f, 0, n, and no to 0 + true, t, 1, y, and yes to 1 + Requires a single boolean or string as an input. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "bool2num(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = function_str2bool([arguments[0]]) + + # We have real boolean values as well ... + result = value ? 1 : 0 + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2str.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2str.rb new file mode 100644 index 000000000..7e364747c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/bool2str.rb @@ -0,0 +1,45 @@ +# +# bool2str.rb +# + +module Puppet::Parser::Functions + newfunction(:bool2str, :type => :rvalue, :doc => <<-EOS + Converts a boolean to a string using optionally supplied arguments. The + optional second and third arguments represent what true and false will be + converted to respectively. If only one argument is given, it will be + converted from a boolean to a string containing 'true' or 'false'. + + *Examples:* + + bool2str(true) => 'true' + bool2str(true, 'yes', 'no') => 'yes' + bool2str(false, 't', 'f') => 'f' + + Requires a single boolean as an input. + EOS + ) do |arguments| + + unless arguments.size == 1 or arguments.size == 3 + raise(Puppet::ParseError, "bool2str(): Wrong number of arguments " + + "given (#{arguments.size} for 3)") + end + + value = arguments[0] + true_string = arguments[1] || 'true' + false_string = arguments[2] || 'false' + klass = value.class + + # We can have either true or false, and nothing else + unless [FalseClass, TrueClass].include?(klass) + raise(Puppet::ParseError, 'bool2str(): Requires a boolean to work with') + end + + unless [true_string, false_string].all?{|x| x.kind_of?(String)} + raise(Puppet::ParseError, "bool2str(): Requires strings to convert to" ) + end + + return value ? true_string : false_string + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/camelcase.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/camelcase.rb new file mode 100644 index 000000000..d7f43f7a7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/camelcase.rb @@ -0,0 +1,33 @@ +# +# camelcase.rb +# + +module Puppet::Parser::Functions + newfunction(:camelcase, :type => :rvalue, :doc => <<-EOS +Converts the case of a string or all strings in an array to camel case. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "camelcase(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + klass = value.class + + unless [Array, String].include?(klass) + raise(Puppet::ParseError, 'camelcase(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.split('_').map{|e| e.capitalize}.join : i } + else + result = value.split('_').map{|e| e.capitalize}.join + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/capitalize.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/capitalize.rb new file mode 100644 index 000000000..98b2d16c9 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/capitalize.rb @@ -0,0 +1,33 @@ +# +# capitalize.rb +# + +module Puppet::Parser::Functions + newfunction(:capitalize, :type => :rvalue, :doc => <<-EOS + Capitalizes the first letter of a string or array of strings. + Requires either a single string or an array as an input. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "capitalize(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'capitalize(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.capitalize : i } + else + result = value.capitalize + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/ceiling.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/ceiling.rb new file mode 100644 index 000000000..5f3b10b89 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/ceiling.rb @@ -0,0 +1,25 @@ +module Puppet::Parser::Functions + newfunction(:ceiling, :type => :rvalue, :doc => <<-EOS + Returns the smallest integer greater or equal to the argument. + Takes a single numeric value as an argument. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "ceiling(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + begin + arg = Float(arguments[0]) + rescue TypeError, ArgumentError => e + raise(Puppet::ParseError, "ceiling(): Wrong argument type " + + "given (#{arguments[0]} for Numeric)") + end + + raise(Puppet::ParseError, "ceiling(): Wrong argument type " + + "given (#{arg.class} for Numeric)") if arg.is_a?(Numeric) == false + + arg.ceil + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/chomp.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/chomp.rb new file mode 100644 index 000000000..c55841e3c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/chomp.rb @@ -0,0 +1,34 @@ +# +# chomp.rb +# + +module Puppet::Parser::Functions + newfunction(:chomp, :type => :rvalue, :doc => <<-'EOS' + Removes the record separator from the end of a string or an array of + strings, for example `hello\n` becomes `hello`. + Requires a single string or array as an input. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "chomp(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'chomp(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.chomp : i } + else + result = value.chomp + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/chop.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/chop.rb new file mode 100644 index 000000000..b24ab7856 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/chop.rb @@ -0,0 +1,36 @@ +# +# chop.rb +# + +module Puppet::Parser::Functions + newfunction(:chop, :type => :rvalue, :doc => <<-'EOS' + Returns a new string with the last character removed. If the string ends + with `\r\n`, both characters are removed. Applying chop to an empty + string returns an empty string. If you wish to merely remove record + separators then you should use the `chomp` function. + Requires a string or array of strings as input. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "chop(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'chop(): Requires either an ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.chop : i } + else + result = value.chop + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/concat.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/concat.rb new file mode 100644 index 000000000..618e62d49 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/concat.rb @@ -0,0 +1,41 @@ +# +# concat.rb +# + +module Puppet::Parser::Functions + newfunction(:concat, :type => :rvalue, :doc => <<-EOS +Appends the contents of multiple arrays into array 1. + +*Example:* + + concat(['1','2','3'],['4','5','6'],['7','8','9']) + +Would result in: + + ['1','2','3','4','5','6','7','8','9'] + EOS + ) do |arguments| + + # Check that more than 2 arguments have been given ... + raise(Puppet::ParseError, "concat(): Wrong number of arguments " + + "given (#{arguments.size} for < 2)") if arguments.size < 2 + + a = arguments[0] + + # Check that the first parameter is an array + unless a.is_a?(Array) + raise(Puppet::ParseError, 'concat(): Requires array to work with') + end + + result = a + arguments.shift + + arguments.each do |x| + result = result + Array(x) + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/convert_base.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/convert_base.rb new file mode 100644 index 000000000..0fcbafeaf --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/convert_base.rb @@ -0,0 +1,35 @@ +module Puppet::Parser::Functions + + newfunction(:convert_base, :type => :rvalue, :arity => 2, :doc => <<-'ENDHEREDOC') do |args| + + Converts a given integer or base 10 string representing an integer to a specified base, as a string. + + Usage: + + $binary_repr = convert_base(5, 2) # $binary_repr is now set to "101" + $hex_repr = convert_base("254", "16") # $hex_repr is now set to "fe" + + ENDHEREDOC + + raise Puppet::ParseError, ("convert_base(): First argument must be either a string or an integer") unless (args[0].is_a?(Integer) or args[0].is_a?(String)) + raise Puppet::ParseError, ("convert_base(): Second argument must be either a string or an integer") unless (args[1].is_a?(Integer) or args[1].is_a?(String)) + + if args[0].is_a?(String) + raise Puppet::ParseError, ("convert_base(): First argument must be an integer or a string corresponding to an integer in base 10") unless args[0] =~ /^[0-9]+$/ + end + + if args[1].is_a?(String) + raise Puppet::ParseError, ("convert_base(): First argument must be an integer or a string corresponding to an integer in base 10") unless args[1] =~ /^[0-9]+$/ + end + + number_to_convert = args[0] + new_base = args[1] + + number_to_convert = number_to_convert.to_i() + new_base = new_base.to_i() + + raise Puppet::ParseError, ("convert_base(): base must be at least 2 and must not be greater than 36") unless new_base >= 2 and new_base <= 36 + + return number_to_convert.to_s(new_base) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/count.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/count.rb new file mode 100644 index 000000000..52de1b8a5 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/count.rb @@ -0,0 +1,22 @@ +module Puppet::Parser::Functions + newfunction(:count, :type => :rvalue, :arity => -2, :doc => <<-EOS +Takes an array as first argument and an optional second argument. +Count the number of elements in array that matches second argument. +If called with only an array it counts the number of elements that are not nil/undef. + EOS + ) do |args| + + if (args.size > 2) then + raise(ArgumentError, "count(): Wrong number of arguments "+ + "given #{args.size} for 1 or 2.") + end + + collection, item = args + + if item then + collection.count item + else + collection.count { |obj| obj != nil && obj != :undef && obj != '' } + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/deep_merge.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/deep_merge.rb new file mode 100644 index 000000000..6df32e9c5 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/deep_merge.rb @@ -0,0 +1,44 @@ +module Puppet::Parser::Functions + newfunction(:deep_merge, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Recursively merges two or more hashes together and returns the resulting hash. + + For example: + + $hash1 = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } + $hash2 = {'two' => 'dos', 'three' => { 'five' => 5 } } + $merged_hash = deep_merge($hash1, $hash2) + # The resulting hash is equivalent to: + # $merged_hash = { 'one' => 1, 'two' => 'dos', 'three' => { 'four' => 4, 'five' => 5 } } + + When there is a duplicate key that is a hash, they are recursively merged. + When there is a duplicate key that is not a hash, the key in the rightmost hash will "win." + + ENDHEREDOC + + if args.length < 2 + raise Puppet::ParseError, ("deep_merge(): wrong number of arguments (#{args.length}; must be at least 2)") + end + + deep_merge = Proc.new do |hash1,hash2| + hash1.merge(hash2) do |key,old_value,new_value| + if old_value.is_a?(Hash) && new_value.is_a?(Hash) + deep_merge.call(old_value, new_value) + else + new_value + end + end + end + + result = Hash.new + args.each do |arg| + next if arg.is_a? String and arg.empty? # empty string is synonym for puppet's undef + # If the argument was not a hash, skip it. + unless arg.is_a?(Hash) + raise Puppet::ParseError, "deep_merge: unexpected argument type #{arg.class}, only expects hash arguments" + end + + result = deep_merge.call(result, arg) + end + return( result ) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/defined_with_params.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/defined_with_params.rb new file mode 100644 index 000000000..d7df306c7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/defined_with_params.rb @@ -0,0 +1,35 @@ +# Test whether a given class or definition is defined +require 'puppet/parser/functions' + +Puppet::Parser::Functions.newfunction(:defined_with_params, + :type => :rvalue, + :doc => <<-'ENDOFDOC' +Takes a resource reference and an optional hash of attributes. + +Returns true if a resource with the specified attributes has already been added +to the catalog, and false otherwise. + + user { 'dan': + ensure => present, + } + + if ! defined_with_params(User[dan], {'ensure' => 'present' }) { + user { 'dan': ensure => present, } + } +ENDOFDOC +) do |vals| + reference, params = vals + raise(ArgumentError, 'Must specify a reference') unless reference + if (! params) || params == '' + params = {} + end + ret = false + if resource = findresource(reference.to_s) + matches = params.collect do |key, value| + resource[key] == value + end + ret = params.empty? || !matches.include?(false) + end + Puppet.debug("Resource #{reference} was not determined to be defined") + ret +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/delete.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete.rb new file mode 100644 index 000000000..f548b4444 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete.rb @@ -0,0 +1,49 @@ +# +# delete.rb +# + +# TODO(Krzysztof Wilczynski): We need to add support for regular expression ... + +module Puppet::Parser::Functions + newfunction(:delete, :type => :rvalue, :doc => <<-EOS +Deletes all instances of a given element from an array, substring from a +string, or key from a hash. + +*Examples:* + + delete(['a','b','c','b'], 'b') + Would return: ['a','c'] + + delete({'a'=>1,'b'=>2,'c'=>3}, 'b') + Would return: {'a'=>1,'c'=>3} + + delete({'a'=>1,'b'=>2,'c'=>3}, ['b','c']) + Would return: {'a'=>1} + + delete('abracadabra', 'bra') + Would return: 'acada' + EOS + ) do |arguments| + + if (arguments.size != 2) then + raise(Puppet::ParseError, "delete(): Wrong number of arguments "+ + "given #{arguments.size} for 2.") + end + + collection = arguments[0].dup + Array(arguments[1]).each do |item| + case collection + when Array, Hash + collection.delete item + when String + collection.gsub! item, '' + else + raise(TypeError, "delete(): First argument must be an Array, " + + "String, or Hash. Given an argument of class #{collection.class}.") + end + end + collection + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_at.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_at.rb new file mode 100644 index 000000000..3eb4b5375 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_at.rb @@ -0,0 +1,49 @@ +# +# delete_at.rb +# + +module Puppet::Parser::Functions + newfunction(:delete_at, :type => :rvalue, :doc => <<-EOS +Deletes a determined indexed value from an array. + +*Examples:* + + delete_at(['a','b','c'], 1) + +Would return: ['a','c'] + EOS + ) do |arguments| + + raise(Puppet::ParseError, "delete_at(): Wrong number of arguments " + + "given (#{arguments.size} for 2)") if arguments.size < 2 + + array = arguments[0] + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'delete_at(): Requires array to work with') + end + + index = arguments[1] + + if index.is_a?(String) and not index.match(/^\d+$/) + raise(Puppet::ParseError, 'delete_at(): You must provide ' + + 'non-negative numeric index') + end + + result = array.clone + + # Numbers in Puppet are often string-encoded which is troublesome ... + index = index.to_i + + if index > result.size - 1 # First element is at index 0 is it not? + raise(Puppet::ParseError, 'delete_at(): Given index ' + + 'exceeds size of array given') + end + + result.delete_at(index) # We ignore the element that got deleted ... + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_undef_values.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_undef_values.rb new file mode 100644 index 000000000..f94d4da8d --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_undef_values.rb @@ -0,0 +1,34 @@ +module Puppet::Parser::Functions + newfunction(:delete_undef_values, :type => :rvalue, :doc => <<-EOS +Returns a copy of input hash or array with all undefs deleted. + +*Examples:* + + $hash = delete_undef_values({a=>'A', b=>'', c=>undef, d => false}) + +Would return: {a => 'A', b => '', d => false} + + $array = delete_undef_values(['A','',undef,false]) + +Would return: ['A','',false] + + EOS + ) do |args| + + raise(Puppet::ParseError, + "delete_undef_values(): Wrong number of arguments given " + + "(#{args.size})") if args.size < 1 + + unless args[0].is_a? Array or args[0].is_a? Hash + raise(Puppet::ParseError, + "delete_undef_values(): expected an array or hash, got #{args[0]} type #{args[0].class} ") + end + result = args[0].dup + if result.is_a?(Hash) + result.delete_if {|key, val| val.equal? :undef} + elsif result.is_a?(Array) + result.delete :undef + end + result + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_values.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_values.rb new file mode 100644 index 000000000..f6c8c0e6b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/delete_values.rb @@ -0,0 +1,26 @@ +module Puppet::Parser::Functions + newfunction(:delete_values, :type => :rvalue, :doc => <<-EOS +Deletes all instances of a given value from a hash. + +*Examples:* + + delete_values({'a'=>'A','b'=>'B','c'=>'C','B'=>'D'}, 'B') + +Would return: {'a'=>'A','c'=>'C','B'=>'D'} + + EOS + ) do |arguments| + + raise(Puppet::ParseError, + "delete_values(): Wrong number of arguments given " + + "(#{arguments.size} of 2)") if arguments.size != 2 + + hash, item = arguments + + if not hash.is_a?(Hash) + raise(TypeError, "delete_values(): First argument must be a Hash. " + \ + "Given an argument of class #{hash.class}.") + end + hash.dup.delete_if { |key, val| item == val } + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/difference.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/difference.rb new file mode 100644 index 000000000..cd258f751 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/difference.rb @@ -0,0 +1,36 @@ +# +# difference.rb +# + +module Puppet::Parser::Functions + newfunction(:difference, :type => :rvalue, :doc => <<-EOS +This function returns the difference between two arrays. +The returned array is a copy of the original array, removing any items that +also appear in the second array. + +*Examples:* + + difference(["a","b","c"],["b","c","d"]) + +Would return: ["a"] + EOS + ) do |arguments| + + # Two arguments are required + raise(Puppet::ParseError, "difference(): Wrong number of arguments " + + "given (#{arguments.size} for 2)") if arguments.size != 2 + + first = arguments[0] + second = arguments[1] + + unless first.is_a?(Array) && second.is_a?(Array) + raise(Puppet::ParseError, 'difference(): Requires 2 arrays') + end + + result = first - second + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/dirname.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/dirname.rb new file mode 100644 index 000000000..40b300d89 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/dirname.rb @@ -0,0 +1,21 @@ +module Puppet::Parser::Functions + newfunction(:dirname, :type => :rvalue, :doc => <<-EOS + Returns the dirname of a path. + EOS + ) do |arguments| + + if arguments.size < 1 then + raise(Puppet::ParseError, "dirname(): No arguments given") + end + if arguments.size > 1 then + raise(Puppet::ParseError, "dirname(): Too many arguments given (#{arguments.size})") + end + unless arguments[0].is_a?(String) + raise(Puppet::ParseError, 'dirname(): Requires string as argument') + end + + return File.dirname(arguments[0]) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/dos2unix.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/dos2unix.rb new file mode 100644 index 000000000..ccac89933 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/dos2unix.rb @@ -0,0 +1,15 @@ +# Custom Puppet function to convert dos to unix format +module Puppet::Parser::Functions + newfunction(:dos2unix, :type => :rvalue, :arity => 1, :doc => <<-EOS + Returns the Unix version of the given string. + Takes a single string argument. + EOS + ) do |arguments| + + unless arguments[0].is_a?(String) + raise(Puppet::ParseError, 'dos2unix(): Requires string as argument') + end + + arguments[0].gsub(/\r\n/, "\n") + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/downcase.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/downcase.rb new file mode 100644 index 000000000..040b84f56 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/downcase.rb @@ -0,0 +1,32 @@ +# +# downcase.rb +# + +module Puppet::Parser::Functions + newfunction(:downcase, :type => :rvalue, :doc => <<-EOS +Converts the case of a string or all strings in an array to lower case. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "downcase(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'downcase(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.downcase : i } + else + result = value.downcase + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/empty.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/empty.rb new file mode 100644 index 000000000..b5a3cdea4 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/empty.rb @@ -0,0 +1,31 @@ +# +# empty.rb +# + +module Puppet::Parser::Functions + newfunction(:empty, :type => :rvalue, :doc => <<-EOS +Returns true if the variable is empty. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "empty(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(Hash) || value.is_a?(String) || value.is_a?(Numeric) + raise(Puppet::ParseError, 'empty(): Requires either ' + + 'array, hash, string or integer to work with') + end + + if value.is_a?(Numeric) + return false + else + result = value.empty? + + return result + end + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_packages.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_packages.rb new file mode 100644 index 000000000..f1da4aaaa --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_packages.rb @@ -0,0 +1,35 @@ +# +# ensure_packages.rb +# + +module Puppet::Parser::Functions + newfunction(:ensure_packages, :type => :statement, :doc => <<-EOS +Takes a list of packages and only installs them if they don't already exist. +It optionally takes a hash as a second parameter that will be passed as the +third argument to the ensure_resource() function. + EOS + ) do |arguments| + + if arguments.size > 2 or arguments.size == 0 + raise(Puppet::ParseError, "ensure_packages(): Wrong number of arguments " + + "given (#{arguments.size} for 1 or 2)") + elsif arguments.size == 2 and !arguments[1].is_a?(Hash) + raise(Puppet::ParseError, 'ensure_packages(): Requires second argument to be a Hash') + end + + packages = Array(arguments[0]) + + if arguments[1] + defaults = { 'ensure' => 'present' }.merge(arguments[1]) + else + defaults = { 'ensure' => 'present' } + end + + Puppet::Parser::Functions.function(:ensure_resource) + packages.each { |package_name| + function_ensure_resource(['package', package_name, defaults ]) + } + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_resource.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_resource.rb new file mode 100644 index 000000000..1ba6a4478 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/ensure_resource.rb @@ -0,0 +1,46 @@ +# Test whether a given class or definition is defined +require 'puppet/parser/functions' + +Puppet::Parser::Functions.newfunction(:ensure_resource, + :type => :statement, + :doc => <<-'ENDOFDOC' +Takes a resource type, title, and a list of attributes that describe a +resource. + + user { 'dan': + ensure => present, + } + +This example only creates the resource if it does not already exist: + + ensure_resource('user', 'dan', {'ensure' => 'present' }) + +If the resource already exists but does not match the specified parameters, +this function will attempt to recreate the resource leading to a duplicate +resource definition error. + +An array of resources can also be passed in and each will be created with +the type and parameters specified if it doesn't already exist. + + ensure_resource('user', ['dan','alex'], {'ensure' => 'present'}) + +ENDOFDOC +) do |vals| + type, title, params = vals + raise(ArgumentError, 'Must specify a type') unless type + raise(ArgumentError, 'Must specify a title') unless title + params ||= {} + + items = [title].flatten + + items.each do |item| + Puppet::Parser::Functions.function(:defined_with_params) + if function_defined_with_params(["#{type}[#{item}]", params]) + Puppet.debug("Resource #{type}[#{item}] with params #{params} not created because it already exists") + else + Puppet.debug("Create new resource #{type}[#{item}] with params #{params}") + Puppet::Parser::Functions.function(:create_resources) + function_create_resources([type.capitalize, { item => params }]) + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/flatten.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/flatten.rb new file mode 100644 index 000000000..a1ed18329 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/flatten.rb @@ -0,0 +1,33 @@ +# +# flatten.rb +# + +module Puppet::Parser::Functions + newfunction(:flatten, :type => :rvalue, :doc => <<-EOS +This function flattens any deeply nested arrays and returns a single flat array +as a result. + +*Examples:* + + flatten(['a', ['b', ['c']]]) + +Would return: ['a','b','c'] + EOS + ) do |arguments| + + raise(Puppet::ParseError, "flatten(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + array = arguments[0] + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'flatten(): Requires array to work with') + end + + result = array.flatten + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/floor.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/floor.rb new file mode 100644 index 000000000..9a6f014d7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/floor.rb @@ -0,0 +1,25 @@ +module Puppet::Parser::Functions + newfunction(:floor, :type => :rvalue, :doc => <<-EOS + Returns the largest integer less or equal to the argument. + Takes a single numeric value as an argument. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "floor(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + begin + arg = Float(arguments[0]) + rescue TypeError, ArgumentError => e + raise(Puppet::ParseError, "floor(): Wrong argument type " + + "given (#{arguments[0]} for Numeric)") + end + + raise(Puppet::ParseError, "floor(): Wrong argument type " + + "given (#{arg.class} for Numeric)") if arg.is_a?(Numeric) == false + + arg.floor + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rand_string.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rand_string.rb new file mode 100644 index 000000000..2bb1287e0 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rand_string.rb @@ -0,0 +1,34 @@ +Puppet::Parser::Functions::newfunction( + :fqdn_rand_string, + :arity => -2, + :type => :rvalue, + :doc => "Usage: `fqdn_rand_string(LENGTH, [CHARSET], [SEED])`. LENGTH is + required and must be a positive integer. CHARSET is optional and may be + `undef` or a string. SEED is optional and may be any number or string. + + Generates a random string LENGTH characters long using the character set + provided by CHARSET, combining the `$fqdn` fact and the value of SEED for + repeatable randomness. (That is, each node will get a different random + string from this function, but a given node's result will be the same every + time unless its hostname changes.) Adding a SEED can be useful if you need + more than one unrelated string. CHARSET will default to alphanumeric if + `undef` or an empty string.") do |args| + raise(ArgumentError, "fqdn_rand_string(): wrong number of arguments (0 for 1)") if args.size == 0 + Puppet::Parser::Functions.function('is_integer') + raise(ArgumentError, "fqdn_rand_string(): first argument must be a positive integer") unless function_is_integer([args[0]]) and args[0].to_i > 0 + raise(ArgumentError, "fqdn_rand_string(): second argument must be undef or a string") unless args[1].nil? or args[1].is_a? String + + Puppet::Parser::Functions.function('fqdn_rand') + + length = args.shift.to_i + charset = args.shift.to_s.chars.to_a + + charset = (0..9).map { |i| i.to_s } + ('A'..'Z').to_a + ('a'..'z').to_a if charset.empty? + + rand_string = '' + for current in 1..length + rand_string << charset[function_fqdn_rand([charset.size, (args + [current.to_s]).join(':')]).to_i] + end + + rand_string +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb new file mode 100644 index 000000000..b66431d1e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb @@ -0,0 +1,63 @@ +# +# fqdn_rotate.rb +# + +Puppet::Parser::Functions.newfunction( + :fqdn_rotate, + :type => :rvalue, + :doc => "Usage: `fqdn_rotate(VALUE, [SEED])`. VALUE is required and + must be an array or a string. SEED is optional and may be any number + or string. + + Rotates VALUE a random number of times, combining the `$fqdn` fact and + the value of SEED for repeatable randomness. (That is, each node will + get a different random rotation from this function, but a given node's + result will be the same every time unless its hostname changes.) Adding + a SEED can be useful if you need more than one unrelated rotation.") do |args| + + raise(Puppet::ParseError, "fqdn_rotate(): Wrong number of arguments " + + "given (#{args.size} for 1)") if args.size < 1 + + value = args.shift + require 'digest/md5' + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'fqdn_rotate(): Requires either ' + + 'array or string to work with') + end + + result = value.clone + + string = value.is_a?(String) ? true : false + + # Check whether it makes sense to rotate ... + return result if result.size <= 1 + + # We turn any string value into an array to be able to rotate ... + result = string ? result.split('') : result + + elements = result.size + + seed = Digest::MD5.hexdigest([lookupvar('::fqdn'),args].join(':')).hex + # deterministic_rand() was added in Puppet 3.2.0; reimplement if necessary + if Puppet::Util.respond_to?(:deterministic_rand) + offset = Puppet::Util.deterministic_rand(seed, elements).to_i + else + if defined?(Random) == 'constant' && Random.class == Class + offset = Random.new(seed).rand(elements) + else + old_seed = srand(seed) + offset = rand(elements) + srand(old_seed) + end + end + offset.times { + result.push result.shift + } + + result = string ? result.join : result + + return result +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/get_module_path.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/get_module_path.rb new file mode 100644 index 000000000..1421b91f5 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/get_module_path.rb @@ -0,0 +1,17 @@ +module Puppet::Parser::Functions + newfunction(:get_module_path, :type =>:rvalue, :doc => <<-EOT + Returns the absolute path of the specified module for the current + environment. + + Example: + $module_path = get_module_path('stdlib') + EOT + ) do |args| + raise(Puppet::ParseError, "get_module_path(): Wrong number of arguments, expects one") unless args.size == 1 + if module_path = Puppet::Module.find(args[0], compiler.environment.to_s) + module_path.path + else + raise(Puppet::ParseError, "Could not find module #{args[0]} in environment #{compiler.environment}") + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/getparam.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/getparam.rb new file mode 100644 index 000000000..6d510069f --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/getparam.rb @@ -0,0 +1,35 @@ +# Test whether a given class or definition is defined +require 'puppet/parser/functions' + +Puppet::Parser::Functions.newfunction(:getparam, + :type => :rvalue, + :doc => <<-'ENDOFDOC' +Takes a resource reference and name of the parameter and +returns value of resource's parameter. + +*Examples:* + + define example_resource($param) { + } + + example_resource { "example_resource_instance": + param => "param_value" + } + + getparam(Example_resource["example_resource_instance"], "param") + +Would return: param_value +ENDOFDOC +) do |vals| + reference, param = vals + raise(ArgumentError, 'Must specify a reference') unless reference + raise(ArgumentError, 'Must specify name of a parameter') unless param and param.instance_of? String + + return '' if param.empty? + + if resource = findresource(reference.to_s) + return resource[param] if resource[param] + end + + return '' +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/getvar.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/getvar.rb new file mode 100644 index 000000000..ae9c869d1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/getvar.rb @@ -0,0 +1,31 @@ +module Puppet::Parser::Functions + + newfunction(:getvar, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Lookup a variable in a remote namespace. + + For example: + + $foo = getvar('site::data::foo') + # Equivalent to $foo = $site::data::foo + + This is useful if the namespace itself is stored in a string: + + $datalocation = 'site::data' + $bar = getvar("${datalocation}::bar") + # Equivalent to $bar = $site::data::bar + ENDHEREDOC + + unless args.length == 1 + raise Puppet::ParseError, ("getvar(): wrong number of arguments (#{args.length}; must be 1)") + end + + begin + catch(:undefined_variable) do + self.lookupvar("#{args[0]}") + end + rescue Puppet::ParseError # Eat the exception if strict_variables = true is set + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/grep.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/grep.rb new file mode 100644 index 000000000..ceba9ecc8 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/grep.rb @@ -0,0 +1,33 @@ +# +# grep.rb +# + +module Puppet::Parser::Functions + newfunction(:grep, :type => :rvalue, :doc => <<-EOS +This function searches through an array and returns any elements that match +the provided regular expression. + +*Examples:* + + grep(['aaa','bbb','ccc','aaaddd'], 'aaa') + +Would return: + + ['aaa','aaaddd'] + EOS + ) do |arguments| + + if (arguments.size != 2) then + raise(Puppet::ParseError, "grep(): Wrong number of arguments "+ + "given #{arguments.size} for 2") + end + + a = arguments[0] + pattern = Regexp.new(arguments[1]) + + a.grep(pattern) + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/has_interface_with.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_interface_with.rb new file mode 100644 index 000000000..e7627982d --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_interface_with.rb @@ -0,0 +1,71 @@ +# +# has_interface_with +# + +module Puppet::Parser::Functions + newfunction(:has_interface_with, :type => :rvalue, :doc => <<-EOS +Returns boolean based on kind and value: + * macaddress + * netmask + * ipaddress + * network + +has_interface_with("macaddress", "x:x:x:x:x:x") +has_interface_with("ipaddress", "127.0.0.1") => true +etc. + +If no "kind" is given, then the presence of the interface is checked: +has_interface_with("lo") => true + EOS + ) do |args| + + raise(Puppet::ParseError, "has_interface_with(): Wrong number of arguments " + + "given (#{args.size} for 1 or 2)") if args.size < 1 or args.size > 2 + + interfaces = lookupvar('interfaces') + + # If we do not have any interfaces, then there are no requested attributes + return false if (interfaces == :undefined || interfaces.nil?) + + interfaces = interfaces.split(',') + + if args.size == 1 + return interfaces.member?(args[0]) + end + + kind, value = args + + # Bug with 3.7.1 - 3.7.3 when using future parser throws :undefined_variable + # https://tickets.puppetlabs.com/browse/PUP-3597 + factval = nil + begin + catch :undefined_variable do + factval = lookupvar(kind) + end + rescue Puppet::ParseError # Eat the exception if strict_variables = true is set + end + if factval == value + return true + end + + result = false + interfaces.each do |iface| + iface.downcase! + factval = nil + begin + # Bug with 3.7.1 - 3.7.3 when using future parser throws :undefined_variable + # https://tickets.puppetlabs.com/browse/PUP-3597 + catch :undefined_variable do + factval = lookupvar("#{kind}_#{iface}") + end + rescue Puppet::ParseError # Eat the exception if strict_variables = true is set + end + if value == factval + result = true + break + end + end + + result + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_address.rb new file mode 100644 index 000000000..842c8ec67 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_address.rb @@ -0,0 +1,25 @@ +# +# has_ip_address +# + +module Puppet::Parser::Functions + newfunction(:has_ip_address, :type => :rvalue, :doc => <<-EOS +Returns true if the client has the requested IP address on some interface. + +This function iterates through the 'interfaces' fact and checks the +'ipaddress_IFACE' facts, performing a simple string comparison. + EOS + ) do |args| + + raise(Puppet::ParseError, "has_ip_address(): Wrong number of arguments " + + "given (#{args.size} for 1)") if args.size != 1 + + Puppet::Parser::Functions.autoloader.load(:has_interface_with) \ + unless Puppet::Parser::Functions.autoloader.loaded?(:has_interface_with) + + function_has_interface_with(['ipaddress', args[0]]) + + end +end + +# vim:sts=2 sw=2 diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_network.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_network.rb new file mode 100644 index 000000000..9ccf9024f --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_ip_network.rb @@ -0,0 +1,25 @@ +# +# has_ip_network +# + +module Puppet::Parser::Functions + newfunction(:has_ip_network, :type => :rvalue, :doc => <<-EOS +Returns true if the client has an IP address within the requested network. + +This function iterates through the 'interfaces' fact and checks the +'network_IFACE' facts, performing a simple string comparision. + EOS + ) do |args| + + raise(Puppet::ParseError, "has_ip_network(): Wrong number of arguments " + + "given (#{args.size} for 1)") if args.size != 1 + + Puppet::Parser::Functions.autoloader.load(:has_interface_with) \ + unless Puppet::Parser::Functions.autoloader.loaded?(:has_interface_with) + + function_has_interface_with(['network', args[0]]) + + end +end + +# vim:sts=2 sw=2 diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/has_key.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_key.rb new file mode 100644 index 000000000..4657cc29c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/has_key.rb @@ -0,0 +1,28 @@ +module Puppet::Parser::Functions + + newfunction(:has_key, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Determine if a hash has a certain key value. + + Example: + + $my_hash = {'key_one' => 'value_one'} + if has_key($my_hash, 'key_two') { + notice('we will not reach here') + } + if has_key($my_hash, 'key_one') { + notice('this will be printed') + } + + ENDHEREDOC + + unless args.length == 2 + raise Puppet::ParseError, ("has_key(): wrong number of arguments (#{args.length}; must be 2)") + end + unless args[0].is_a?(Hash) + raise Puppet::ParseError, "has_key(): expects the first argument to be a hash, got #{args[0].inspect} which is of type #{args[0].class}" + end + args[0].has_key?(args[1]) + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/hash.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/hash.rb new file mode 100644 index 000000000..8cc4823be --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/hash.rb @@ -0,0 +1,41 @@ +# +# hash.rb +# + +module Puppet::Parser::Functions + newfunction(:hash, :type => :rvalue, :doc => <<-EOS +This function converts an array into a hash. + +*Examples:* + + hash(['a',1,'b',2,'c',3]) + +Would return: {'a'=>1,'b'=>2,'c'=>3} + EOS + ) do |arguments| + + raise(Puppet::ParseError, "hash(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + array = arguments[0] + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'hash(): Requires array to work with') + end + + result = {} + + begin + # This is to make it compatible with older version of Ruby ... + array = array.flatten + result = Hash[*array] + rescue Exception + raise(Puppet::ParseError, 'hash(): Unable to compute ' + + 'hash from array given') + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/intersection.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/intersection.rb new file mode 100644 index 000000000..bfbb4babb --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/intersection.rb @@ -0,0 +1,34 @@ +# +# intersection.rb +# + +module Puppet::Parser::Functions + newfunction(:intersection, :type => :rvalue, :doc => <<-EOS +This function returns an array of the intersection of two. + +*Examples:* + + intersection(["a","b","c"],["b","c","d"]) # returns ["b","c"] + intersection(["a","b","c"],[1,2,3,4]) # returns [] (true, when evaluated as a Boolean) + + EOS + ) do |arguments| + + # Two arguments are required + raise(Puppet::ParseError, "intersection(): Wrong number of arguments " + + "given (#{arguments.size} for 2)") if arguments.size != 2 + + first = arguments[0] + second = arguments[1] + + unless first.is_a?(Array) && second.is_a?(Array) + raise(Puppet::ParseError, 'intersection(): Requires 2 arrays') + end + + result = first & second + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_absolute_path.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_absolute_path.rb new file mode 100644 index 000000000..53a544507 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_absolute_path.rb @@ -0,0 +1,50 @@ +module Puppet::Parser::Functions + newfunction(:is_absolute_path, :type => :rvalue, :arity => 1, :doc => <<-'ENDHEREDOC') do |args| + Returns boolean true if the string represents an absolute path in the filesystem. This function works + for windows and unix style paths. + + The following values will return true: + + $my_path = 'C:/Program Files (x86)/Puppet Labs/Puppet' + is_absolute_path($my_path) + $my_path2 = '/var/lib/puppet' + is_absolute_path($my_path2) + $my_path3 = ['C:/Program Files (x86)/Puppet Labs/Puppet'] + is_absolute_path($my_path3) + $my_path4 = ['/var/lib/puppet'] + is_absolute_path($my_path4) + + The following values will return false: + + is_absolute_path(true) + is_absolute_path('../var/lib/puppet') + is_absolute_path('var/lib/puppet') + $undefined = undef + is_absolute_path($undefined) + + ENDHEREDOC + + require 'puppet/util' + + path = args[0] + # This logic was borrowed from + # [lib/puppet/file_serving/base.rb](https://github.com/puppetlabs/puppet/blob/master/lib/puppet/file_serving/base.rb) + # Puppet 2.7 and beyond will have Puppet::Util.absolute_path? Fall back to a back-ported implementation otherwise. + if Puppet::Util.respond_to?(:absolute_path?) then + value = (Puppet::Util.absolute_path?(path, :posix) or Puppet::Util.absolute_path?(path, :windows)) + else + # This code back-ported from 2.7.x's lib/puppet/util.rb Puppet::Util.absolute_path? + # Determine in a platform-specific way whether a path is absolute. This + # defaults to the local platform if none is specified. + # Escape once for the string literal, and once for the regex. + slash = '[\\\\/]' + name = '[^\\\\/]+' + regexes = { + :windows => %r!^(([A-Z]:#{slash})|(#{slash}#{slash}#{name}#{slash}#{name})|(#{slash}#{slash}\?#{slash}#{name}))!i, + :posix => %r!^/! + } + value = (!!(path =~ regexes[:posix])) || (!!(path =~ regexes[:windows])) + end + value + end +end \ No newline at end of file diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_array.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_array.rb new file mode 100644 index 000000000..b39e184ae --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_array.rb @@ -0,0 +1,22 @@ +# +# is_array.rb +# + +module Puppet::Parser::Functions + newfunction(:is_array, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is an array. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "is_array(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + type = arguments[0] + + result = type.is_a?(Array) + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_bool.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_bool.rb new file mode 100644 index 000000000..8bbdbc8a1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_bool.rb @@ -0,0 +1,22 @@ +# +# is_bool.rb +# + +module Puppet::Parser::Functions + newfunction(:is_bool, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is a boolean. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "is_bool(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + type = arguments[0] + + result = type.is_a?(TrueClass) || type.is_a?(FalseClass) + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_domain_name.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_domain_name.rb new file mode 100644 index 000000000..90ede3272 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_domain_name.rb @@ -0,0 +1,54 @@ +# +# is_domain_name.rb +# + +module Puppet::Parser::Functions + newfunction(:is_domain_name, :type => :rvalue, :doc => <<-EOS +Returns true if the string passed to this function is a syntactically correct domain name. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_domain_name(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + # Only allow string types + return false unless arguments[0].is_a?(String) + + domain = arguments[0].dup + + # Limits (rfc1035, 3.1) + domain_max_length=255 + label_min_length=1 + label_max_length=63 + + # Allow ".", it is the top level domain + return true if domain == '.' + + # Remove the final dot, if present. + domain.chomp!('.') + + # Check the whole domain + return false if domain.empty? + return false if domain.length > domain_max_length + + # The top level domain must be alphabetic if there are multiple labels. + # See rfc1123, 2.1 + return false if domain.include? '.' and not /\.[A-Za-z]+$/.match(domain) + + # Check each label in the domain + labels = domain.split('.') + vlabels = labels.each do |label| + break if label.length < label_min_length + break if label.length > label_max_length + break if label[-1..-1] == '-' + break if label[0..0] == '-' + break unless /^[a-z\d-]+$/i.match(label) + end + return vlabels == labels + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_float.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_float.rb new file mode 100644 index 000000000..a2da94385 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_float.rb @@ -0,0 +1,30 @@ +# +# is_float.rb +# + +module Puppet::Parser::Functions + newfunction(:is_float, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is a float. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_float(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + value = arguments[0] + + # Only allow Numeric or String types + return false unless value.is_a?(Numeric) or value.is_a?(String) + + if value != value.to_f.to_s and !value.is_a? Float then + return false + else + return true + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_function_available.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_function_available.rb new file mode 100644 index 000000000..6da82c8c1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_function_available.rb @@ -0,0 +1,26 @@ +# +# is_function_available.rb +# + +module Puppet::Parser::Functions + newfunction(:is_function_available, :type => :rvalue, :doc => <<-EOS +This function accepts a string as an argument, determines whether the +Puppet runtime has access to a function by that name. It returns a +true if the function exists, false if not. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_function_available?(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + # Only allow String types + return false unless arguments[0].is_a?(String) + + function = Puppet::Parser::Functions.function(arguments[0].to_sym) + function.is_a?(String) and not function.empty? + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_hash.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_hash.rb new file mode 100644 index 000000000..ad907f086 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_hash.rb @@ -0,0 +1,22 @@ +# +# is_hash.rb +# + +module Puppet::Parser::Functions + newfunction(:is_hash, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is a hash. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "is_hash(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + type = arguments[0] + + result = type.is_a?(Hash) + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_integer.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_integer.rb new file mode 100644 index 000000000..c03d28df9 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_integer.rb @@ -0,0 +1,45 @@ +# +# is_integer.rb +# + +module Puppet::Parser::Functions + newfunction(:is_integer, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is an Integer or +a decimal (base 10) integer in String form. The string may +start with a '-' (minus). A value of '0' is allowed, but a leading '0' digit may not +be followed by other digits as this indicates that the value is octal (base 8). + +If given any other argument `false` is returned. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_integer(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + value = arguments[0] + + # Regex is taken from the lexer of puppet + # puppet/pops/parser/lexer.rb but modified to match also + # negative values and disallow numbers prefixed with multiple + # 0's + # + # TODO these parameter should be a constant but I'm not sure + # if there is no risk to declare it inside of the module + # Puppet::Parser::Functions + + # Integer numbers like + # -1234568981273 + # 47291 + numeric = %r{^-?(?:(?:[1-9]\d*)|0)$} + + if value.is_a? Integer or (value.is_a? String and value.match numeric) + return true + else + return false + end + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_ip_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_ip_address.rb new file mode 100644 index 000000000..a90adabe1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_ip_address.rb @@ -0,0 +1,32 @@ +# +# is_ip_address.rb +# + +module Puppet::Parser::Functions + newfunction(:is_ip_address, :type => :rvalue, :doc => <<-EOS +Returns true if the string passed to this function is a valid IP address. + EOS + ) do |arguments| + + require 'ipaddr' + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_ip_address(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + begin + ip = IPAddr.new(arguments[0]) + rescue ArgumentError + return false + end + + if ip.ipv4? or ip.ipv6? then + return true + else + return false + end + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_mac_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_mac_address.rb new file mode 100644 index 000000000..2619d44a3 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_mac_address.rb @@ -0,0 +1,27 @@ +# +# is_mac_address.rb +# + +module Puppet::Parser::Functions + newfunction(:is_mac_address, :type => :rvalue, :doc => <<-EOS +Returns true if the string passed to this function is a valid mac address. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_mac_address(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + mac = arguments[0] + + if /^[a-f0-9]{1,2}(:[a-f0-9]{1,2}){5}$/i.match(mac) then + return true + else + return false + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_numeric.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_numeric.rb new file mode 100644 index 000000000..e7e1d2a74 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_numeric.rb @@ -0,0 +1,75 @@ +# +# is_numeric.rb +# + +module Puppet::Parser::Functions + newfunction(:is_numeric, :type => :rvalue, :doc => <<-EOS +Returns true if the given argument is a Numeric (Integer or Float), +or a String containing either a valid integer in decimal base 10 form, or +a valid floating point string representation. + +The function recognizes only decimal (base 10) integers and float but not +integers in hex (base 16) or octal (base 8) form. + +The string representation may start with a '-' (minus). If a decimal '.' is used, +it must be followed by at least one digit. + +Valid examples: + + 77435 + 10e-12 + -8475 + 0.2343 + -23.561e3 + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "is_numeric(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + value = arguments[0] + + # Regex is taken from the lexer of puppet + # puppet/pops/parser/lexer.rb but modified to match also + # negative values and disallow invalid octal numbers or + # numbers prefixed with multiple 0's (except in hex numbers) + # + # TODO these parameters should be constants but I'm not sure + # if there is no risk to declare them inside of the module + # Puppet::Parser::Functions + + # TODO decide if this should be used + # HEX numbers like + # 0xaa230F + # 0X1234009C + # 0x0012 + # -12FcD + #numeric_hex = %r{^-?0[xX][0-9A-Fa-f]+$} + + # TODO decide if this should be used + # OCTAL numbers like + # 01234567 + # -045372 + #numeric_oct = %r{^-?0[1-7][0-7]*$} + + # Integer/Float numbers like + # -0.1234568981273 + # 47291 + # 42.12345e-12 + numeric = %r{^-?(?:(?:[1-9]\d*)|0)(?:\.\d+)?(?:[eE]-?\d+)?$} + + if value.is_a? Numeric or (value.is_a? String and ( + value.match(numeric) #or + # value.match(numeric_hex) or + # value.match(numeric_oct) + )) + return true + else + return false + end + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/is_string.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_string.rb new file mode 100644 index 000000000..f5bef0457 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/is_string.rb @@ -0,0 +1,26 @@ +# +# is_string.rb +# + +module Puppet::Parser::Functions + newfunction(:is_string, :type => :rvalue, :doc => <<-EOS +Returns true if the variable passed to this function is a string. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "is_string(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + type = arguments[0] + + result = type.is_a?(String) + + if result and (type == type.to_f.to_s or type == type.to_i.to_s) then + return false + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/join.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/join.rb new file mode 100644 index 000000000..6c0a6ba02 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/join.rb @@ -0,0 +1,41 @@ +# +# join.rb +# + +module Puppet::Parser::Functions + newfunction(:join, :type => :rvalue, :doc => <<-EOS +This function joins an array into a string using a separator. + +*Examples:* + + join(['a','b','c'], ",") + +Would result in: "a,b,c" + EOS + ) do |arguments| + + # Technically we support two arguments but only first is mandatory ... + raise(Puppet::ParseError, "join(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + array = arguments[0] + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'join(): Requires array to work with') + end + + suffix = arguments[1] if arguments[1] + + if suffix + unless suffix.is_a?(String) + raise(Puppet::ParseError, 'join(): Requires string to work with') + end + end + + result = suffix ? array.join(suffix) : array.join + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/join_keys_to_values.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/join_keys_to_values.rb new file mode 100644 index 000000000..e9924fe2e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/join_keys_to_values.rb @@ -0,0 +1,47 @@ +# +# join.rb +# + +module Puppet::Parser::Functions + newfunction(:join_keys_to_values, :type => :rvalue, :doc => <<-EOS +This function joins each key of a hash to that key's corresponding value with a +separator. Keys and values are cast to strings. The return value is an array in +which each element is one joined key/value pair. + +*Examples:* + + join_keys_to_values({'a'=>1,'b'=>2}, " is ") + +Would result in: ["a is 1","b is 2"] + EOS + ) do |arguments| + + # Validate the number of arguments. + if arguments.size != 2 + raise(Puppet::ParseError, "join_keys_to_values(): Takes exactly two " + + "arguments, but #{arguments.size} given.") + end + + # Validate the first argument. + hash = arguments[0] + if not hash.is_a?(Hash) + raise(TypeError, "join_keys_to_values(): The first argument must be a " + + "hash, but a #{hash.class} was given.") + end + + # Validate the second argument. + separator = arguments[1] + if not separator.is_a?(String) + raise(TypeError, "join_keys_to_values(): The second argument must be a " + + "string, but a #{separator.class} was given.") + end + + # Join the keys to their values. + hash.map do |k,v| + String(k) + separator + String(v) + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/keys.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/keys.rb new file mode 100644 index 000000000..f0d13b647 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/keys.rb @@ -0,0 +1,26 @@ +# +# keys.rb +# + +module Puppet::Parser::Functions + newfunction(:keys, :type => :rvalue, :doc => <<-EOS +Returns the keys of a hash as an array. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "keys(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + hash = arguments[0] + + unless hash.is_a?(Hash) + raise(Puppet::ParseError, 'keys(): Requires hash to work with') + end + + result = hash.keys + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/load_module_metadata.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/load_module_metadata.rb new file mode 100644 index 000000000..c9b84885b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/load_module_metadata.rb @@ -0,0 +1,24 @@ +module Puppet::Parser::Functions + newfunction(:load_module_metadata, :type => :rvalue, :doc => <<-EOT + EOT + ) do |args| + raise(Puppet::ParseError, "load_module_metadata(): Wrong number of arguments, expects one or two") unless [1,2].include?(args.size) + mod = args[0] + allow_empty_metadata = args[1] + module_path = function_get_module_path([mod]) + metadata_json = File.join(module_path, 'metadata.json') + + metadata_exists = File.exists?(metadata_json) + if metadata_exists + metadata = PSON.load(File.read(metadata_json)) + else + if allow_empty_metadata + metadata = {} + else + raise(Puppet::ParseError, "load_module_metadata(): No metadata.json file for module #{mod}") + end + end + + return metadata + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/loadyaml.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/loadyaml.rb new file mode 100644 index 000000000..ca655f6ea --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/loadyaml.rb @@ -0,0 +1,25 @@ +module Puppet::Parser::Functions + + newfunction(:loadyaml, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Load a YAML file containing an array, string, or hash, and return the data + in the corresponding native data type. + + For example: + + $myhash = loadyaml('/etc/puppet/data/myhash.yaml') + ENDHEREDOC + + unless args.length == 1 + raise Puppet::ParseError, ("loadyaml(): wrong number of arguments (#{args.length}; must be 1)") + end + + if File.exists?(args[0]) then + YAML.load_file(args[0]) + else + warning("Can't load " + args[0] + ". File does not exist!") + nil + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/lstrip.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/lstrip.rb new file mode 100644 index 000000000..624e4c846 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/lstrip.rb @@ -0,0 +1,32 @@ +# +# lstrip.rb +# + +module Puppet::Parser::Functions + newfunction(:lstrip, :type => :rvalue, :doc => <<-EOS +Strips leading spaces to the left of a string. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "lstrip(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'lstrip(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.lstrip : i } + else + result = value.lstrip + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/max.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/max.rb new file mode 100644 index 000000000..60fb94ac0 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/max.rb @@ -0,0 +1,21 @@ +module Puppet::Parser::Functions + newfunction(:max, :type => :rvalue, :doc => <<-EOS + Returns the highest value of all arguments. + Requires at least one argument. + EOS + ) do |args| + + raise(Puppet::ParseError, "max(): Wrong number of arguments " + + "need at least one") if args.size == 0 + + # Sometimes we get numbers as numerics and sometimes as strings. + # We try to compare them as numbers when possible + return args.max do |a,b| + if a.to_s =~ /\A-?\d+(.\d+)?\z/ and b.to_s =~ /\A-?\d+(.\d+)?\z/ then + a.to_f <=> b.to_f + else + a.to_s <=> b.to_s + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/member.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/member.rb new file mode 100644 index 000000000..1e5b3def9 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/member.rb @@ -0,0 +1,62 @@ +# +# member.rb +# + +# TODO(Krzysztof Wilczynski): We need to add support for regular expression ... +# TODO(Krzysztof Wilczynski): Support for strings and hashes too ... + +module Puppet::Parser::Functions + newfunction(:member, :type => :rvalue, :doc => <<-EOS +This function determines if a variable is a member of an array. +The variable can be a string, fixnum, or array. + +*Examples:* + + member(['a','b'], 'b') + +Would return: true + + member(['a', 'b', 'c'], ['a', 'b']) + +would return: true + + member(['a','b'], 'c') + +Would return: false + + member(['a', 'b', 'c'], ['d', 'b']) + +would return: false + EOS + ) do |arguments| + + raise(Puppet::ParseError, "member(): Wrong number of arguments " + + "given (#{arguments.size} for 2)") if arguments.size < 2 + + array = arguments[0] + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'member(): Requires array to work with') + end + + unless arguments[1].is_a? String or arguments[1].is_a? Fixnum or arguments[1].is_a? Array + raise(Puppet::ParseError, 'member(): Item to search for must be a string, fixnum, or array') + end + + if arguments[1].is_a? String or arguments[1].is_a? Fixnum + item = [arguments[1]] + else + item = arguments[1] + end + + + raise(Puppet::ParseError, 'member(): You must provide item ' + + 'to search for within array given') if item.respond_to?('empty?') && item.empty? + + result = (item - array).empty? + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/merge.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/merge.rb new file mode 100644 index 000000000..1b39f2060 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/merge.rb @@ -0,0 +1,34 @@ +module Puppet::Parser::Functions + newfunction(:merge, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Merges two or more hashes together and returns the resulting hash. + + For example: + + $hash1 = {'one' => 1, 'two', => 2} + $hash2 = {'two' => 'dos', 'three', => 'tres'} + $merged_hash = merge($hash1, $hash2) + # The resulting hash is equivalent to: + # $merged_hash = {'one' => 1, 'two' => 'dos', 'three' => 'tres'} + + When there is a duplicate key, the key in the rightmost hash will "win." + + ENDHEREDOC + + if args.length < 2 + raise Puppet::ParseError, ("merge(): wrong number of arguments (#{args.length}; must be at least 2)") + end + + # The hash we accumulate into + accumulator = Hash.new + # Merge into the accumulator hash + args.each do |arg| + next if arg.is_a? String and arg.empty? # empty string is synonym for puppet's undef + unless arg.is_a?(Hash) + raise Puppet::ParseError, "merge: unexpected argument type #{arg.class}, only expects hash arguments" + end + accumulator.merge!(arg) + end + # Return the fully merged hash + accumulator + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/min.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/min.rb new file mode 100644 index 000000000..6bd6ebf20 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/min.rb @@ -0,0 +1,21 @@ +module Puppet::Parser::Functions + newfunction(:min, :type => :rvalue, :doc => <<-EOS + Returns the lowest value of all arguments. + Requires at least one argument. + EOS + ) do |args| + + raise(Puppet::ParseError, "min(): Wrong number of arguments " + + "need at least one") if args.size == 0 + + # Sometimes we get numbers as numerics and sometimes as strings. + # We try to compare them as numbers when possible + return args.min do |a,b| + if a.to_s =~ /\A^-?\d+(.\d+)?\z/ and b.to_s =~ /\A-?\d+(.\d+)?\z/ then + a.to_f <=> b.to_f + else + a.to_s <=> b.to_s + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/num2bool.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/num2bool.rb new file mode 100644 index 000000000..af0e6ed78 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/num2bool.rb @@ -0,0 +1,43 @@ +# +# num2bool.rb +# + +module Puppet::Parser::Functions + newfunction(:num2bool, :type => :rvalue, :doc => <<-EOS +This function converts a number or a string representation of a number into a +true boolean. Zero or anything non-numeric becomes false. Numbers higher then 0 +become true. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "num2bool(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + number = arguments[0] + + case number + when Numeric + # Yay, it's a number + when String + begin + number = Float(number) + rescue ArgumentError => ex + raise(Puppet::ParseError, "num2bool(): '#{number}' does not look like a number: #{ex.message}") + end + else + begin + number = number.to_s + rescue NoMethodError => ex + raise(Puppet::ParseError, "num2bool(): Unable to parse argument: #{ex.message}") + end + end + + # Truncate Floats + number = number.to_i + + # Return true for any positive number and false otherwise + return number > 0 + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/parsejson.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/parsejson.rb new file mode 100644 index 000000000..b4af40e7e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/parsejson.rb @@ -0,0 +1,29 @@ +# +# parsejson.rb +# + +module Puppet::Parser::Functions + newfunction(:parsejson, :type => :rvalue, :doc => <<-EOS +This function accepts JSON as a string and converts it into the correct +Puppet structure. + +The optional second argument can be used to pass a default value that will +be returned if the parsing of YAML string have failed. + EOS + ) do |arguments| + raise ArgumentError, 'Wrong number of arguments. 1 or 2 arguments should be provided.' unless arguments.length >= 1 + + begin + PSON::load(arguments[0]) || arguments[1] + rescue Exception => e + if arguments[1] + arguments[1] + else + raise e + end + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/parseyaml.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/parseyaml.rb new file mode 100644 index 000000000..66d04131e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/parseyaml.rb @@ -0,0 +1,30 @@ +# +# parseyaml.rb +# + +module Puppet::Parser::Functions + newfunction(:parseyaml, :type => :rvalue, :doc => <<-EOS +This function accepts YAML as a string and converts it into the correct +Puppet structure. + +The optional second argument can be used to pass a default value that will +be returned if the parsing of YAML string have failed. + EOS + ) do |arguments| + raise ArgumentError, 'Wrong number of arguments. 1 or 2 arguments should be provided.' unless arguments.length >= 1 + require 'yaml' + + begin + YAML::load(arguments[0]) || arguments[1] + rescue Exception => e + if arguments[1] + arguments[1] + else + raise e + end + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/pick.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/pick.rb new file mode 100644 index 000000000..fdd0aefd7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/pick.rb @@ -0,0 +1,29 @@ +module Puppet::Parser::Functions + newfunction(:pick, :type => :rvalue, :doc => <<-EOS + +This function is similar to a coalesce function in SQL in that it will return +the first value in a list of values that is not undefined or an empty string +(two things in Puppet that will return a boolean false value). Typically, +this function is used to check for a value in the Puppet Dashboard/Enterprise +Console, and failover to a default value like the following: + + $real_jenkins_version = pick($::jenkins_version, '1.449') + +The value of $real_jenkins_version will first look for a top-scope variable +called 'jenkins_version' (note that parameters set in the Puppet Dashboard/ +Enterprise Console are brought into Puppet as top-scope variables), and, +failing that, will use a default value of 1.449. + +EOS +) do |args| + args = args.compact + args.delete(:undef) + args.delete(:undefined) + args.delete("") + if args[0].to_s.empty? then + fail Puppet::ParseError, "pick(): must receive at least one non empty value" + else + return args[0] + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/pick_default.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/pick_default.rb new file mode 100644 index 000000000..36e33abfa --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/pick_default.rb @@ -0,0 +1,35 @@ +module Puppet::Parser::Functions + newfunction(:pick_default, :type => :rvalue, :doc => <<-EOS + +This function is similar to a coalesce function in SQL in that it will return +the first value in a list of values that is not undefined or an empty string +(two things in Puppet that will return a boolean false value). If no value is +found, it will return the last argument. + +Typically, this function is used to check for a value in the Puppet +Dashboard/Enterprise Console, and failover to a default value like the +following: + + $real_jenkins_version = pick_default($::jenkins_version, '1.449') + +The value of $real_jenkins_version will first look for a top-scope variable +called 'jenkins_version' (note that parameters set in the Puppet Dashboard/ +Enterprise Console are brought into Puppet as top-scope variables), and, +failing that, will use a default value of 1.449. + +Note that, contrary to the pick() function, the pick_default does not fail if +all arguments are empty. This allows pick_default to use an empty value as +default. + +EOS +) do |args| + fail "Must receive at least one argument." if args.empty? + default = args.last + args = args[0..-2].compact + args.delete(:undef) + args.delete(:undefined) + args.delete("") + args << default + return args[0] + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/prefix.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/prefix.rb new file mode 100644 index 000000000..ac1c58a55 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/prefix.rb @@ -0,0 +1,52 @@ +# +# prefix.rb +# + +module Puppet::Parser::Functions + newfunction(:prefix, :type => :rvalue, :doc => <<-EOS +This function applies a prefix to all elements in an array or a hash. + +*Examples:* + + prefix(['a','b','c'], 'p') + +Will return: ['pa','pb','pc'] + EOS + ) do |arguments| + + # Technically we support two arguments but only first is mandatory ... + raise(Puppet::ParseError, "prefix(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + enumerable = arguments[0] + + unless enumerable.is_a?(Array) or enumerable.is_a?(Hash) + raise Puppet::ParseError, "prefix(): expected first argument to be an Array or a Hash, got #{enumerable.inspect}" + end + + prefix = arguments[1] if arguments[1] + + if prefix + unless prefix.is_a?(String) + raise Puppet::ParseError, "prefix(): expected second argument to be a String, got #{prefix.inspect}" + end + end + + if enumerable.is_a?(Array) + # Turn everything into string same as join would do ... + result = enumerable.collect do |i| + i = i.to_s + prefix ? prefix + i : i + end + else + result = Hash[enumerable.map do |k,v| + k = k.to_s + [ prefix ? prefix + k : k, v ] + end] + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/private.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/private.rb new file mode 100644 index 000000000..3b00ba12f --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/private.rb @@ -0,0 +1,17 @@ +# +# private.rb +# + +module Puppet::Parser::Functions + newfunction(:private, :doc => <<-'EOS' + DEPRECATED: Sets the current class or definition as private. + Calling the class or definition from outside the current module will fail. + EOS + ) do |args| + warning("private() DEPRECATED: This function will cease to function on Puppet 4; please use assert_private() before upgrading to puppet 4 for backwards-compatibility, or migrate to the new parser's typing system.") + if !Puppet::Parser::Functions.autoloader.loaded?(:assert_private) + Puppet::Parser::Functions.autoloader.load(:assert_private) + end + function_assert_private([(args[0] unless args.size < 1)]) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/pw_hash.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/pw_hash.rb new file mode 100644 index 000000000..41d42238d --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/pw_hash.rb @@ -0,0 +1,56 @@ +Puppet::Parser::Functions::newfunction( + :pw_hash, + :type => :rvalue, + :arity => 3, + :doc => "Hashes a password using the crypt function. Provides a hash + usable on most POSIX systems. + + The first argument to this function is the password to hash. If it is + undef or an empty string, this function returns undef. + + The second argument to this function is which type of hash to use. It + will be converted into the appropriate crypt(3) hash specifier. Valid + hash types are: + + |Hash type |Specifier| + |---------------------|---------| + |MD5 |1 | + |SHA-256 |5 | + |SHA-512 (recommended)|6 | + + The third argument to this function is the salt to use. + + Note: this uses the Puppet Master's implementation of crypt(3). If your + environment contains several different operating systems, ensure that they + are compatible before using this function.") do |args| + raise ArgumentError, "pw_hash(): wrong number of arguments (#{args.size} for 3)" if args.size != 3 + raise ArgumentError, "pw_hash(): first argument must be a string" unless args[0].is_a? String or args[0].nil? + raise ArgumentError, "pw_hash(): second argument must be a string" unless args[1].is_a? String + hashes = { 'md5' => '1', + 'sha-256' => '5', + 'sha-512' => '6' } + hash_type = hashes[args[1].downcase] + raise ArgumentError, "pw_hash(): #{args[1]} is not a valid hash type" if hash_type.nil? + raise ArgumentError, "pw_hash(): third argument must be a string" unless args[2].is_a? String + raise ArgumentError, "pw_hash(): third argument must not be empty" if args[2].empty? + raise ArgumentError, "pw_hash(): characters in salt must be in the set [a-zA-Z0-9./]" unless args[2].match(/\A[a-zA-Z0-9.\/]+\z/) + + password = args[0] + return nil if password.nil? or password.empty? + + salt = "$#{hash_type}$#{args[2]}" + + # handle weak implementations of String#crypt + if 'test'.crypt('$1$1') != '$1$1$Bp8CU9Oujr9SSEw53WV6G.' + # JRuby < 1.7.17 + if RUBY_PLATFORM == 'java' + # puppetserver bundles Apache Commons Codec + org.apache.commons.codec.digest.Crypt.crypt(password.to_java_bytes, salt) + else + # MS Windows and other systems that don't support enhanced salts + raise Puppet::ParseError, 'system does not support enhanced salts' + end + else + password.crypt(salt) + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/range.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/range.rb new file mode 100644 index 000000000..2fc211329 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/range.rb @@ -0,0 +1,87 @@ +# +# range.rb +# + +# TODO(Krzysztof Wilczynski): We probably need to approach numeric values differently ... + +module Puppet::Parser::Functions + newfunction(:range, :type => :rvalue, :doc => <<-EOS +When given range in the form of (start, stop) it will extrapolate a range as +an array. + +*Examples:* + + range("0", "9") + +Will return: [0,1,2,3,4,5,6,7,8,9] + + range("00", "09") + +Will return: [0,1,2,3,4,5,6,7,8,9] (Zero padded strings are converted to +integers automatically) + + range("a", "c") + +Will return: ["a","b","c"] + + range("host01", "host10") + +Will return: ["host01", "host02", ..., "host09", "host10"] + +Passing a third argument will cause the generated range to step by that +interval, e.g. + + range("0", "9", "2") + +Will return: [0,2,4,6,8] + EOS + ) do |arguments| + + raise(Puppet::ParseError, 'range(): Wrong number of ' + + 'arguments given (0 for 1)') if arguments.size == 0 + + if arguments.size > 1 + start = arguments[0] + stop = arguments[1] + step = arguments[2].nil? ? 1 : arguments[2].to_i.abs + + type = '..' # Use the simplest type of Range available in Ruby + + else # arguments.size == 1 + value = arguments[0] + + if m = value.match(/^(\w+)(\.\.\.?|\-)(\w+)$/) + start = m[1] + stop = m[3] + + type = m[2] + step = 1 + elsif value.match(/^.+$/) + raise(Puppet::ParseError, "range(): Unable to compute range " + + "from the value: #{value}") + else + raise(Puppet::ParseError, "range(): Unknown range format: #{value}") + end + end + + # If we were given an integer, ensure we work with one + if start.to_s.match(/^\d+$/) + start = start.to_i + stop = stop.to_i + else + start = start.to_s + stop = stop.to_s + end + + range = case type + when /^(\.\.|\-)$/ then (start .. stop) + when '...' then (start ... stop) # Exclusive of last element + end + + result = range.step(step).to_a + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/reject.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/reject.rb new file mode 100644 index 000000000..1953ffcf1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/reject.rb @@ -0,0 +1,31 @@ +# +# reject.rb +# + +module Puppet::Parser::Functions + newfunction(:reject, :type => :rvalue, :doc => <<-EOS) do |args| +This function searches through an array and rejects all elements that match +the provided regular expression. + +*Examples:* + + reject(['aaa','bbb','ccc','aaaddd'], 'aaa') + +Would return: + + ['bbb','ccc'] +EOS + + if (args.size != 2) + raise Puppet::ParseError, + "reject(): Wrong number of arguments given #{args.size} for 2" + end + + ary = args[0] + pattern = Regexp.new(args[1]) + + ary.reject { |e| e =~ pattern } + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/reverse.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/reverse.rb new file mode 100644 index 000000000..7f1018f67 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/reverse.rb @@ -0,0 +1,27 @@ +# +# reverse.rb +# + +module Puppet::Parser::Functions + newfunction(:reverse, :type => :rvalue, :doc => <<-EOS +Reverses the order of a string or array. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "reverse(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'reverse(): Requires either ' + + 'array or string to work with') + end + + result = value.reverse + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/rstrip.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/rstrip.rb new file mode 100644 index 000000000..0cf8d222c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/rstrip.rb @@ -0,0 +1,31 @@ +# +# rstrip.rb +# + +module Puppet::Parser::Functions + newfunction(:rstrip, :type => :rvalue, :doc => <<-EOS +Strips leading spaces to the right of the string. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "rstrip(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'rstrip(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + result = value.collect { |i| i.is_a?(String) ? i.rstrip : i } + else + result = value.rstrip + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/seeded_rand.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/seeded_rand.rb new file mode 100644 index 000000000..44e27b8dc --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/seeded_rand.rb @@ -0,0 +1,22 @@ +Puppet::Parser::Functions::newfunction( + :seeded_rand, + :arity => 2, + :type => :rvalue, + :doc => <<-EOS +Usage: `seeded_rand(MAX, SEED)`. MAX must be a positive integer; SEED is any string. + +Generates a random whole number greater than or equal to 0 and less +than MAX, using the value of SEED for repeatable randomness. If SEED +starts with "$fqdn:", this is behaves the same as `fqdn_rand`. + +EOS +) do |args| + require 'digest/md5' + + raise(ArgumentError, "seeded_rand(): first argument must be a positive integer") unless function_is_integer([args[0]]) and args[0].to_i > 0 + raise(ArgumentError, "seeded_rand(): second argument must be a string") unless args[1].is_a? String + + max = args[0].to_i + seed = Digest::MD5.hexdigest(args[1]).hex + Puppet::Util.deterministic_rand(seed,max) +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/shuffle.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/shuffle.rb new file mode 100644 index 000000000..30c663dbe --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/shuffle.rb @@ -0,0 +1,45 @@ +# +# shuffle.rb +# + +module Puppet::Parser::Functions + newfunction(:shuffle, :type => :rvalue, :doc => <<-EOS +Randomizes the order of a string or array elements. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "shuffle(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'shuffle(): Requires either ' + + 'array or string to work with') + end + + result = value.clone + + string = value.is_a?(String) ? true : false + + # Check whether it makes sense to shuffle ... + return result if result.size <= 1 + + # We turn any string value into an array to be able to shuffle ... + result = string ? result.split('') : result + + elements = result.size + + # Simple implementation of Fisher–Yates in-place shuffle ... + elements.times do |i| + j = rand(elements - i) + i + result[j], result[i] = result[i], result[j] + end + + result = string ? result.join : result + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/size.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/size.rb new file mode 100644 index 000000000..0d6cc9613 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/size.rb @@ -0,0 +1,46 @@ +# +# size.rb +# + +module Puppet::Parser::Functions + newfunction(:size, :type => :rvalue, :doc => <<-EOS +Returns the number of elements in a string, an array or a hash + EOS + ) do |arguments| + + raise(Puppet::ParseError, "size(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + item = arguments[0] + + if item.is_a?(String) + + begin + # + # Check whether your item is a numeric value or not ... + # This will take care about positive and/or negative numbers + # for both integer and floating-point values ... + # + # Please note that Puppet has no notion of hexadecimal + # nor octal numbers for its DSL at this point in time ... + # + Float(item) + + raise(Puppet::ParseError, 'size(): Requires either ' + + 'string, array or hash to work with') + + rescue ArgumentError + result = item.size + end + + elsif item.is_a?(Array) || item.is_a?(Hash) + result = item.size + else + raise(Puppet::ParseError, 'size(): Unknown type given') + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/sort.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/sort.rb new file mode 100644 index 000000000..cefbe5463 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/sort.rb @@ -0,0 +1,27 @@ +# +# sort.rb +# + +module Puppet::Parser::Functions + newfunction(:sort, :type => :rvalue, :doc => <<-EOS +Sorts strings and arrays lexically. + EOS + ) do |arguments| + + if (arguments.size != 1) then + raise(Puppet::ParseError, "sort(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + + value = arguments[0] + + if value.is_a?(Array) then + value.sort + elsif value.is_a?(String) then + value.split("").sort.join("") + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/squeeze.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/squeeze.rb new file mode 100644 index 000000000..81fadfdb2 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/squeeze.rb @@ -0,0 +1,36 @@ +# +# squeeze.rb +# + +module Puppet::Parser::Functions + newfunction(:squeeze, :type => :rvalue, :doc => <<-EOS +Returns a new string where runs of the same character that occur in this set are replaced by a single character. + EOS + ) do |arguments| + + if ((arguments.size != 2) and (arguments.size != 1)) then + raise(Puppet::ParseError, "squeeze(): Wrong number of arguments "+ + "given #{arguments.size} for 2 or 1") + end + + item = arguments[0] + squeezeval = arguments[1] + + if item.is_a?(Array) then + if squeezeval then + item.collect { |i| i.squeeze(squeezeval) } + else + item.collect { |i| i.squeeze } + end + else + if squeezeval then + item.squeeze(squeezeval) + else + item.squeeze + end + end + + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/str2bool.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/str2bool.rb new file mode 100644 index 000000000..8def131e3 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/str2bool.rb @@ -0,0 +1,46 @@ +# +# str2bool.rb +# + +module Puppet::Parser::Functions + newfunction(:str2bool, :type => :rvalue, :doc => <<-EOS +This converts a string to a boolean. This attempt to convert strings that +contain things like: Y,y, 1, T,t, TRUE,true to 'true' and strings that contain things +like: 0, F,f, N,n, false, FALSE, no to 'false'. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "str2bool(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + string = arguments[0] + + # If string is already Boolean, return it + if !!string == string + return string + end + + unless string.is_a?(String) + raise(Puppet::ParseError, 'str2bool(): Requires either ' + + 'string to work with') + end + + # We consider all the yes, no, y, n and so on too ... + result = case string + # + # This is how undef looks like in Puppet ... + # We yield false in this case. + # + when /^$/, '' then false # Empty string will be false ... + when /^(1|t|y|true|yes)$/i then true + when /^(0|f|n|false|no)$/i then false + when /^(undef|undefined)$/ then false # This is not likely to happen ... + else + raise(Puppet::ParseError, 'str2bool(): Unknown type of boolean given') + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/str2saltedsha512.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/str2saltedsha512.rb new file mode 100644 index 000000000..7fe7b0128 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/str2saltedsha512.rb @@ -0,0 +1,32 @@ +# +# str2saltedsha512.rb +# + +module Puppet::Parser::Functions + newfunction(:str2saltedsha512, :type => :rvalue, :doc => <<-EOS +This converts a string to a salted-SHA512 password hash (which is used for +OS X versions >= 10.7). Given any simple string, you will get a hex version +of a salted-SHA512 password hash that can be inserted into your Puppet +manifests as a valid password attribute. + EOS + ) do |arguments| + require 'digest/sha2' + + raise(Puppet::ParseError, "str2saltedsha512(): Wrong number of arguments " + + "passed (#{arguments.size} but we require 1)") if arguments.size != 1 + + password = arguments[0] + + unless password.is_a?(String) + raise(Puppet::ParseError, 'str2saltedsha512(): Requires a ' + + "String argument, you passed: #{password.class}") + end + + seedint = rand(2**31 - 1) + seedstring = Array(seedint).pack("L") + saltedpass = Digest::SHA512.digest(seedstring + password) + (seedstring + saltedpass).unpack('H*')[0] + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/strftime.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/strftime.rb new file mode 100644 index 000000000..0b52adecd --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/strftime.rb @@ -0,0 +1,107 @@ +# +# strftime.rb +# + +module Puppet::Parser::Functions + newfunction(:strftime, :type => :rvalue, :doc => <<-EOS +This function returns formatted time. + +*Examples:* + +To return the time since epoch: + + strftime("%s") + +To return the date: + + strftime("%Y-%m-%d") + +*Format meaning:* + + %a - The abbreviated weekday name (``Sun'') + %A - The full weekday name (``Sunday'') + %b - The abbreviated month name (``Jan'') + %B - The full month name (``January'') + %c - The preferred local date and time representation + %C - Century (20 in 2009) + %d - Day of the month (01..31) + %D - Date (%m/%d/%y) + %e - Day of the month, blank-padded ( 1..31) + %F - Equivalent to %Y-%m-%d (the ISO 8601 date format) + %h - Equivalent to %b + %H - Hour of the day, 24-hour clock (00..23) + %I - Hour of the day, 12-hour clock (01..12) + %j - Day of the year (001..366) + %k - hour, 24-hour clock, blank-padded ( 0..23) + %l - hour, 12-hour clock, blank-padded ( 0..12) + %L - Millisecond of the second (000..999) + %m - Month of the year (01..12) + %M - Minute of the hour (00..59) + %n - Newline (\n) + %N - Fractional seconds digits, default is 9 digits (nanosecond) + %3N millisecond (3 digits) + %6N microsecond (6 digits) + %9N nanosecond (9 digits) + %p - Meridian indicator (``AM'' or ``PM'') + %P - Meridian indicator (``am'' or ``pm'') + %r - time, 12-hour (same as %I:%M:%S %p) + %R - time, 24-hour (%H:%M) + %s - Number of seconds since 1970-01-01 00:00:00 UTC. + %S - Second of the minute (00..60) + %t - Tab character (\t) + %T - time, 24-hour (%H:%M:%S) + %u - Day of the week as a decimal, Monday being 1. (1..7) + %U - Week number of the current year, + starting with the first Sunday as the first + day of the first week (00..53) + %v - VMS date (%e-%b-%Y) + %V - Week number of year according to ISO 8601 (01..53) + %W - Week number of the current year, + starting with the first Monday as the first + day of the first week (00..53) + %w - Day of the week (Sunday is 0, 0..6) + %x - Preferred representation for the date alone, no time + %X - Preferred representation for the time alone, no date + %y - Year without a century (00..99) + %Y - Year with century + %z - Time zone as hour offset from UTC (e.g. +0900) + %Z - Time zone name + %% - Literal ``%'' character + EOS + ) do |arguments| + + # Technically we support two arguments but only first is mandatory ... + raise(Puppet::ParseError, "strftime(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + format = arguments[0] + + raise(Puppet::ParseError, 'strftime(): You must provide ' + + 'format for evaluation') if format.empty? + + # The Time Zone argument is optional ... + time_zone = arguments[1] if arguments[1] + + time = Time.new + + # There is probably a better way to handle Time Zone ... + if time_zone and not time_zone.empty? + original_zone = ENV['TZ'] + + local_time = time.clone + local_time = local_time.utc + + ENV['TZ'] = time_zone + + time = local_time.localtime + + ENV['TZ'] = original_zone + end + + result = time.strftime(format) + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/strip.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/strip.rb new file mode 100644 index 000000000..3fac47d53 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/strip.rb @@ -0,0 +1,38 @@ +# +# strip.rb +# + +module Puppet::Parser::Functions + newfunction(:strip, :type => :rvalue, :doc => <<-EOS +This function removes leading and trailing whitespace from a string or from +every string inside an array. + +*Examples:* + + strip(" aaa ") + +Would result in: "aaa" + EOS + ) do |arguments| + + raise(Puppet::ParseError, "strip(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'strip(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + result = value.collect { |i| i.is_a?(String) ? i.strip : i } + else + result = value.strip + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/suffix.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/suffix.rb new file mode 100644 index 000000000..f7792d6f7 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/suffix.rb @@ -0,0 +1,45 @@ +# +# suffix.rb +# + +module Puppet::Parser::Functions + newfunction(:suffix, :type => :rvalue, :doc => <<-EOS +This function applies a suffix to all elements in an array. + +*Examples:* + + suffix(['a','b','c'], 'p') + +Will return: ['ap','bp','cp'] + EOS + ) do |arguments| + + # Technically we support two arguments but only first is mandatory ... + raise(Puppet::ParseError, "suffix(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + array = arguments[0] + + unless array.is_a?(Array) + raise Puppet::ParseError, "suffix(): expected first argument to be an Array, got #{array.inspect}" + end + + suffix = arguments[1] if arguments[1] + + if suffix + unless suffix.is_a? String + raise Puppet::ParseError, "suffix(): expected second argument to be a String, got #{suffix.inspect}" + end + end + + # Turn everything into string same as join would do ... + result = array.collect do |i| + i = i.to_s + suffix ? i + suffix : i + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/swapcase.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/swapcase.rb new file mode 100644 index 000000000..eb7fe137d --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/swapcase.rb @@ -0,0 +1,38 @@ +# +# swapcase.rb +# + +module Puppet::Parser::Functions + newfunction(:swapcase, :type => :rvalue, :doc => <<-EOS +This function will swap the existing case of a string. + +*Examples:* + + swapcase("aBcD") + +Would result in: "AbCd" + EOS + ) do |arguments| + + raise(Puppet::ParseError, "swapcase(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'swapcase(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? i.swapcase : i } + else + result = value.swapcase + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/time.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/time.rb new file mode 100644 index 000000000..c5747474f --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/time.rb @@ -0,0 +1,50 @@ +# +# time.rb +# + +module Puppet::Parser::Functions + newfunction(:time, :type => :rvalue, :doc => <<-EOS +This function will return the current time since epoch as an integer. + +*Examples:* + + time() + +Will return something like: 1311972653 + EOS + ) do |arguments| + + # The Time Zone argument is optional ... + time_zone = arguments[0] if arguments[0] + + if (arguments.size != 0) and (arguments.size != 1) then + raise(Puppet::ParseError, "time(): Wrong number of arguments "+ + "given #{arguments.size} for 0 or 1") + end + + time = Time.new + + # There is probably a better way to handle Time Zone ... + if time_zone and not time_zone.empty? + original_zone = ENV['TZ'] + + local_time = time.clone + local_time = local_time.utc + + ENV['TZ'] = time_zone + + result = local_time.localtime.strftime('%s') + + ENV['TZ'] = original_zone + else + result = time.localtime.strftime('%s') + end + + # Calling Time#to_i on a receiver changes it. Trust me I am the Doctor. + result = result.to_i + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/to_bytes.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/to_bytes.rb new file mode 100644 index 000000000..df490ea8c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/to_bytes.rb @@ -0,0 +1,31 @@ +module Puppet::Parser::Functions + newfunction(:to_bytes, :type => :rvalue, :doc => <<-EOS + Converts the argument into bytes, for example 4 kB becomes 4096. + Takes a single string value as an argument. + These conversions reflect a layperson's understanding of + 1 MB = 1024 KB, when in fact 1 MB = 1000 KB, and 1 MiB = 1024 KiB. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "to_bytes(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + arg = arguments[0] + + return arg if arg.is_a? Numeric + + value,prefix = */([0-9.e+-]*)\s*([^bB]?)/.match(arg)[1,2] + + value = value.to_f + case prefix + when '' then return value.to_i + when 'k' then return (value*(1<<10)).to_i + when 'M' then return (value*(1<<20)).to_i + when 'G' then return (value*(1<<30)).to_i + when 'T' then return (value*(1<<40)).to_i + when 'P' then return (value*(1<<50)).to_i + when 'E' then return (value*(1<<60)).to_i + else raise Puppet::ParseError, "to_bytes(): Unknown prefix #{prefix}" + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/try_get_value.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/try_get_value.rb new file mode 100644 index 000000000..0c19fd965 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/try_get_value.rb @@ -0,0 +1,77 @@ +module Puppet::Parser::Functions + newfunction( + :try_get_value, + :type => :rvalue, + :arity => -2, + :doc => <<-eos +Looks up into a complex structure of arrays and hashes and returns a value +or the default value if nothing was found. + +Key can contain slashes to describe path components. The function will go down +the structure and try to extract the required value. + +$data = { + 'a' => { + 'b' => [ + 'b1', + 'b2', + 'b3', + ] + } +} + +$value = try_get_value($data, 'a/b/2', 'not_found', '/') +=> $value = 'b3' + +a -> first hash key +b -> second hash key +2 -> array index starting with 0 + +not_found -> (optional) will be returned if there is no value or the path did not match. Defaults to nil. +/ -> (optional) path delimiter. Defaults to '/'. + +In addition to the required "key" argument, "try_get_value" accepts default +argument. It will be returned if no value was found or a path component is +missing. And the fourth argument can set a variable path separator. + eos + ) do |args| + path_lookup = lambda do |data, path, default| + debug "Try_get_value: #{path.inspect} from: #{data.inspect}" + if data.nil? + debug "Try_get_value: no data, return default: #{default.inspect}" + break default + end + unless path.is_a? Array + debug "Try_get_value: wrong path, return default: #{default.inspect}" + break default + end + unless path.any? + debug "Try_get_value: value found, return data: #{data.inspect}" + break data + end + unless data.is_a? Hash or data.is_a? Array + debug "Try_get_value: incorrect data, return default: #{default.inspect}" + break default + end + + key = path.shift + if data.is_a? Array + begin + key = Integer key + rescue ArgumentError + debug "Try_get_value: non-numeric path for an array, return default: #{default.inspect}" + break default + end + end + path_lookup.call data[key], path, default + end + + data = args[0] + path = args[1] || '' + default = args[2] + separator = args[3] || '/' + + path = path.split separator + path_lookup.call data, path, default + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/type.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/type.rb new file mode 100644 index 000000000..016529b03 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/type.rb @@ -0,0 +1,19 @@ +# +# type.rb +# + +module Puppet::Parser::Functions + newfunction(:type, :type => :rvalue, :doc => <<-EOS + DEPRECATED: This function will cease to function on Puppet 4; please use type3x() before upgrading to puppet 4 for backwards-compatibility, or migrate to the new parser's typing system. + EOS + ) do |args| + + warning("type() DEPRECATED: This function will cease to function on Puppet 4; please use type3x() before upgrading to puppet 4 for backwards-compatibility, or migrate to the new parser's typing system.") + if ! Puppet::Parser::Functions.autoloader.loaded?(:type3x) + Puppet::Parser::Functions.autoloader.load(:type3x) + end + function_type3x(args + [false]) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/type3x.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/type3x.rb new file mode 100644 index 000000000..0800b4a3e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/type3x.rb @@ -0,0 +1,51 @@ +# +# type3x.rb +# + +module Puppet::Parser::Functions + newfunction(:type3x, :type => :rvalue, :doc => <<-EOS +DEPRECATED: This function will be removed when puppet 3 support is dropped; please migrate to the new parser's typing system. + +Returns the type when passed a value. Type can be one of: + +* string +* array +* hash +* float +* integer +* boolean + EOS + ) do |args| + raise(Puppet::ParseError, "type3x(): Wrong number of arguments " + + "given (#{args.size} for 1)") if args.size < 1 + + value = args[0] + + klass = value.class + + if not [TrueClass, FalseClass, Array, Bignum, Fixnum, Float, Hash, String].include?(klass) + raise(Puppet::ParseError, 'type3x(): Unknown type') + end + + klass = klass.to_s # Ugly ... + + # We note that Integer is the parent to Bignum and Fixnum ... + result = case klass + when /^(?:Big|Fix)num$/ then 'integer' + when /^(?:True|False)Class$/ then 'boolean' + else klass + end + + if result == "String" then + if value == value.to_i.to_s then + result = "Integer" + elsif value == value.to_f.to_s then + result = "Float" + end + end + + return result.downcase + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/union.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/union.rb new file mode 100644 index 000000000..6c5bb8348 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/union.rb @@ -0,0 +1,29 @@ +# +# union.rb +# + +module Puppet::Parser::Functions + newfunction(:union, :type => :rvalue, :doc => <<-EOS +This function returns a union of two or more arrays. + +*Examples:* + + union(["a","b","c"],["b","c","d"]) + +Would return: ["a","b","c","d"] + EOS + ) do |arguments| + + # Check that 2 or more arguments have been given ... + raise(Puppet::ParseError, "union(): Wrong number of arguments " + + "given (#{arguments.size} for < 2)") if arguments.size < 2 + + arguments.each do |argument| + raise(Puppet::ParseError, 'union(): Every parameter must be an array') unless argument.is_a?(Array) + end + + arguments.reduce(:|) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/unique.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/unique.rb new file mode 100644 index 000000000..cf770f3b4 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/unique.rb @@ -0,0 +1,50 @@ +# +# unique.rb +# + +module Puppet::Parser::Functions + newfunction(:unique, :type => :rvalue, :doc => <<-EOS +This function will remove duplicates from strings and arrays. + +*Examples:* + + unique("aabbcc") + +Will return: + + abc + +You can also use this with arrays: + + unique(["a","a","b","b","c","c"]) + +This returns: + + ["a","b","c"] + EOS + ) do |arguments| + + raise(Puppet::ParseError, "unique(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'unique(): Requires either ' + + 'array or string to work with') + end + + result = value.clone + + string = value.is_a?(String) ? true : false + + # We turn any string value into an array to be able to shuffle ... + result = string ? result.split('') : result + result = result.uniq # Remove duplicates ... + result = string ? result.join : result + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/unix2dos.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/unix2dos.rb new file mode 100644 index 000000000..0bd9cd1f1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/unix2dos.rb @@ -0,0 +1,15 @@ +# Custom Puppet function to convert unix to dos format +module Puppet::Parser::Functions + newfunction(:unix2dos, :type => :rvalue, :arity => 1, :doc => <<-EOS + Returns the DOS version of the given string. + Takes a single string argument. + EOS + ) do |arguments| + + unless arguments[0].is_a?(String) + raise(Puppet::ParseError, 'unix2dos(): Requires string as argument') + end + + arguments[0].gsub(/\r*\n/, "\r\n") + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/upcase.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/upcase.rb new file mode 100644 index 000000000..44b3bcd6f --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/upcase.rb @@ -0,0 +1,45 @@ +# +# upcase.rb +# + +module Puppet::Parser::Functions + newfunction(:upcase, :type => :rvalue, :doc => <<-EOS +Converts a string or an array of strings to uppercase. + +*Examples:* + + upcase("abcd") + +Will return: + + ABCD + EOS + ) do |arguments| + + raise(Puppet::ParseError, "upcase(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size != 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(Hash) || value.respond_to?(:upcase) + raise(Puppet::ParseError, 'upcase(): Requires an ' + + 'array, hash or object that responds to upcase in order to work') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| function_upcase([i]) } + elsif value.is_a?(Hash) + result = {} + value.each_pair do |k, v| + result[function_upcase([k])] = function_upcase([v]) + end + else + result = value.upcase + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/uriescape.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/uriescape.rb new file mode 100644 index 000000000..45bbed22c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/uriescape.rb @@ -0,0 +1,34 @@ +# +# uriescape.rb +# +require 'uri' + +module Puppet::Parser::Functions + newfunction(:uriescape, :type => :rvalue, :doc => <<-EOS + Urlencodes a string or array of strings. + Requires either a single string or an array as an input. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "uriescape(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + value = arguments[0] + + unless value.is_a?(Array) || value.is_a?(String) + raise(Puppet::ParseError, 'uriescape(): Requires either ' + + 'array or string to work with') + end + + if value.is_a?(Array) + # Numbers in Puppet are often string-encoded which is troublesome ... + result = value.collect { |i| i.is_a?(String) ? URI.escape(i) : i } + else + result = URI.escape(value) + end + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_absolute_path.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_absolute_path.rb new file mode 100644 index 000000000..5f85f72fe --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_absolute_path.rb @@ -0,0 +1,51 @@ +module Puppet::Parser::Functions + newfunction(:validate_absolute_path, :doc => <<-'ENDHEREDOC') do |args| + Validate the string represents an absolute path in the filesystem. This function works + for windows and unix style paths. + + The following values will pass: + + $my_path = 'C:/Program Files (x86)/Puppet Labs/Puppet' + validate_absolute_path($my_path) + $my_path2 = '/var/lib/puppet' + validate_absolute_path($my_path2) + $my_path3 = ['C:/Program Files (x86)/Puppet Labs/Puppet','C:/Program Files/Puppet Labs/Puppet'] + validate_absolute_path($my_path3) + $my_path4 = ['/var/lib/puppet','/usr/share/puppet'] + validate_absolute_path($my_path4) + + The following values will fail, causing compilation to abort: + + validate_absolute_path(true) + validate_absolute_path('../var/lib/puppet') + validate_absolute_path('var/lib/puppet') + validate_absolute_path([ 'var/lib/puppet', '/var/foo' ]) + validate_absolute_path([ '/var/lib/puppet', 'var/foo' ]) + $undefined = undef + validate_absolute_path($undefined) + + ENDHEREDOC + + require 'puppet/util' + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_absolute_path(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + # put arg to candidate var to be able to replace it + candidates = arg + # if arg is just a string with a path to test, convert it to an array + # to avoid test code duplication + unless arg.is_a?(Array) then + candidates = Array.new(1,arg) + end + # iterate over all paths within the candidates array + candidates.each do |path| + unless function_is_absolute_path([path]) + raise Puppet::ParseError, ("#{path.inspect} is not an absolute path.") + end + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_array.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_array.rb new file mode 100644 index 000000000..34b511825 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_array.rb @@ -0,0 +1,33 @@ +module Puppet::Parser::Functions + + newfunction(:validate_array, :doc => <<-'ENDHEREDOC') do |args| + Validate that all passed values are array data structures. Abort catalog + compilation if any value fails this check. + + The following values will pass: + + $my_array = [ 'one', 'two' ] + validate_array($my_array) + + The following values will fail, causing compilation to abort: + + validate_array(true) + validate_array('some_string') + $undefined = undef + validate_array($undefined) + + ENDHEREDOC + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_array(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(Array) + raise Puppet::ParseError, ("#{arg.inspect} is not an Array. It looks to be a #{arg.class}") + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_augeas.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_augeas.rb new file mode 100644 index 000000000..2196c3e0e --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_augeas.rb @@ -0,0 +1,83 @@ +require 'tempfile' + +module Puppet::Parser::Functions + newfunction(:validate_augeas, :doc => <<-'ENDHEREDOC') do |args| + Perform validation of a string using an Augeas lens + The first argument of this function should be a string to + test, and the second argument should be the name of the Augeas lens to use. + If Augeas fails to parse the string with the lens, the compilation will + abort with a parse error. + + A third argument can be specified, listing paths which should + not be found in the file. The `$file` variable points to the location + of the temporary file being tested in the Augeas tree. + + For example, if you want to make sure your passwd content never contains + a user `foo`, you could write: + + validate_augeas($passwdcontent, 'Passwd.lns', ['$file/foo']) + + Or if you wanted to ensure that no users used the '/bin/barsh' shell, + you could use: + + validate_augeas($passwdcontent, 'Passwd.lns', ['$file/*[shell="/bin/barsh"]'] + + If a fourth argument is specified, this will be the error message raised and + seen by the user. + + A helpful error message can be returned like this: + + validate_augeas($sudoerscontent, 'Sudoers.lns', [], 'Failed to validate sudoers content with Augeas') + + ENDHEREDOC + unless Puppet.features.augeas? + raise Puppet::ParseError, ("validate_augeas(): this function requires the augeas feature. See http://docs.puppetlabs.com/guides/augeas.html#pre-requisites for how to activate it.") + end + + if (args.length < 2) or (args.length > 4) then + raise Puppet::ParseError, ("validate_augeas(): wrong number of arguments (#{args.length}; must be 2, 3, or 4)") + end + + msg = args[3] || "validate_augeas(): Failed to validate content against #{args[1].inspect}" + + require 'augeas' + aug = Augeas::open(nil, nil, Augeas::NO_MODL_AUTOLOAD) + begin + content = args[0] + + # Test content in a temporary file + tmpfile = Tempfile.new("validate_augeas") + begin + tmpfile.write(content) + ensure + tmpfile.close + end + + # Check for syntax + lens = args[1] + aug.transform( + :lens => lens, + :name => 'Validate_augeas', + :incl => tmpfile.path + ) + aug.load! + + unless aug.match("/augeas/files#{tmpfile.path}//error").empty? + error = aug.get("/augeas/files#{tmpfile.path}//error/message") + msg += " with error: #{error}" + raise Puppet::ParseError, (msg) + end + + # Launch unit tests + tests = args[2] || [] + aug.defvar('file', "/files#{tmpfile.path}") + tests.each do |t| + msg += " testing path #{t}" + raise Puppet::ParseError, (msg) unless aug.match(t).empty? + end + ensure + aug.close + tmpfile.unlink + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_bool.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_bool.rb new file mode 100644 index 000000000..59a08056b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_bool.rb @@ -0,0 +1,34 @@ +module Puppet::Parser::Functions + + newfunction(:validate_bool, :doc => <<-'ENDHEREDOC') do |args| + Validate that all passed values are either true or false. Abort catalog + compilation if any value fails this check. + + The following values will pass: + + $iamtrue = true + validate_bool(true) + validate_bool(true, true, false, $iamtrue) + + The following values will fail, causing compilation to abort: + + $some_array = [ true ] + validate_bool("false") + validate_bool("true") + validate_bool($some_array) + + ENDHEREDOC + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_bool(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless function_is_bool([arg]) + raise Puppet::ParseError, ("#{arg.inspect} is not a boolean. It looks to be a #{arg.class}") + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_cmd.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_cmd.rb new file mode 100644 index 000000000..5df3c6094 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_cmd.rb @@ -0,0 +1,63 @@ +require 'puppet/util/execution' +require 'tempfile' + +module Puppet::Parser::Functions + newfunction(:validate_cmd, :doc => <<-'ENDHEREDOC') do |args| + Perform validation of a string with an external command. + The first argument of this function should be a string to + test, and the second argument should be a path to a test command + taking a % as a placeholder for the file path (will default to the end). + If the command, launched against a tempfile containing the passed string, + returns a non-null value, compilation will abort with a parse error. + + If a third argument is specified, this will be the error message raised and + seen by the user. + + A helpful error message can be returned like this: + + Example: + + # Defaults to end of path + validate_cmd($sudoerscontent, '/usr/sbin/visudo -c -f', 'Visudo failed to validate sudoers content') + + # % as file location + validate_cmd($haproxycontent, '/usr/sbin/haproxy -f % -c', 'Haproxy failed to validate config content') + + ENDHEREDOC + if (args.length < 2) or (args.length > 3) then + raise Puppet::ParseError, ("validate_cmd(): wrong number of arguments (#{args.length}; must be 2 or 3)") + end + + msg = args[2] || "validate_cmd(): failed to validate content with command #{args[1].inspect}" + + content = args[0] + checkscript = args[1] + + # Test content in a temporary file + tmpfile = Tempfile.new("validate_cmd") + begin + tmpfile.write(content) + tmpfile.close + + if checkscript =~ /\s%(\s|$)/ + check_with_correct_location = checkscript.gsub(/%/,tmpfile.path) + else + check_with_correct_location = "#{checkscript} #{tmpfile.path}" + end + + if Puppet::Util::Execution.respond_to?('execute') + Puppet::Util::Execution.execute(check_with_correct_location) + else + Puppet::Util.execute(check_with_correct_location) + end + rescue Puppet::ExecutionFailure => detail + msg += "\n#{detail}" + raise Puppet::ParseError, msg + rescue Exception => detail + msg += "\n#{detail.class.name} #{detail}" + raise Puppet::ParseError, msg + ensure + tmpfile.unlink + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_hash.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_hash.rb new file mode 100644 index 000000000..9bdd54328 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_hash.rb @@ -0,0 +1,33 @@ +module Puppet::Parser::Functions + + newfunction(:validate_hash, :doc => <<-'ENDHEREDOC') do |args| + Validate that all passed values are hash data structures. Abort catalog + compilation if any value fails this check. + + The following values will pass: + + $my_hash = { 'one' => 'two' } + validate_hash($my_hash) + + The following values will fail, causing compilation to abort: + + validate_hash(true) + validate_hash('some_string') + $undefined = undef + validate_hash($undefined) + + ENDHEREDOC + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_hash(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(Hash) + raise Puppet::ParseError, ("#{arg.inspect} is not a Hash. It looks to be a #{arg.class}") + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_integer.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_integer.rb new file mode 100644 index 000000000..a950916b1 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_integer.rb @@ -0,0 +1,132 @@ +module Puppet::Parser::Functions + + newfunction(:validate_integer, :doc => <<-'ENDHEREDOC') do |args| + Validate that the first argument is an integer (or an array of integers). Abort catalog compilation if any of the checks fail. + + The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. + + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check + if (all elements of) the first argument are greater or equal to the given minimum. + + It will fail if the first argument is not an integer or array of integers, and if arg 2 and arg 3 are not convertable to an integer. + + The following values will pass: + + validate_integer(1) + validate_integer(1, 2) + validate_integer(1, 1) + validate_integer(1, 2, 0) + validate_integer(2, 2, 2) + validate_integer(2, '', 0) + validate_integer(2, undef, 0) + $foo = undef + validate_integer(2, $foo, 0) + validate_integer([1,2,3,4,5], 6) + validate_integer([1,2,3,4,5], 6, 0) + + Plus all of the above, but any combination of values passed as strings ('1' or "1"). + Plus all of the above, but with (correct) combinations of negative integer values. + + The following values will not: + + validate_integer(true) + validate_integer(false) + validate_integer(7.0) + validate_integer({ 1 => 2 }) + $foo = undef + validate_integer($foo) + validate_integer($foobaridontexist) + + validate_integer(1, 0) + validate_integer(1, true) + validate_integer(1, '') + validate_integer(1, undef) + validate_integer(1, , 0) + validate_integer(1, 2, 3) + validate_integer(1, 3, 2) + validate_integer(1, 3, true) + + Plus all of the above, but any combination of values passed as strings ('false' or "false"). + Plus all of the above, but with incorrect combinations of negative integer values. + Plus all of the above, but with non-integer items in arrays or maximum / minimum argument. + + ENDHEREDOC + + # tell the user we need at least one, and optionally up to two other parameters + raise Puppet::ParseError, "validate_integer(): Wrong number of arguments; must be 1, 2 or 3, got #{args.length}" unless args.length > 0 and args.length < 4 + + input, max, min = *args + + # check maximum parameter + if args.length > 1 + max = max.to_s + # allow max to be empty (or undefined) if we have a minimum set + if args.length > 2 and max == '' + max = nil + else + begin + max = Integer(max) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_integer(): Expected second argument to be unset or an Integer, got #{max}:#{max.class}" + end + end + else + max = nil + end + + # check minimum parameter + if args.length > 2 + begin + min = Integer(min.to_s) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_integer(): Expected third argument to be unset or an Integer, got #{min}:#{min.class}" + end + else + min = nil + end + + # ensure that min < max + if min and max and min > max + raise Puppet::ParseError, "validate_integer(): Expected second argument to be larger than third argument, got #{max} < #{min}" + end + + # create lamba validator function + validator = lambda do |num| + # check input < max + if max and num > max + raise Puppet::ParseError, "validate_integer(): Expected #{input.inspect} to be smaller or equal to #{max}, got #{input.inspect}." + end + # check input > min (this will only be checked if no exception has been raised before) + if min and num < min + raise Puppet::ParseError, "validate_integer(): Expected #{input.inspect} to be greater or equal to #{min}, got #{input.inspect}." + end + end + + # if this is an array, handle it. + case input + when Array + # check every element of the array + input.each_with_index do |arg, pos| + begin + raise TypeError if arg.is_a?(Hash) + arg = Integer(arg.to_s) + validator.call(arg) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_integer(): Expected element at array position #{pos} to be an Integer, got #{arg.class}" + end + end + # for the sake of compatibility with ruby 1.8, we need extra handling of hashes + when Hash + raise Puppet::ParseError, "validate_integer(): Expected first argument to be an Integer or Array, got #{input.class}" + # check the input. this will also fail any stuff other than pure, shiny integers + else + begin + input = Integer(input.to_s) + validator.call(input) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_integer(): Expected first argument to be an Integer or Array, got #{input.class}" + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ip_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ip_address.rb new file mode 100644 index 000000000..c0baf82eb --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ip_address.rb @@ -0,0 +1,50 @@ +module Puppet::Parser::Functions + + newfunction(:validate_ip_address, :doc => <<-ENDHEREDOC + Validate that all values passed are valid IP addresses, + regardless they are IPv4 or IPv6 + Fail compilation if any value fails this check. + The following values will pass: + $my_ip = "1.2.3.4" + validate_ip_address($my_ip) + validate_bool("8.8.8.8", "172.16.0.1", $my_ip) + + $my_ip = "3ffe:505:2" + validate_ip_address(1) + validate_ip_address($my_ip) + validate_bool("fe80::baf6:b1ff:fe19:7507", $my_ip) + + The following values will fail, causing compilation to abort: + $some_array = [ 1, true, false, "garbage string", "3ffe:505:2" ] + validate_ip_address($some_array) + ENDHEREDOC + ) do |args| + + require "ipaddr" + rescuable_exceptions = [ ArgumentError ] + + if defined?(IPAddr::InvalidAddressError) + rescuable_exceptions << IPAddr::InvalidAddressError + end + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_ip_address(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(String) + raise Puppet::ParseError, "#{arg.inspect} is not a string." + end + + begin + unless IPAddr.new(arg).ipv4? or IPAddr.new(arg).ipv6? + raise Puppet::ParseError, "#{arg.inspect} is not a valid IP address." + end + rescue *rescuable_exceptions + raise Puppet::ParseError, "#{arg.inspect} is not a valid IP address." + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv4_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv4_address.rb new file mode 100644 index 000000000..97faa5729 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv4_address.rb @@ -0,0 +1,48 @@ +module Puppet::Parser::Functions + + newfunction(:validate_ipv4_address, :doc => <<-ENDHEREDOC + Validate that all values passed are valid IPv4 addresses. + Fail compilation if any value fails this check. + + The following values will pass: + + $my_ip = "1.2.3.4" + validate_ipv4_address($my_ip) + validate_ipv4_address("8.8.8.8", "172.16.0.1", $my_ip) + + The following values will fail, causing compilation to abort: + + $some_array = [ 1, true, false, "garbage string", "3ffe:505:2" ] + validate_ipv4_address($some_array) + + ENDHEREDOC + ) do |args| + + require "ipaddr" + rescuable_exceptions = [ ArgumentError ] + + if defined?(IPAddr::InvalidAddressError) + rescuable_exceptions << IPAddr::InvalidAddressError + end + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_ipv4_address(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(String) + raise Puppet::ParseError, "#{arg.inspect} is not a string." + end + + begin + unless IPAddr.new(arg).ipv4? + raise Puppet::ParseError, "#{arg.inspect} is not a valid IPv4 address." + end + rescue *rescuable_exceptions + raise Puppet::ParseError, "#{arg.inspect} is not a valid IPv4 address." + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv6_address.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv6_address.rb new file mode 100644 index 000000000..b0f2558df --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_ipv6_address.rb @@ -0,0 +1,49 @@ +module Puppet::Parser::Functions + + newfunction(:validate_ipv6_address, :doc => <<-ENDHEREDOC + Validate that all values passed are valid IPv6 addresses. + Fail compilation if any value fails this check. + + The following values will pass: + + $my_ip = "3ffe:505:2" + validate_ipv6_address(1) + validate_ipv6_address($my_ip) + validate_bool("fe80::baf6:b1ff:fe19:7507", $my_ip) + + The following values will fail, causing compilation to abort: + + $some_array = [ true, false, "garbage string", "1.2.3.4" ] + validate_ipv6_address($some_array) + + ENDHEREDOC + ) do |args| + + require "ipaddr" + rescuable_exceptions = [ ArgumentError ] + + if defined?(IPAddr::InvalidAddressError) + rescuable_exceptions << IPAddr::InvalidAddressError + end + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_ipv6_address(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(String) + raise Puppet::ParseError, "#{arg.inspect} is not a string." + end + + begin + unless IPAddr.new(arg).ipv6? + raise Puppet::ParseError, "#{arg.inspect} is not a valid IPv6 address." + end + rescue *rescuable_exceptions + raise Puppet::ParseError, "#{arg.inspect} is not a valid IPv6 address." + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_numeric.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_numeric.rb new file mode 100644 index 000000000..3a144434b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_numeric.rb @@ -0,0 +1,94 @@ +module Puppet::Parser::Functions + + newfunction(:validate_numeric, :doc => <<-'ENDHEREDOC') do |args| + Validate that the first argument is a numeric value (or an array of numeric values). Abort catalog compilation if any of the checks fail. + + The second argument is optional and passes a maximum. (All elements of) the first argument has to be less or equal to this max. + + The third argument is optional and passes a minimum. (All elements of) the first argument has to be greater or equal to this min. + If, and only if, a minimum is given, the second argument may be an empty string or undef, which will be handled to just check + if (all elements of) the first argument are greater or equal to the given minimum. + + It will fail if the first argument is not a numeric (Integer or Float) or array of numerics, and if arg 2 and arg 3 are not convertable to a numeric. + + For passing and failing usage, see `validate_integer()`. It is all the same for validate_numeric, yet now floating point values are allowed, too. + + ENDHEREDOC + + # tell the user we need at least one, and optionally up to two other parameters + raise Puppet::ParseError, "validate_numeric(): Wrong number of arguments; must be 1, 2 or 3, got #{args.length}" unless args.length > 0 and args.length < 4 + + input, max, min = *args + + # check maximum parameter + if args.length > 1 + max = max.to_s + # allow max to be empty (or undefined) if we have a minimum set + if args.length > 2 and max == '' + max = nil + else + begin + max = Float(max) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_numeric(): Expected second argument to be unset or a Numeric, got #{max}:#{max.class}" + end + end + else + max = nil + end + + # check minimum parameter + if args.length > 2 + begin + min = Float(min.to_s) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_numeric(): Expected third argument to be unset or a Numeric, got #{min}:#{min.class}" + end + else + min = nil + end + + # ensure that min < max + if min and max and min > max + raise Puppet::ParseError, "validate_numeric(): Expected second argument to be larger than third argument, got #{max} < #{min}" + end + + # create lamba validator function + validator = lambda do |num| + # check input < max + if max and num > max + raise Puppet::ParseError, "validate_numeric(): Expected #{input.inspect} to be smaller or equal to #{max}, got #{input.inspect}." + end + # check input > min (this will only be checked if no exception has been raised before) + if min and num < min + raise Puppet::ParseError, "validate_numeric(): Expected #{input.inspect} to be greater or equal to #{min}, got #{input.inspect}." + end + end + + # if this is an array, handle it. + case input + when Array + # check every element of the array + input.each_with_index do |arg, pos| + begin + raise TypeError if arg.is_a?(Hash) + arg = Float(arg.to_s) + validator.call(arg) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_numeric(): Expected element at array position #{pos} to be a Numeric, got #{arg.class}" + end + end + # for the sake of compatibility with ruby 1.8, we need extra handling of hashes + when Hash + raise Puppet::ParseError, "validate_integer(): Expected first argument to be a Numeric or Array, got #{input.class}" + # check the input. this will also fail any stuff other than pure, shiny integers + else + begin + input = Float(input.to_s) + validator.call(input) + rescue TypeError, ArgumentError + raise Puppet::ParseError, "validate_numeric(): Expected first argument to be a Numeric or Array, got #{input.class}" + end + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_re.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_re.rb new file mode 100644 index 000000000..efee7f8cb --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_re.rb @@ -0,0 +1,47 @@ +module Puppet::Parser::Functions + newfunction(:validate_re, :doc => <<-'ENDHEREDOC') do |args| + Perform simple validation of a string against one or more regular + expressions. The first argument of this function should be a string to + test, and the second argument should be a stringified regular expression + (without the // delimiters) or an array of regular expressions. If none + of the regular expressions match the string passed in, compilation will + abort with a parse error. + + If a third argument is specified, this will be the error message raised and + seen by the user. + + The following strings will validate against the regular expressions: + + validate_re('one', '^one$') + validate_re('one', [ '^one', '^two' ]) + + The following strings will fail to validate, causing compilation to abort: + + validate_re('one', [ '^two', '^three' ]) + + A helpful error message can be returned like this: + + validate_re($::puppetversion, '^2.7', 'The $puppetversion fact value does not match 2.7') + + Note: Compilation will also abort, if the first argument is not a String. Always use + quotes to force stringification: + + validate_re("${::operatingsystemmajrelease}", '^[57]$') + + ENDHEREDOC + if (args.length < 2) or (args.length > 3) then + raise Puppet::ParseError, "validate_re(): wrong number of arguments (#{args.length}; must be 2 or 3)" + end + + raise Puppet::ParseError, "validate_re(): input needs to be a String, not a #{args[0].class}" unless args[0].is_a? String + + msg = args[2] || "validate_re(): #{args[0].inspect} does not match #{args[1].inspect}" + + # We're using a flattened array here because we can't call String#any? in + # Ruby 1.9 like we can in Ruby 1.8 + raise Puppet::ParseError, msg unless [args[1]].flatten.any? do |re_str| + args[0] =~ Regexp.compile(re_str) + end + + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_slength.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_slength.rb new file mode 100644 index 000000000..47c7d4a6c --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_slength.rb @@ -0,0 +1,69 @@ +module Puppet::Parser::Functions + + newfunction(:validate_slength, :doc => <<-'ENDHEREDOC') do |args| + Validate that the first argument is a string (or an array of strings), and + less/equal to than the length of the second argument. An optional third + parameter can be given the minimum length. It fails if the first + argument is not a string or array of strings, and if arg 2 and arg 3 are + not convertable to a number. + + The following values will pass: + + validate_slength("discombobulate",17) + validate_slength(["discombobulate","moo"],17) + validate_slength(["discombobulate","moo"],17,3) + + The following valueis will not: + + validate_slength("discombobulate",1) + validate_slength(["discombobulate","thermometer"],5) + validate_slength(["discombobulate","moo"],17,10) + + ENDHEREDOC + + raise Puppet::ParseError, "validate_slength(): Wrong number of arguments (#{args.length}; must be 2 or 3)" unless args.length == 2 or args.length == 3 + + input, max_length, min_length = *args + + begin + max_length = Integer(max_length) + raise ArgumentError if max_length <= 0 + rescue ArgumentError, TypeError + raise Puppet::ParseError, "validate_slength(): Expected second argument to be a positive Numeric, got #{max_length}:#{max_length.class}" + end + + if min_length + begin + min_length = Integer(min_length) + raise ArgumentError if min_length < 0 + rescue ArgumentError, TypeError + raise Puppet::ParseError, "validate_slength(): Expected third argument to be unset or a positive Numeric, got #{min_length}:#{min_length.class}" + end + else + min_length = 0 + end + + raise Puppet::ParseError, "validate_slength(): Expected second argument to be equal to or larger than third argument" unless max_length >= min_length + + validator = lambda do |str| + unless str.length <= max_length and str.length >= min_length + raise Puppet::ParseError, "validate_slength(): Expected length of #{input.inspect} to be between #{min_length} and #{max_length}, was #{input.length}" + end + end + + case input + when String + validator.call(input) + when Array + input.each_with_index do |arg, pos| + if arg.is_a? String + validator.call(arg) + else + raise Puppet::ParseError, "validate_slength(): Expected element at array position #{pos} to be a String, got #{arg.class}" + end + end + else + raise Puppet::ParseError, "validate_slength(): Expected first argument to be a String or Array, got #{input.class}" + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_string.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_string.rb new file mode 100644 index 000000000..c841f6abb --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/validate_string.rb @@ -0,0 +1,38 @@ +module Puppet::Parser::Functions + + newfunction(:validate_string, :doc => <<-'ENDHEREDOC') do |args| + Validate that all passed values are string data structures. Abort catalog + compilation if any value fails this check. + + The following values will pass: + + $my_string = "one two" + validate_string($my_string, 'three') + + The following values will fail, causing compilation to abort: + + validate_string(true) + validate_string([ 'some', 'array' ]) + + Note: validate_string(undef) will not fail in this version of the + functions API (incl. current and future parser). Instead, use: + + if $var == undef { + fail('...') + } + + ENDHEREDOC + + unless args.length > 0 then + raise Puppet::ParseError, ("validate_string(): wrong number of arguments (#{args.length}; must be > 0)") + end + + args.each do |arg| + unless arg.is_a?(String) + raise Puppet::ParseError, ("#{arg.inspect} is not a string. It looks to be a #{arg.class}") + end + end + + end + +end diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/values.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/values.rb new file mode 100644 index 000000000..16067561b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/values.rb @@ -0,0 +1,39 @@ +# +# values.rb +# + +module Puppet::Parser::Functions + newfunction(:values, :type => :rvalue, :doc => <<-EOS +When given a hash this function will return the values of that hash. + +*Examples:* + + $hash = { + 'a' => 1, + 'b' => 2, + 'c' => 3, + } + values($hash) + +This example would return: + + [1,2,3] + EOS + ) do |arguments| + + raise(Puppet::ParseError, "values(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + hash = arguments[0] + + unless hash.is_a?(Hash) + raise(Puppet::ParseError, 'values(): Requires hash to work with') + end + + result = hash.values + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/values_at.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/values_at.rb new file mode 100644 index 000000000..f350f5391 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/values_at.rb @@ -0,0 +1,99 @@ +# +# values_at.rb +# + +module Puppet::Parser::Functions + newfunction(:values_at, :type => :rvalue, :doc => <<-EOS +Finds value inside an array based on location. + +The first argument is the array you want to analyze, and the second element can +be a combination of: + +* A single numeric index +* A range in the form of 'start-stop' (eg. 4-9) +* An array combining the above + +*Examples*: + + values_at(['a','b','c'], 2) + +Would return ['c']. + + values_at(['a','b','c'], ["0-1"]) + +Would return ['a','b']. + + values_at(['a','b','c','d','e'], [0, "2-3"]) + +Would return ['a','c','d']. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "values_at(): Wrong number of " + + "arguments given (#{arguments.size} for 2)") if arguments.size < 2 + + array = arguments.shift + + unless array.is_a?(Array) + raise(Puppet::ParseError, 'values_at(): Requires array to work with') + end + + indices = [arguments.shift].flatten() # Get them all ... Pokemon ... + + if not indices or indices.empty? + raise(Puppet::ParseError, 'values_at(): You must provide ' + + 'at least one positive index to collect') + end + + result = [] + indices_list = [] + + indices.each do |i| + i = i.to_s + if m = i.match(/^(\d+)(\.\.\.?|\-)(\d+)$/) + start = m[1].to_i + stop = m[3].to_i + + type = m[2] + + if start > stop + raise(Puppet::ParseError, 'values_at(): Stop index in ' + + 'given indices range is smaller than the start index') + elsif stop > array.size - 1 # First element is at index 0 is it not? + raise(Puppet::ParseError, 'values_at(): Stop index in ' + + 'given indices range exceeds array size') + end + + range = case type + when /^(\.\.|\-)$/ then (start .. stop) + when /^(\.\.\.)$/ then (start ... stop) # Exclusive of last element ... + end + + range.each { |i| indices_list << i.to_i } + else + # Only positive numbers allowed in this case ... + if not i.match(/^\d+$/) + raise(Puppet::ParseError, 'values_at(): Unknown format ' + + 'of given index') + end + + # In Puppet numbers are often string-encoded ... + i = i.to_i + + if i > array.size - 1 # Same story. First element is at index 0 ... + raise(Puppet::ParseError, 'values_at(): Given index ' + + 'exceeds array size') + end + + indices_list << i + end + end + + # We remove nil values as they make no sense in Puppet DSL ... + result = indices_list.collect { |i| array[i] }.compact + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/parser/functions/zip.rb b/modules/dependencies/stdlib/lib/puppet/parser/functions/zip.rb new file mode 100644 index 000000000..3074f282b --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/parser/functions/zip.rb @@ -0,0 +1,39 @@ +# +# zip.rb +# + +module Puppet::Parser::Functions + newfunction(:zip, :type => :rvalue, :doc => <<-EOS +Takes one element from first array and merges corresponding elements from second array. This generates a sequence of n-element arrays, where n is one more than the count of arguments. + +*Example:* + + zip(['1','2','3'],['4','5','6']) + +Would result in: + + ["1", "4"], ["2", "5"], ["3", "6"] + EOS + ) do |arguments| + + # Technically we support three arguments but only first is mandatory ... + raise(Puppet::ParseError, "zip(): Wrong number of arguments " + + "given (#{arguments.size} for 2)") if arguments.size < 2 + + a = arguments[0] + b = arguments[1] + + unless a.is_a?(Array) and b.is_a?(Array) + raise(Puppet::ParseError, 'zip(): Requires array to work with') + end + + flatten = function_str2bool([arguments[2]]) if arguments[2] + + result = a.zip(b) + result = flatten ? result.flatten : result + + return result + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/dependencies/stdlib/lib/puppet/provider/file_line/ruby.rb b/modules/dependencies/stdlib/lib/puppet/provider/file_line/ruby.rb new file mode 100644 index 000000000..aab6fe289 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/provider/file_line/ruby.rb @@ -0,0 +1,128 @@ +Puppet::Type.type(:file_line).provide(:ruby) do + def exists? + if resource[:replace].to_s != 'true' and count_matches(match_regex) > 0 + true + else + lines.find do |line| + line.chomp == resource[:line].chomp + end + end + end + + def create + unless resource[:replace].to_s != 'true' and count_matches(match_regex) > 0 + if resource[:match] + handle_create_with_match + elsif resource[:after] + handle_create_with_after + else + append_line + end + end + end + + def destroy + if resource[:match_for_absence].to_s == 'true' and resource[:match] + handle_destroy_with_match + else + handle_destroy_line + end + end + + private + def lines + # If this type is ever used with very large files, we should + # write this in a different way, using a temp + # file; for now assuming that this type is only used on + # small-ish config files that can fit into memory without + # too much trouble. + @lines ||= File.readlines(resource[:path]) + end + + def match_regex + resource[:match] ? Regexp.new(resource[:match]) : nil + end + + def handle_create_with_match() + regex_after = resource[:after] ? Regexp.new(resource[:after]) : nil + match_count = count_matches(match_regex) + + if match_count > 1 && resource[:multiple].to_s != 'true' + raise Puppet::Error, "More than one line in file '#{resource[:path]}' matches pattern '#{resource[:match]}'" + end + + File.open(resource[:path], 'w') do |fh| + lines.each do |l| + fh.puts(match_regex.match(l) ? resource[:line] : l) + if (match_count == 0 and regex_after) + if regex_after.match(l) + fh.puts(resource[:line]) + match_count += 1 #Increment match_count to indicate that the new line has been inserted. + end + end + end + + if (match_count == 0) + fh.puts(resource[:line]) + end + end + end + + def handle_create_with_after + regex = Regexp.new(resource[:after]) + count = count_matches(regex) + + if count > 1 && resource[:multiple].to_s != 'true' + raise Puppet::Error, "#{count} lines match pattern '#{resource[:after]}' in file '#{resource[:path]}'. One or no line must match the pattern." + end + + File.open(resource[:path], 'w') do |fh| + lines.each do |l| + fh.puts(l) + if regex.match(l) then + fh.puts(resource[:line]) + end + end + end + + if (count == 0) # append the line to the end of the file + append_line + end + end + + def count_matches(regex) + lines.select{|l| l.match(regex)}.size + end + + def handle_destroy_with_match + match_count = count_matches(match_regex) + if match_count > 1 && resource[:multiple].to_s != 'true' + raise Puppet::Error, "More than one line in file '#{resource[:path]}' matches pattern '#{resource[:match]}'" + end + + local_lines = lines + File.open(resource[:path],'w') do |fh| + fh.write(local_lines.reject{|l| match_regex.match(l) }.join('')) + end + end + + def handle_destroy_line + local_lines = lines + File.open(resource[:path],'w') do |fh| + fh.write(local_lines.reject{|l| l.chomp == resource[:line] }.join('')) + end + end + + ## + # append the line to the file. + # + # @api private + def append_line + File.open(resource[:path], 'w') do |fh| + lines.each do |l| + fh.puts(l) + end + fh.puts resource[:line] + end + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/type/anchor.rb b/modules/dependencies/stdlib/lib/puppet/type/anchor.rb new file mode 100644 index 000000000..fe1e5aa19 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/type/anchor.rb @@ -0,0 +1,46 @@ +Puppet::Type.newtype(:anchor) do + desc <<-'ENDOFDESC' + A simple resource type intended to be used as an anchor in a composite class. + + In Puppet 2.6, when a class declares another class, the resources in the + interior class are not contained by the exterior class. This interacts badly + with the pattern of composing complex modules from smaller classes, as it + makes it impossible for end users to specify order relationships between the + exterior class and other modules. + + The anchor type lets you work around this. By sandwiching any interior + classes between two no-op resources that _are_ contained by the exterior + class, you can ensure that all resources in the module are contained. + + class ntp { + # These classes will have the correct order relationship with each + # other. However, without anchors, they won't have any order + # relationship to Class['ntp']. + class { 'ntp::package': } + -> class { 'ntp::config': } + -> class { 'ntp::service': } + + # These two resources "anchor" the composed classes within the ntp + # class. + anchor { 'ntp::begin': } -> Class['ntp::package'] + Class['ntp::service'] -> anchor { 'ntp::end': } + } + + This allows the end user of the ntp module to establish require and before + relationships with Class['ntp']: + + class { 'ntp': } -> class { 'mcollective': } + class { 'mcollective': } -> class { 'ntp': } + + ENDOFDESC + + newparam :name do + desc "The name of the anchor resource." + end + + def refresh + # We don't do anything with them, but we need this to + # show that we are "refresh aware" and not break the + # chain of propagation. + end +end diff --git a/modules/dependencies/stdlib/lib/puppet/type/file_line.rb b/modules/dependencies/stdlib/lib/puppet/type/file_line.rb new file mode 100644 index 000000000..77d3be261 --- /dev/null +++ b/modules/dependencies/stdlib/lib/puppet/type/file_line.rb @@ -0,0 +1,118 @@ +Puppet::Type.newtype(:file_line) do + + desc <<-EOT + Ensures that a given line is contained within a file. The implementation + matches the full line, including whitespace at the beginning and end. If + the line is not contained in the given file, Puppet will append the line to + the end of the file to ensure the desired state. Multiple resources may + be declared to manage multiple lines in the same file. + + Example: + + file_line { 'sudo_rule': + path => '/etc/sudoers', + line => '%sudo ALL=(ALL) ALL', + } + + file_line { 'sudo_rule_nopw': + path => '/etc/sudoers', + line => '%sudonopw ALL=(ALL) NOPASSWD: ALL', + } + + In this example, Puppet will ensure both of the specified lines are + contained in the file /etc/sudoers. + + Match Example: + + file_line { 'bashrc_proxy': + ensure => present, + path => '/etc/bashrc', + line => 'export HTTP_PROXY=http://squid.puppetlabs.vm:3128', + match => '^export\ HTTP_PROXY\=', + } + + In this code example match will look for a line beginning with export + followed by HTTP_PROXY and replace it with the value in line. + + Match Example With `ensure => absent`: + + file_line { 'bashrc_proxy': + ensure => absent, + path => '/etc/bashrc', + line => 'export HTTP_PROXY=http://squid.puppetlabs.vm:3128', + match => '^export\ HTTP_PROXY\=', + match_for_absence => true, + } + + In this code example match will look for a line beginning with export + followed by HTTP_PROXY and delete it. If multiple lines match, an + error will be raised unless the `multiple => true` parameter is set. + + **Autorequires:** If Puppet is managing the file that will contain the line + being managed, the file_line resource will autorequire that file. + EOT + + ensurable do + defaultvalues + defaultto :present + end + + newparam(:name, :namevar => true) do + desc 'An arbitrary name used as the identity of the resource.' + end + + newparam(:match) do + desc 'An optional ruby regular expression to run against existing lines in the file.' + + ' If a match is found, we replace that line rather than adding a new line.' + + ' A regex comparison is performed against the line value and if it does not' + + ' match an exception will be raised.' + end + + newparam(:match_for_absence) do + desc 'An optional value to determine if match should be applied when ensure => absent.' + + ' If set to true and match is set, the line that matches match will be deleted.' + + ' If set to false (the default), match is ignored when ensure => absent.' + newvalues(true, false) + defaultto false + end + + newparam(:multiple) do + desc 'An optional value to determine if match can change multiple lines.' + + ' If set to false, an exception will be raised if more than one line matches' + newvalues(true, false) + end + + newparam(:after) do + desc 'An optional value used to specify the line after which we will add any new lines. (Existing lines are added in place)' + end + + newparam(:line) do + desc 'The line to be appended to the file or used to replace matches found by the match attribute.' + end + + newparam(:path) do + desc 'The file Puppet will ensure contains the line specified by the line parameter.' + validate do |value| + unless (Puppet.features.posix? and value =~ /^\//) or (Puppet.features.microsoft_windows? and (value =~ /^.:\// or value =~ /^\/\/[^\/]+\/[^\/]+/)) + raise(Puppet::Error, "File paths must be fully qualified, not '#{value}'") + end + end + end + + newparam(:replace) do + desc 'If true, replace line that matches. If false, do not write line if a match is found' + newvalues(true, false) + defaultto true + end + + # Autorequire the file resource if it's being managed + autorequire(:file) do + self[:path] + end + + validate do + unless self[:line] and self[:path] + raise(Puppet::Error, "Both line and path are required attributes") + end + end +end diff --git a/modules/dependencies/stdlib/manifests/init.pp b/modules/dependencies/stdlib/manifests/init.pp new file mode 100644 index 000000000..9ea22a737 --- /dev/null +++ b/modules/dependencies/stdlib/manifests/init.pp @@ -0,0 +1,18 @@ +# Class: stdlib +# +# This module manages stdlib. Most of stdlib's features are automatically +# loaded by Puppet, but this class should be declared in order to use the +# standardized run stages. +# +# Parameters: none +# +# Actions: +# +# Declares all other classes in the stdlib module. Currently, this consists +# of stdlib::stages. +# +# Requires: nothing +# +class stdlib { + include ::stdlib::stages +} diff --git a/modules/dependencies/stdlib/manifests/stages.pp b/modules/dependencies/stdlib/manifests/stages.pp new file mode 100644 index 000000000..7de254c71 --- /dev/null +++ b/modules/dependencies/stdlib/manifests/stages.pp @@ -0,0 +1,43 @@ +# Class: stdlib::stages +# +# This class manages a standard set of run stages for Puppet. It is managed by +# the stdlib class, and should not be declared independently. +# +# The high level stages are (in order): +# +# * setup +# * main +# * runtime +# * setup_infra +# * deploy_infra +# * setup_app +# * deploy_app +# * deploy +# +# Parameters: none +# +# Actions: +# +# Declares various run-stages for deploying infrastructure, +# language runtimes, and application layers. +# +# Requires: nothing +# +# Sample Usage: +# +# node default { +# include ::stdlib +# class { java: stage => 'runtime' } +# } +# +class stdlib::stages { + + stage { 'setup': before => Stage['main'] } + stage { 'runtime': require => Stage['main'] } + -> stage { 'setup_infra': } + -> stage { 'deploy_infra': } + -> stage { 'setup_app': } + -> stage { 'deploy_app': } + -> stage { 'deploy': } + +} diff --git a/modules/dependencies/stdlib/metadata.json b/modules/dependencies/stdlib/metadata.json new file mode 100644 index 000000000..a7ea0af17 --- /dev/null +++ b/modules/dependencies/stdlib/metadata.json @@ -0,0 +1,115 @@ +{ + "name": "puppetlabs-stdlib", + "version": "4.11.0", + "author": "puppetlabs", + "summary": "Standard library of resources for Puppet modules.", + "license": "Apache-2.0", + "source": "https://github.com/puppetlabs/puppetlabs-stdlib", + "project_page": "https://github.com/puppetlabs/puppetlabs-stdlib", + "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "4", + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "4", + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "4", + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "4", + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "10 SP4", + "11 SP1", + "12" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7", + "8" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04" + ] + }, + { + "operatingsystem": "Solaris", + "operatingsystemrelease": [ + "10", + "11", + "12" + ] + }, + { + "operatingsystem": "Windows", + "operatingsystemrelease": [ + "Server 2003", + "Server 2003 R2", + "Server 2008", + "Server 2008 R2", + "Server 2012", + "Server 2012 R2", + "7", + "8" + ] + }, + { + "operatingsystem": "AIX", + "operatingsystemrelease": [ + "5.3", + "6.1", + "7.1" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": ">= 3.0.0 < 2015.4.0" + }, + { + "name": "puppet", + "version_requirement": ">=2.7.20 <5.0.0" + } + ], + "description": "Standard Library for Puppet Modules", + "dependencies": [ + + ] +} diff --git a/modules/dependencies/stdlib/spec/acceptance/abs_spec.rb b/modules/dependencies/stdlib/spec/acceptance/abs_spec.rb new file mode 100755 index 000000000..6e41e2fde --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/abs_spec.rb @@ -0,0 +1,30 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'abs function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should accept a string' do + pp = <<-EOS + $input = '-34.56' + $output = abs($input) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 34.56/) + end + end + + it 'should accept a float' do + pp = <<-EOS + $input = -34.56 + $output = abs($input) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 34.56/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/anchor_spec.rb b/modules/dependencies/stdlib/spec/acceptance/anchor_spec.rb new file mode 100755 index 000000000..5bc2bbb3b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/anchor_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper_acceptance' + +describe 'anchor type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should effect proper chaining of resources' do + pp = <<-EOS + class anchored { + anchor { 'anchored::begin': } + ~> anchor { 'anchored::end': } + } + + class anchorrefresh { + notify { 'first': } + ~> class { 'anchored': } + ~> anchor { 'final': } + } + + include anchorrefresh + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Anchor\[final\]: Triggered 'refresh'/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/any2array_spec.rb b/modules/dependencies/stdlib/spec/acceptance/any2array_spec.rb new file mode 100755 index 000000000..18ea4cd9b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/any2array_spec.rb @@ -0,0 +1,49 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'any2array function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should create an empty array' do + pp = <<-EOS + $input = '' + $output = any2array($input) + validate_array($output) + notify { "Output: ${output}": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: Output: /) + end + end + + it 'should leave arrays modified' do + pp = <<-EOS + $input = ['test', 'array'] + $output = any2array($input) + validate_array($output) + notify { "Output: ${output}": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: Output: (\[|)test(,\s|)array(\]|)/) + end + end + + it 'should turn a hash into an array' do + pp = <<-EOS + $input = {'test' => 'array'} + $output = any2array($input) + + validate_array($output) + # Check each element of the array is a plain string. + validate_string($output[0]) + validate_string($output[1]) + notify { "Output: ${output}": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: Output: (\[|)test(,\s|)array(\]|)/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/base64_spec.rb b/modules/dependencies/stdlib/spec/acceptance/base64_spec.rb new file mode 100755 index 000000000..97e1738ef --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/base64_spec.rb @@ -0,0 +1,18 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'base64 function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should encode then decode a string' do + pp = <<-EOS + $encodestring = base64('encode', 'thestring') + $decodestring = base64('decode', $encodestring) + notify { $decodestring: } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/thestring/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/bool2num_spec.rb b/modules/dependencies/stdlib/spec/acceptance/bool2num_spec.rb new file mode 100755 index 000000000..52ff75bcf --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/bool2num_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'bool2num function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + ['false', 'f', '0', 'n', 'no'].each do |bool| + it "should convert a given boolean, #{bool}, to 0" do + pp = <<-EOS + $input = "#{bool}" + $output = bool2num($input) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 0/) + end + end + end + + ['true', 't', '1', 'y', 'yes'].each do |bool| + it "should convert a given boolean, #{bool}, to 1" do + pp = <<-EOS + $input = "#{bool}" + $output = bool2num($input) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 1/) + end + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/build_csv.rb b/modules/dependencies/stdlib/spec/acceptance/build_csv.rb new file mode 100755 index 000000000..62ecbf13a --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/build_csv.rb @@ -0,0 +1,83 @@ +#!/usr/bin/env ruby +# vim: set sw=2 sts=2 et tw=80 : +require 'rspec' + +#XXX Super ugly hack to keep from starting beaker nodes +module Kernel + # make an alias of the original require + alias_method :original_require, :require + # rewrite require + def require name + original_require name if name != 'spec_helper_acceptance' + end +end +UNSUPPORTED_PLATFORMS = [] +def fact(*args) [] end +#XXX End hax + +# Get a list of functions for test coverage +function_list = Dir[File.join(File.dirname(__FILE__),"..","..","lib","puppet","parser","functions","*.rb")].collect do |function_rb| + File.basename(function_rb,".rb") +end + +## Configure rspec to parse tests +options = RSpec::Core::ConfigurationOptions.new(['spec/acceptance']) +configuration = RSpec::configuration +world = RSpec::world +options.parse_options +options.configure(configuration) +configuration.load_spec_files + +## Collect up tests and example groups into a hash +def get_tests(children) + children.inject({}) do |memo,c| + memo[c.description] = Hash.new + memo[c.description]["groups"] = get_tests(c.children) unless c.children.empty? + memo[c.description]["tests"] = c.examples.collect { |e| + e.description unless e.pending? + }.compact unless c.examples.empty? + memo[c.description]["pending_tests"] = c.examples.collect { |e| + e.description if e.pending? + }.compact unless c.examples.empty? + memo + end +end + +def count_test_types_in(type,group) + return 0 if group.nil? + group.inject(0) do |m,(k,v)| + m += v.length if k == type + m += count_tests_in(v) if v.is_a?(Hash) + m + end +end +def count_tests_in(group) + count_test_types_in('tests',group) +end +def count_pending_tests_in(group) + count_test_types_in('pending_tests',group) +end + +# Convert tests hash to csv format +def to_csv(function_list,tests) + function_list.collect do |function_name| + if v = tests["#{function_name} function"] + positive_tests = count_tests_in(v["groups"]["success"]) + negative_tests = count_tests_in(v["groups"]["failure"]) + pending_tests = + count_pending_tests_in(v["groups"]["failure"]) + + count_pending_tests_in(v["groups"]["failure"]) + else + positive_tests = 0 + negative_tests = 0 + pending_tests = 0 + end + sprintf("%-25s, %-9d, %-9d, %-9d", function_name,positive_tests,negative_tests,pending_tests) + end.compact +end + +tests = get_tests(world.example_groups) +csv = to_csv(function_list,tests) +percentage_tested = "#{tests.count*100/function_list.count}%" +printf("%-25s, %-9s, %-9s, %-9s\n","#{percentage_tested} have tests.","Positive","Negative","Pending") +puts csv diff --git a/modules/dependencies/stdlib/spec/acceptance/capitalize_spec.rb b/modules/dependencies/stdlib/spec/acceptance/capitalize_spec.rb new file mode 100755 index 000000000..e5e7b7bf8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/capitalize_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'capitalize function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should capitalize the first letter of a string' do + pp = <<-EOS + $input = 'this is a string' + $output = capitalize($input) + notify { $output: } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: This is a string/) + end + end + + it 'should capitalize the first letter of an array of strings' do + pp = <<-EOS + $input = ['this', 'is', 'a', 'string'] + $output = capitalize($input) + notify { $output: } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: This/) + expect(r.stdout).to match(/Notice: Is/) + expect(r.stdout).to match(/Notice: A/) + expect(r.stdout).to match(/Notice: String/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/ceiling_spec.rb b/modules/dependencies/stdlib/spec/acceptance/ceiling_spec.rb new file mode 100755 index 000000000..557986eb8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/ceiling_spec.rb @@ -0,0 +1,39 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'ceiling function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'ceilings floats' do + pp = <<-EOS + $a = 12.8 + $b = 13 + $o = ceiling($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'ceilings integers' do + pp = <<-EOS + $a = 7 + $b = 7 + $o = ceiling($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-numbers' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/chomp_spec.rb b/modules/dependencies/stdlib/spec/acceptance/chomp_spec.rb new file mode 100755 index 000000000..f6c15956e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/chomp_spec.rb @@ -0,0 +1,21 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'chomp function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should eat the newline' do + pp = <<-EOS + $input = "test\n" + if size($input) != 5 { + fail("Size of ${input} is not 5.") + } + $output = chomp($input) + if size($output) != 4 { + fail("Size of ${input} is not 4.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/chop_spec.rb b/modules/dependencies/stdlib/spec/acceptance/chop_spec.rb new file mode 100755 index 000000000..a16a71026 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/chop_spec.rb @@ -0,0 +1,45 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'chop function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should eat the last character' do + pp = <<-EOS + $input = "test" + if size($input) != 4 { + fail("Size of ${input} is not 4.") + } + $output = chop($input) + if size($output) != 3 { + fail("Size of ${input} is not 3.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should eat the last two characters of \r\n' do + pp = <<-'EOS' + $input = "test\r\n" + if size($input) != 6 { + fail("Size of ${input} is not 6.") + } + $output = chop($input) + if size($output) != 4 { + fail("Size of ${input} is not 4.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should not fail on empty strings' do + pp = <<-EOS + $input = "" + $output = chop($input) + EOS + + apply_manifest(pp, :catch_failures => true) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/concat_spec.rb b/modules/dependencies/stdlib/spec/acceptance/concat_spec.rb new file mode 100755 index 000000000..06b649f19 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/concat_spec.rb @@ -0,0 +1,40 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'concat function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should concat one array to another' do + pp = <<-EOS + $output = concat(['1','2','3'],['4','5','6']) + validate_array($output) + if size($output) != 6 { + fail("${output} should have 6 elements.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'should concat arrays and primitives to array' do + pp = <<-EOS + $output = concat(['1','2','3'],'4','5','6',['7','8','9']) + validate_array($output) + if size($output) != 9 { + fail("${output} should have 9 elements.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'should concat multiple arrays to one' do + pp = <<-EOS + $output = concat(['1','2','3'],['4','5','6'],['7','8','9']) + validate_array($output) + if size($output) != 9 { + fail("${output} should have 9 elements.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/count_spec.rb b/modules/dependencies/stdlib/spec/acceptance/count_spec.rb new file mode 100755 index 000000000..fe7ca9dcf --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/count_spec.rb @@ -0,0 +1,30 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'count function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should count elements in an array' do + pp = <<-EOS + $input = [1,2,3,4] + $output = count($input) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 4/) + end + end + + it 'should count elements in an array that match a second argument' do + pp = <<-EOS + $input = [1,1,1,2] + $output = count($input, 1) + notify { "$output": } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: 3/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/deep_merge_spec.rb b/modules/dependencies/stdlib/spec/acceptance/deep_merge_spec.rb new file mode 100755 index 000000000..c0f9b126d --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/deep_merge_spec.rb @@ -0,0 +1,20 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'deep_merge function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should deep merge two hashes' do + pp = <<-EOS + $hash1 = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } + $hash2 = {'two' => 'dos', 'three' => { 'five' => 5 } } + $merged_hash = deep_merge($hash1, $hash2) + + if $merged_hash != { 'one' => 1, 'two' => 'dos', 'three' => { 'four' => 4, 'five' => 5 } } { + fail("Hash was incorrectly merged.") + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/defined_with_params_spec.rb b/modules/dependencies/stdlib/spec/acceptance/defined_with_params_spec.rb new file mode 100755 index 000000000..fc544508b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/defined_with_params_spec.rb @@ -0,0 +1,22 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'defined_with_params function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should successfully notify' do + pp = <<-EOS + user { 'dan': + ensure => present, + } + + if defined_with_params(User[dan], {'ensure' => 'present' }) { + notify { 'User defined with ensure=>present': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: User defined with ensure=>present/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/delete_at_spec.rb b/modules/dependencies/stdlib/spec/acceptance/delete_at_spec.rb new file mode 100755 index 000000000..db0c01f74 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/delete_at_spec.rb @@ -0,0 +1,19 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'delete_at function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should delete elements of the array' do + pp = <<-EOS + $output = delete_at(['a','b','c','b'], 1) + if $output == ['a','c','b'] { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/delete_spec.rb b/modules/dependencies/stdlib/spec/acceptance/delete_spec.rb new file mode 100755 index 000000000..a28604cea --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/delete_spec.rb @@ -0,0 +1,19 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'delete function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should delete elements of the array' do + pp = <<-EOS + $output = delete(['a','b','c','b'], 'b') + if $output == ['a','c'] { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/delete_undef_values_spec.rb b/modules/dependencies/stdlib/spec/acceptance/delete_undef_values_spec.rb new file mode 100755 index 000000000..b7eda1926 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/delete_undef_values_spec.rb @@ -0,0 +1,19 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'delete_undef_values function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should delete elements of the array' do + pp = <<-EOS + $output = delete_undef_values({a=>'A', b=>'', c=>undef, d => false}) + if $output == { a => 'A', b => '', d => false } { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/delete_values_spec.rb b/modules/dependencies/stdlib/spec/acceptance/delete_values_spec.rb new file mode 100755 index 000000000..6d2369c3e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/delete_values_spec.rb @@ -0,0 +1,25 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'delete_values function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should delete elements of the hash' do + pp = <<-EOS + $a = { 'a' => 'A', 'b' => 'B', 'B' => 'C', 'd' => 'B' } + $b = { 'a' => 'A', 'B' => 'C' } + $o = delete_values($a, 'B') + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles non-hash arguments' + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/difference_spec.rb b/modules/dependencies/stdlib/spec/acceptance/difference_spec.rb new file mode 100755 index 000000000..2fae5c432 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/difference_spec.rb @@ -0,0 +1,26 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'difference function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'returns non-duplicates in the first array' do + pp = <<-EOS + $a = ['a','b','c'] + $b = ['b','c','d'] + $c = ['a'] + $o = difference($a, $b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles non-array arguments' + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/dirname_spec.rb b/modules/dependencies/stdlib/spec/acceptance/dirname_spec.rb new file mode 100755 index 000000000..97913ddb0 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/dirname_spec.rb @@ -0,0 +1,42 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'dirname function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + context 'absolute path' do + it 'returns the dirname' do + pp = <<-EOS + $a = '/path/to/a/file.txt' + $b = '/path/to/a' + $o = dirname($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + context 'relative path' do + it 'returns the dirname' do + pp = <<-EOS + $a = 'path/to/a/file.txt' + $b = 'path/to/a' + $o = dirname($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/downcase_spec.rb b/modules/dependencies/stdlib/spec/acceptance/downcase_spec.rb new file mode 100755 index 000000000..bc4e70692 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/downcase_spec.rb @@ -0,0 +1,39 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'downcase function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'returns the downcase' do + pp = <<-EOS + $a = 'AOEU' + $b = 'aoeu' + $o = downcase($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'doesn\'t affect lowercase words' do + pp = <<-EOS + $a = 'aoeu aoeu' + $b = 'aoeu aoeu' + $o = downcase($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/empty_spec.rb b/modules/dependencies/stdlib/spec/acceptance/empty_spec.rb new file mode 100755 index 000000000..2d4df901b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/empty_spec.rb @@ -0,0 +1,53 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'empty function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'recognizes empty strings' do + pp = <<-EOS + $a = '' + $b = true + $o = empty($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'recognizes non-empty strings' do + pp = <<-EOS + $a = 'aoeu' + $b = false + $o = empty($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'handles numerical values' do + pp = <<-EOS + $a = 7 + $b = false + $o = empty($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/ensure_resource_spec.rb b/modules/dependencies/stdlib/spec/acceptance/ensure_resource_spec.rb new file mode 100755 index 000000000..93f25ddc0 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/ensure_resource_spec.rb @@ -0,0 +1,30 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'ensure_resource function' do + describe 'success' do + it 'ensures a resource already declared' do + apply_manifest('') + pp = <<-EOS + notify { "test": loglevel => 'err' } + ensure_resource('notify', 'test', { 'loglevel' => 'err' }) + EOS + + apply_manifest(pp, :expect_changes => true) + end + + it 'ensures a undeclared resource' do + apply_manifest('') + pp = <<-EOS + ensure_resource('notify', 'test', { 'loglevel' => 'err' }) + EOS + + apply_manifest(pp, :expect_changes => true) + end + it 'takes defaults arguments' + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/flatten_spec.rb b/modules/dependencies/stdlib/spec/acceptance/flatten_spec.rb new file mode 100755 index 000000000..c4d66e046 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/flatten_spec.rb @@ -0,0 +1,39 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'flatten function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'flattens arrays' do + pp = <<-EOS + $a = ["a","b",["c",["d","e"],"f","g"]] + $b = ["a","b","c","d","e","f","g"] + $o = flatten($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'does not affect flat arrays' do + pp = <<-EOS + $a = ["a","b","c","d","e","f","g"] + $b = ["a","b","c","d","e","f","g"] + $o = flatten($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/floor_spec.rb b/modules/dependencies/stdlib/spec/acceptance/floor_spec.rb new file mode 100755 index 000000000..0dcdad9c2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/floor_spec.rb @@ -0,0 +1,39 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'floor function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'floors floats' do + pp = <<-EOS + $a = 12.8 + $b = 12 + $o = floor($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'floors integers' do + pp = <<-EOS + $a = 7 + $b = 7 + $o = floor($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-numbers' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/fqdn_rand_string_spec.rb b/modules/dependencies/stdlib/spec/acceptance/fqdn_rand_string_spec.rb new file mode 100644 index 000000000..9c6d701c9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/fqdn_rand_string_spec.rb @@ -0,0 +1,66 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'fqdn_rand_string function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + include_context "with faked facts" + context "when the FQDN is 'fakehost.localdomain'" do + before :each do + fake_fact("fqdn", "fakehost.localdomain") + end + + it 'generates random alphanumeric strings' do + pp = <<-eos + $l = 10 + $o = fqdn_rand_string($l) + notice(inline_template('fqdn_rand_string is <%= @o.inspect %>')) + eos + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rand_string is "7oDp0KOr1b"/) + end + end + it 'generates random alphanumeric strings with custom charsets' do + pp = <<-eos + $l = 10 + $c = '0123456789' + $o = fqdn_rand_string($l, $c) + notice(inline_template('fqdn_rand_string is <%= @o.inspect %>')) + eos + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rand_string is "7203048515"/) + end + end + it 'generates random alphanumeric strings with custom seeds' do + pp = <<-eos + $l = 10 + $s = 'seed' + $o = fqdn_rand_string($l, undef, $s) + notice(inline_template('fqdn_rand_string is <%= @o.inspect %>')) + eos + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rand_string is "3HS4mbuI3E"/) + end + end + it 'generates random alphanumeric strings with custom charsets and seeds' do + pp = <<-eos + $l = 10 + $c = '0123456789' + $s = 'seed' + $o = fqdn_rand_string($l, $c, $s) + notice(inline_template('fqdn_rand_string is <%= @o.inspect %>')) + eos + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rand_string is "3104058232"/) + end + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-numbers for length argument' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/fqdn_rotate_spec.rb b/modules/dependencies/stdlib/spec/acceptance/fqdn_rotate_spec.rb new file mode 100755 index 000000000..404351f6f --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/fqdn_rotate_spec.rb @@ -0,0 +1,64 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'fqdn_rotate function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + include_context "with faked facts" + context "when the FQDN is 'fakehost.localdomain'" do + before :each do + fake_fact("fqdn", "fakehost.localdomain") + end + + it 'rotates arrays' do + pp = <<-EOS + $a = ['a','b','c','d'] + $o = fqdn_rotate($a) + notice(inline_template('fqdn_rotate is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rotate is \["d", "a", "b", "c"\]/) + end + end + it 'rotates arrays with custom seeds' do + pp = <<-EOS + $a = ['a','b','c','d'] + $s = 'seed' + $o = fqdn_rotate($a, $s) + notice(inline_template('fqdn_rotate is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rotate is \["c", "d", "a", "b"\]/) + end + end + it 'rotates strings' do + pp = <<-EOS + $a = 'abcd' + $o = fqdn_rotate($a) + notice(inline_template('fqdn_rotate is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rotate is "dabc"/) + end + end + it 'rotates strings with custom seeds' do + pp = <<-EOS + $a = 'abcd' + $s = 'seed' + $o = fqdn_rotate($a, $s) + notice(inline_template('fqdn_rotate is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/fqdn_rotate is "cdab"/) + end + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles invalid arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/get_module_path_spec.rb b/modules/dependencies/stdlib/spec/acceptance/get_module_path_spec.rb new file mode 100755 index 000000000..6ac690c16 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/get_module_path_spec.rb @@ -0,0 +1,27 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'get_module_path function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'get_module_paths dne' do + pp = <<-EOS + $a = $::is_pe ? { + 'true' => '/etc/puppetlabs/puppet/modules/dne', + 'false' => '/etc/puppet/modules/dne', + } + $o = get_module_path('dne') + if $o == $a { + notify { 'output correct': } + } else { + notify { "failed; module path is '$o'": } + } + EOS + + apply_manifest(pp, :expect_failures => true) + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-numbers' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/getparam_spec.rb b/modules/dependencies/stdlib/spec/acceptance/getparam_spec.rb new file mode 100755 index 000000000..b1a677eca --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/getparam_spec.rb @@ -0,0 +1,24 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'getparam function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'getparam a notify' do + pp = <<-EOS + notify { 'rspec': + message => 'custom rspec message', + } + $o = getparam(Notify['rspec'], 'message') + notice(inline_template('getparam is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/getparam is "custom rspec message"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/getvar_spec.rb b/modules/dependencies/stdlib/spec/acceptance/getvar_spec.rb new file mode 100755 index 000000000..333c467f6 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/getvar_spec.rb @@ -0,0 +1,26 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'getvar function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'getvars from classes' do + pp = <<-EOS + class a::data { $foo = 'aoeu' } + include a::data + $b = 'aoeu' + $o = getvar("a::data::foo") + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-numbers' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/grep_spec.rb b/modules/dependencies/stdlib/spec/acceptance/grep_spec.rb new file mode 100755 index 000000000..b39d48ecb --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/grep_spec.rb @@ -0,0 +1,26 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'grep function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'greps arrays' do + pp = <<-EOS + $a = ['aaabbb','bbbccc','dddeee'] + $b = 'bbb' + $c = ['aaabbb','bbbccc'] + $o = grep($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/has_interface_with_spec.rb b/modules/dependencies/stdlib/spec/acceptance/has_interface_with_spec.rb new file mode 100755 index 000000000..959019304 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/has_interface_with_spec.rb @@ -0,0 +1,54 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'has_interface_with function', :unless => ((UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem'))) or (fact('osfamily') == 'windows') or (fact('osfamily') == 'AIX')) do + describe 'success' do + it 'has_interface_with existing ipaddress' do + pp = <<-EOS + $a = $::ipaddress + $o = has_interface_with('ipaddress', $a) + notice(inline_template('has_interface_with is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_interface_with is true/) + end + end + it 'has_interface_with absent ipaddress' do + pp = <<-EOS + $a = '128.0.0.1' + $o = has_interface_with('ipaddress', $a) + notice(inline_template('has_interface_with is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_interface_with is false/) + end + end + it 'has_interface_with existing interface' do + pp = <<-EOS + if $osfamily == 'Solaris' or $osfamily == 'Darwin' { + $a = 'lo0' + }elsif $osfamily == 'windows' { + $a = $::kernelmajversion ? { + /6\.(2|3|4)/ => 'Ethernet0', + /6\.(0|1)/ => 'Local_Area_Connection', + /5\.(1|2)/ => undef, #Broken current in facter + } + }else { + $a = 'lo' + } + $o = has_interface_with($a) + notice(inline_template('has_interface_with is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_interface_with is true/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/has_ip_address_spec.rb b/modules/dependencies/stdlib/spec/acceptance/has_ip_address_spec.rb new file mode 100755 index 000000000..149a10dc9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/has_ip_address_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'has_ip_address function', :unless => ((UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem'))) or (fact('osfamily') == 'windows') or (fact('osfamily') == 'AIX')) do + describe 'success' do + it 'has_ip_address existing ipaddress' do + pp = <<-EOS + $a = '127.0.0.1' + $o = has_ip_address($a) + notice(inline_template('has_ip_address is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_ip_address is true/) + end + end + it 'has_ip_address absent ipaddress' do + pp = <<-EOS + $a = '128.0.0.1' + $o = has_ip_address($a) + notice(inline_template('has_ip_address is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_ip_address is false/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/has_ip_network_spec.rb b/modules/dependencies/stdlib/spec/acceptance/has_ip_network_spec.rb new file mode 100755 index 000000000..7d2f34ed5 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/has_ip_network_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'has_ip_network function', :unless => ((UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem'))) or (fact('osfamily') == 'windows') or (fact('osfamily') == 'AIX')) do + describe 'success' do + it 'has_ip_network existing ipaddress' do + pp = <<-EOS + $a = '127.0.0.0' + $o = has_ip_network($a) + notice(inline_template('has_ip_network is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_ip_network is true/) + end + end + it 'has_ip_network absent ipaddress' do + pp = <<-EOS + $a = '128.0.0.0' + $o = has_ip_network($a) + notice(inline_template('has_ip_network is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/has_ip_network is false/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/has_key_spec.rb b/modules/dependencies/stdlib/spec/acceptance/has_key_spec.rb new file mode 100755 index 000000000..c8557cbeb --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/has_key_spec.rb @@ -0,0 +1,41 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'has_key function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'has_keys in hashes' do + pp = <<-EOS + $a = { 'aaa' => 'bbb','bbb' => 'ccc','ddd' => 'eee' } + $b = 'bbb' + $c = true + $o = has_key($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'has_keys not in hashes' do + pp = <<-EOS + $a = { 'aaa' => 'bbb','bbb' => 'ccc','ddd' => 'eee' } + $b = 'ccc' + $c = false + $o = has_key($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-hashes' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/hash_spec.rb b/modules/dependencies/stdlib/spec/acceptance/hash_spec.rb new file mode 100755 index 000000000..ed53834be --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/hash_spec.rb @@ -0,0 +1,26 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'hash function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'hashs arrays' do + pp = <<-EOS + $a = ['aaa','bbb','bbb','ccc','ddd','eee'] + $b = { 'aaa' => 'bbb', 'bbb' => 'ccc', 'ddd' => 'eee' } + $o = hash($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'handles odd-length arrays' + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/intersection_spec.rb b/modules/dependencies/stdlib/spec/acceptance/intersection_spec.rb new file mode 100755 index 000000000..66b865297 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/intersection_spec.rb @@ -0,0 +1,27 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'intersection function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'intersections arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $b = ['bbb','ccc','ddd','eee'] + $c = ['bbb','ccc'] + $o = intersection($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'intersections empty arrays' + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_a_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_a_spec.rb new file mode 100644 index 000000000..355fd8379 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_a_spec.rb @@ -0,0 +1,30 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +if get_puppet_version =~ /^4/ + describe 'is_a function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + it 'should match a string' do + pp = <<-EOS + if 'hello world'.is_a(String) { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + + it 'should not match a integer as string' do + pp = <<-EOS + if 5.is_a(String) { + notify { 'output wrong': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).not_to match(/Notice: output wrong/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_array_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_array_spec.rb new file mode 100755 index 000000000..9c6bad735 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_array_spec.rb @@ -0,0 +1,67 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_array function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_arrays arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $b = true + $o = is_array($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_arrays empty arrays' do + pp = <<-EOS + $a = [] + $b = true + $o = is_array($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_arrays strings' do + pp = <<-EOS + $a = "aoeu" + $b = false + $o = is_array($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_arrays hashes' do + pp = <<-EOS + $a = {'aaa'=>'bbb'} + $b = false + $o = is_array($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_bool_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_bool_spec.rb new file mode 100755 index 000000000..60079f95e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_bool_spec.rb @@ -0,0 +1,81 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_bool function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_bools arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $b = false + $o = is_bool($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_bools true' do + pp = <<-EOS + $a = true + $b = true + $o = is_bool($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_bools false' do + pp = <<-EOS + $a = false + $b = true + $o = is_bool($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_bools strings' do + pp = <<-EOS + $a = "true" + $b = false + $o = is_bool($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_bools hashes' do + pp = <<-EOS + $a = {'aaa'=>'bbb'} + $b = false + $o = is_bool($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_domain_name_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_domain_name_spec.rb new file mode 100755 index 000000000..e0f03fa87 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_domain_name_spec.rb @@ -0,0 +1,83 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_domain_name function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_domain_names arrays' do + pp = <<-EOS + $a = ['aaa.com','bbb','ccc'] + $o = is_domain_name($a) + notice(inline_template('is_domain_name is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_domain_name is false/) + end + end + it 'is_domain_names true' do + pp = <<-EOS + $a = true + $o = is_domain_name($a) + notice(inline_template('is_domain_name is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_domain_name is false/) + end + end + it 'is_domain_names false' do + pp = <<-EOS + $a = false + $o = is_domain_name($a) + notice(inline_template('is_domain_name is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_domain_name is false/) + end + end + it 'is_domain_names strings with hyphens' do + pp = <<-EOS + $a = "3foo-bar.2bar-fuzz.com" + $b = true + $o = is_domain_name($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_domain_names strings beginning with hyphens' do + pp = <<-EOS + $a = "-bar.2bar-fuzz.com" + $b = false + $o = is_domain_name($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_domain_names hashes' do + pp = <<-EOS + $a = {'aaa'=>'www.com'} + $o = is_domain_name($a) + notice(inline_template('is_domain_name is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_domain_name is false/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_float_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_float_spec.rb new file mode 100755 index 000000000..338ba58d4 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_float_spec.rb @@ -0,0 +1,86 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_float function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_floats arrays' do + pp = <<-EOS + $a = ['aaa.com','bbb','ccc'] + $o = is_float($a) + notice(inline_template('is_float is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_float is false/) + end + end + it 'is_floats true' do + pp = <<-EOS + $a = true + $o = is_float($a) + notice(inline_template('is_float is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_float is false/) + end + end + it 'is_floats strings' do + pp = <<-EOS + $a = "3.5" + $b = true + $o = is_float($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_floats floats' do + pp = <<-EOS + $a = 3.5 + $b = true + $o = is_float($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_floats integers' do + pp = <<-EOS + $a = 3 + $b = false + $o = is_float($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_floats hashes' do + pp = <<-EOS + $a = {'aaa'=>'www.com'} + $o = is_float($a) + notice(inline_template('is_float is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_float is false/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_function_available_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_function_available_spec.rb new file mode 100755 index 000000000..2b5dd6d17 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_function_available_spec.rb @@ -0,0 +1,58 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_function_available function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_function_availables arrays' do + pp = <<-EOS + $a = ['fail','include','require'] + $o = is_function_available($a) + notice(inline_template('is_function_available is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_function_available is false/) + end + end + it 'is_function_availables true' do + pp = <<-EOS + $a = true + $o = is_function_available($a) + notice(inline_template('is_function_available is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_function_available is false/) + end + end + it 'is_function_availables strings' do + pp = <<-EOS + $a = "fail" + $b = true + $o = is_function_available($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_function_availables function_availables' do + pp = <<-EOS + $a = "is_function_available" + $o = is_function_available($a) + notice(inline_template('is_function_available is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_function_available is true/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_hash_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_hash_spec.rb new file mode 100755 index 000000000..2ef310abc --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_hash_spec.rb @@ -0,0 +1,63 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_hash function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_hashs arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $o = is_hash($a) + notice(inline_template('is_hash is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_hash is false/) + end + end + it 'is_hashs empty hashs' do + pp = <<-EOS + $a = {} + $b = true + $o = is_hash($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_hashs strings' do + pp = <<-EOS + $a = "aoeu" + $b = false + $o = is_hash($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_hashs hashes' do + pp = <<-EOS + $a = {'aaa'=>'bbb'} + $b = true + $o = is_hash($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_integer_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_integer_spec.rb new file mode 100755 index 000000000..bf6902b90 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_integer_spec.rb @@ -0,0 +1,95 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_integer function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_integers arrays' do + pp = <<-EOS + $a = ['aaa.com','bbb','ccc'] + $b = false + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_integers true' do + pp = <<-EOS + $a = true + $b = false + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_integers strings' do + pp = <<-EOS + $a = "3" + $b = true + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_integers floats' do + pp = <<-EOS + $a = 3.5 + $b = false + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_integers integers' do + pp = <<-EOS + $a = 3 + $b = true + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_integers hashes' do + pp = <<-EOS + $a = {'aaa'=>'www.com'} + $b = false + $o = is_integer($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_ip_address_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_ip_address_spec.rb new file mode 100755 index 000000000..ed7a85439 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_ip_address_spec.rb @@ -0,0 +1,80 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_ip_address function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_ip_addresss ipv4' do + pp = <<-EOS + $a = '1.2.3.4' + $b = true + $o = is_ip_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_ip_addresss ipv6' do + pp = <<-EOS + $a = "fe80:0000:cd12:d123:e2f8:47ff:fe09:dd74" + $b = true + $o = is_ip_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_ip_addresss ipv6 compressed' do + pp = <<-EOS + $a = "fe00::1" + $b = true + $o = is_ip_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_ip_addresss strings' do + pp = <<-EOS + $a = "aoeu" + $b = false + $o = is_ip_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_ip_addresss ipv4 out of range' do + pp = <<-EOS + $a = '1.2.3.400' + $b = false + $o = is_ip_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_mac_address_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_mac_address_spec.rb new file mode 100755 index 000000000..a2c892f43 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_mac_address_spec.rb @@ -0,0 +1,38 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_mac_address function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_mac_addresss a mac' do + pp = <<-EOS + $a = '00:a0:1f:12:7f:a0' + $b = true + $o = is_mac_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_mac_addresss a mac out of range' do + pp = <<-EOS + $a = '00:a0:1f:12:7f:g0' + $b = false + $o = is_mac_address($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_numeric_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_numeric_spec.rb new file mode 100755 index 000000000..21c898841 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_numeric_spec.rb @@ -0,0 +1,95 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_numeric function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_numerics arrays' do + pp = <<-EOS + $a = ['aaa.com','bbb','ccc'] + $b = false + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_numerics true' do + pp = <<-EOS + $a = true + $b = false + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_numerics strings' do + pp = <<-EOS + $a = "3" + $b = true + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_numerics floats' do + pp = <<-EOS + $a = 3.5 + $b = true + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_numerics integers' do + pp = <<-EOS + $a = 3 + $b = true + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_numerics hashes' do + pp = <<-EOS + $a = {'aaa'=>'www.com'} + $b = false + $o = is_numeric($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + it 'handles non-arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/is_string_spec.rb b/modules/dependencies/stdlib/spec/acceptance/is_string_spec.rb new file mode 100755 index 000000000..94d8e9678 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/is_string_spec.rb @@ -0,0 +1,102 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'is_string function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'is_strings arrays' do + pp = <<-EOS + $a = ['aaa.com','bbb','ccc'] + $b = false + $o = is_string($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_strings true' do + pp = <<-EOS + $a = true + $b = false + $o = is_string($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_strings strings' do + pp = <<-EOS + $a = "aoeu" + $o = is_string($a) + notice(inline_template('is_string is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_string is true/) + end + end + it 'is_strings number strings' do + pp = <<-EOS + $a = "3" + $o = is_string($a) + notice(inline_template('is_string is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/is_string is false/) + end + end + it 'is_strings floats' do + pp = <<-EOS + $a = 3.5 + $b = false + $o = is_string($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_strings integers' do + pp = <<-EOS + $a = 3 + $b = false + $o = is_string($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'is_strings hashes' do + pp = <<-EOS + $a = {'aaa'=>'www.com'} + $b = false + $o = is_string($a) + if $o == $b { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/join_keys_to_values_spec.rb b/modules/dependencies/stdlib/spec/acceptance/join_keys_to_values_spec.rb new file mode 100755 index 000000000..70493fd5a --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/join_keys_to_values_spec.rb @@ -0,0 +1,24 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'join_keys_to_values function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'join_keys_to_valuess hashes' do + pp = <<-EOS + $a = {'aaa'=>'bbb','ccc'=>'ddd'} + $b = ':' + $o = join_keys_to_values($a,$b) + notice(inline_template('join_keys_to_values is <%= @o.sort.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/join_keys_to_values is \["aaa:bbb", "ccc:ddd"\]/) + end + end + it 'handles non hashes' + it 'handles empty hashes' + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/join_spec.rb b/modules/dependencies/stdlib/spec/acceptance/join_spec.rb new file mode 100755 index 000000000..5397ce2c8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/join_spec.rb @@ -0,0 +1,26 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'join function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'joins arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $b = ':' + $c = 'aaa:bbb:ccc' + $o = join($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + it 'handles non arrays' + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/keys_spec.rb b/modules/dependencies/stdlib/spec/acceptance/keys_spec.rb new file mode 100755 index 000000000..176918e91 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/keys_spec.rb @@ -0,0 +1,23 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'keys function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'keyss hashes' do + pp = <<-EOS + $a = {'aaa'=>'bbb','ccc'=>'ddd'} + $o = keys($a) + notice(inline_template('keys is <%= @o.sort.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/keys is \["aaa", "ccc"\]/) + end + end + it 'handles non hashes' + it 'handles empty hashes' + end + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/loadyaml_spec.rb b/modules/dependencies/stdlib/spec/acceptance/loadyaml_spec.rb new file mode 100644 index 000000000..1e910a978 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/loadyaml_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +tmpdir = default.tmpdir('stdlib') + +describe 'loadyaml function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'loadyamls array of values' do + shell("echo '--- + aaa: 1 + bbb: 2 + ccc: 3 + ddd: 4' > #{tmpdir}/testyaml.yaml") + pp = <<-EOS + $o = loadyaml('#{tmpdir}/testyaml.yaml') + notice(inline_template('loadyaml[aaa] is <%= @o["aaa"].inspect %>')) + notice(inline_template('loadyaml[bbb] is <%= @o["bbb"].inspect %>')) + notice(inline_template('loadyaml[ccc] is <%= @o["ccc"].inspect %>')) + notice(inline_template('loadyaml[ddd] is <%= @o["ddd"].inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/loadyaml\[aaa\] is 1/) + expect(r.stdout).to match(/loadyaml\[bbb\] is 2/) + expect(r.stdout).to match(/loadyaml\[ccc\] is 3/) + expect(r.stdout).to match(/loadyaml\[ddd\] is 4/) + end + end + end + describe 'failure' do + it 'fails with no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/lstrip_spec.rb b/modules/dependencies/stdlib/spec/acceptance/lstrip_spec.rb new file mode 100755 index 000000000..3dc952fbc --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/lstrip_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'lstrip function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'lstrips arrays' do + pp = <<-EOS + $a = [" the "," public "," art","galleries "] + # Anagram: Large picture halls, I bet + $o = lstrip($a) + notice(inline_template('lstrip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/lstrip is \["the ", "public ", "art", "galleries "\]/) + end + end + it 'lstrips strings' do + pp = <<-EOS + $a = " blowzy night-frumps vex'd jack q " + $o = lstrip($a) + notice(inline_template('lstrip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/lstrip is "blowzy night-frumps vex'd jack q "/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/max_spec.rb b/modules/dependencies/stdlib/spec/acceptance/max_spec.rb new file mode 100755 index 000000000..f04e3d283 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/max_spec.rb @@ -0,0 +1,20 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'max function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'maxs arrays' do + pp = <<-EOS + $o = max("the","public","art","galleries") + notice(inline_template('max is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/max is "the"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/member_spec.rb b/modules/dependencies/stdlib/spec/acceptance/member_spec.rb new file mode 100755 index 000000000..fe75a0782 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/member_spec.rb @@ -0,0 +1,54 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'member function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + shared_examples 'item found' do + it 'should output correctly' do + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + end + describe 'success' do + it 'members arrays' do + pp = <<-EOS + $a = ['aaa','bbb','ccc'] + $b = 'ccc' + $c = true + $o = member($a,$b) + if $o == $c { + notify { 'output correct': } + } + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/Notice: output correct/) + end + end + describe 'members array of integers' do + it_should_behave_like 'item found' do + let(:pp) { <<-EOS + if member( [1,2,3,4], 4 ){ + notify { 'output correct': } + } + EOS + } + end + end + describe 'members of mixed array' do + it_should_behave_like 'item found' do + let(:pp) { <<-EOS + if member( ['a','4',3], 'a' ){ + notify { 'output correct': } +} + EOS + } + end + end + it 'members arrays without members' + end + + describe 'failure' do + it 'handles improper argument counts' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/merge_spec.rb b/modules/dependencies/stdlib/spec/acceptance/merge_spec.rb new file mode 100755 index 000000000..227b99429 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/merge_spec.rb @@ -0,0 +1,23 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'merge function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'should merge two hashes' do + pp = <<-EOS + $a = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } + $b = {'two' => 'dos', 'three' => { 'five' => 5 } } + $o = merge($a, $b) + notice(inline_template('merge[one] is <%= @o["one"].inspect %>')) + notice(inline_template('merge[two] is <%= @o["two"].inspect %>')) + notice(inline_template('merge[three] is <%= @o["three"].inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/merge\[one\] is ("1"|1)/) + expect(r.stdout).to match(/merge\[two\] is "dos"/) + expect(r.stdout).to match(/merge\[three\] is {"five"=>("5"|5)}/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/min_spec.rb b/modules/dependencies/stdlib/spec/acceptance/min_spec.rb new file mode 100755 index 000000000..509092d3c --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/min_spec.rb @@ -0,0 +1,20 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'min function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'mins arrays' do + pp = <<-EOS + $o = min("the","public","art","galleries") + notice(inline_template('min is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/min is "art"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-59-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 000000000..2ad90b86a --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-6-vcloud.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-6-vcloud.yml new file mode 100644 index 000000000..ca9c1d329 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-6-vcloud.yml @@ -0,0 +1,15 @@ +HOSTS: + 'centos-6-vcloud': + roles: + - master + platform: el-6-x86_64 + hypervisor: vcloud + template: centos-6-x86_64 +CONFIG: + type: foss + ssh: + keys: "~/.ssh/id_rsa-acceptance" + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64-pe.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 000000000..7d9242f1b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64.yml new file mode 100644 index 000000000..05540ed8c --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-64-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-65-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/default.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/default.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/fedora-18-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..136164983 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/sles-11-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/sles-11-x64.yml new file mode 100644 index 000000000..41abe2135 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/sles-11-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11-x64.local: + roles: + - master + platform: sles-11-x64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5ca1514e4 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..d065b304f --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-i386.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-i386.yml new file mode 100644 index 000000000..47dadbd52 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-i386.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2003_i386: + roles: + - agent + - default + platform: windows-2003-i386 + template: win-2003-i386 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-x86_64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-x86_64.yml new file mode 100644 index 000000000..6a884bc9f --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2003-x86_64.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2003_x86_64: + roles: + - agent + - default + platform: windows-2003-x86_64 + template: win-2003-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008-x86_64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008-x86_64.yml new file mode 100644 index 000000000..ae3c11dd1 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008-x86_64.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2008_x86_64: + roles: + - agent + - default + platform: windows-2008-x86_64 + template: win-2008-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008r2-x86_64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008r2-x86_64.yml new file mode 100644 index 000000000..63923ac10 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2008r2-x86_64.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2008r2: + roles: + - agent + - default + platform: windows-2008r2-x86_64 + template: win-2008r2-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012-x86_64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012-x86_64.yml new file mode 100644 index 000000000..eaa4eca90 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012-x86_64.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2012: + roles: + - agent + - default + platform: windows-2012-x86_64 + template: win-2012-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012r2-x86_64.yml b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012r2-x86_64.yml new file mode 100644 index 000000000..1f0ea97c7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/nodesets/windows-2012r2-x86_64.yml @@ -0,0 +1,26 @@ +HOSTS: + ubuntu1204: + roles: + - master + - database + - dashboard + platform: ubuntu-12.04-amd64 + template: ubuntu-1204-x86_64 + hypervisor: vcloud + win2012r2: + roles: + - agent + - default + platform: windows-2012r2-x86_64 + template: win-2012r2-x86_64 + hypervisor: vcloud +CONFIG: + nfs_server: none + ssh: + keys: "~/.ssh/id_rsa-acceptance" + consoleport: 443 + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ + pe_dir: http://neptune.puppetlabs.lan/3.2/ci-ready/ diff --git a/modules/dependencies/stdlib/spec/acceptance/num2bool_spec.rb b/modules/dependencies/stdlib/spec/acceptance/num2bool_spec.rb new file mode 100755 index 000000000..1d99ba025 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/num2bool_spec.rb @@ -0,0 +1,76 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'num2bool function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'bools positive numbers and numeric strings as true' do + pp = <<-EOS + $a = 1 + $b = "1" + $c = "50" + $ao = num2bool($a) + $bo = num2bool($b) + $co = num2bool($c) + notice(inline_template('a is <%= @ao.inspect %>')) + notice(inline_template('b is <%= @bo.inspect %>')) + notice(inline_template('c is <%= @co.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/a is true/) + expect(r.stdout).to match(/b is true/) + expect(r.stdout).to match(/c is true/) + end + end + it 'bools negative numbers as false' do + pp = <<-EOS + $a = 0 + $b = -0.1 + $c = ["-50","1"] + $ao = num2bool($a) + $bo = num2bool($b) + $co = num2bool($c) + notice(inline_template('a is <%= @ao.inspect %>')) + notice(inline_template('b is <%= @bo.inspect %>')) + notice(inline_template('c is <%= @co.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/a is false/) + expect(r.stdout).to match(/b is false/) + expect(r.stdout).to match(/c is false/) + end + end + end + describe 'failure' do + it 'fails on words' do + pp = <<-EOS + $a = "a" + $ao = num2bool($a) + notice(inline_template('a is <%= @ao.inspect %>')) + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/not look like a number/) + end + + it 'fails on numberwords' do + pp = <<-EOS + $b = "1b" + $bo = num2bool($b) + notice(inline_template('b is <%= @bo.inspect %>')) + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/not look like a number/) + + end + + it 'fails on non-numeric/strings' do + pending "The function will call .to_s.to_i on anything not a Numeric or + String, and results in 0. Is this intended?" + pp = <<-EOS + $c = {"c" => "-50"} + $co = num2bool($c) + notice(inline_template('c is <%= @co.inspect %>')) + EOS + expect(apply_manifest(ppc :expect_failures => true).stderr).to match(/Unable to parse/) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/parsejson_spec.rb b/modules/dependencies/stdlib/spec/acceptance/parsejson_spec.rb new file mode 100755 index 000000000..d0e3de847 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/parsejson_spec.rb @@ -0,0 +1,55 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'parsejson function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'parses valid json' do + pp = <<-EOS + $a = '{"hunter": "washere", "tests": "passing"}' + $ao = parsejson($a) + $tests = $ao['tests'] + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/tests are "passing"/) + end + end + end + + describe 'failure' do + it 'raises error on incorrect json' do + pp = <<-EOS + $a = '{"hunter": "washere", "tests": "passing",}' + $ao = parsejson($a, 'tests are using the default value') + notice(inline_template('a is <%= @ao.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/tests are using the default value/) + end + end + + it 'raises error on incorrect json' do + pp = <<-EOS + $a = '{"hunter": "washere", "tests": "passing",}' + $ao = parsejson($a) + notice(inline_template('a is <%= @ao.inspect %>')) + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/expected next name/) + end + end + + it 'raises error on incorrect number of arguments' do + pp = <<-EOS + $o = parsejson() + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/wrong number of arguments/i) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/parseyaml_spec.rb b/modules/dependencies/stdlib/spec/acceptance/parseyaml_spec.rb new file mode 100755 index 000000000..64511f13e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/parseyaml_spec.rb @@ -0,0 +1,58 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'parseyaml function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'parses valid yaml' do + pp = <<-EOS + $a = "---\nhunter: washere\ntests: passing\n" + $o = parseyaml($a) + $tests = $o['tests'] + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/tests are "passing"/) + end + end + end + + describe 'failure' do + it 'returns the default value on incorrect yaml' do + pp = <<-EOS + $a = "---\nhunter: washere\ntests: passing\n:" + $o = parseyaml($a, {'tests' => 'using the default value'}) + $tests = $o['tests'] + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/tests are "using the default value"/) + end + end + + it 'raises error on incorrect yaml' do + pp = <<-EOS + $a = "---\nhunter: washere\ntests: passing\n:" + $o = parseyaml($a) + $tests = $o['tests'] + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/(syntax error|did not find expected key)/) + end + end + + + it 'raises error on incorrect number of arguments' do + pp = <<-EOS + $o = parseyaml() + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/wrong number of arguments/i) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/pick_default_spec.rb b/modules/dependencies/stdlib/spec/acceptance/pick_default_spec.rb new file mode 100755 index 000000000..a663f54e8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/pick_default_spec.rb @@ -0,0 +1,54 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'pick_default function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'pick_defaults a default value' do + pp = <<-EOS + $a = undef + $o = pick_default($a, 'default') + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/picked is "default"/) + end + end + it 'pick_defaults with no value' do + pp = <<-EOS + $a = undef + $b = undef + $o = pick_default($a,$b) + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/picked is ""/) + end + end + it 'pick_defaults the first set value' do + pp = <<-EOS + $a = "something" + $b = "long" + $o = pick_default($a, $b, 'default') + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/picked is "something"/) + end + end + end + describe 'failure' do + it 'raises error with no values' do + pp = <<-EOS + $o = pick_default() + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/Must receive at least one argument/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/pick_spec.rb b/modules/dependencies/stdlib/spec/acceptance/pick_spec.rb new file mode 100755 index 000000000..46cf63f28 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/pick_spec.rb @@ -0,0 +1,44 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'pick function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'picks a default value' do + pp = <<-EOS + $a = undef + $o = pick($a, 'default') + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/picked is "default"/) + end + end + it 'picks the first set value' do + pp = <<-EOS + $a = "something" + $b = "long" + $o = pick($a, $b, 'default') + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/picked is "something"/) + end + end + end + describe 'failure' do + it 'raises error with all undef values' do + pp = <<-EOS + $a = undef + $b = undef + $o = pick($a, $b) + notice(inline_template('picked is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/must receive at least one non empty value/) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/prefix_spec.rb b/modules/dependencies/stdlib/spec/acceptance/prefix_spec.rb new file mode 100755 index 000000000..de55530eb --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/prefix_spec.rb @@ -0,0 +1,42 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'prefix function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'prefixes array of values' do + pp = <<-EOS + $o = prefix(['a','b','c'],'p') + notice(inline_template('prefix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/prefix is \["pa", "pb", "pc"\]/) + end + end + it 'prefixs with empty array' do + pp = <<-EOS + $o = prefix([],'p') + notice(inline_template('prefix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/prefix is \[\]/) + end + end + it 'prefixs array of values with undef' do + pp = <<-EOS + $o = prefix(['a','b','c'], undef) + notice(inline_template('prefix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/prefix is \["a", "b", "c"\]/) + end + end + end + describe 'failure' do + it 'fails with no arguments' + it 'fails when first argument is not array' + it 'fails when second argument is not string' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/pw_hash_spec.rb b/modules/dependencies/stdlib/spec/acceptance/pw_hash_spec.rb new file mode 100644 index 000000000..cd4cb87c5 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/pw_hash_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +# Windows and OS X do not have useful implementations of crypt(3) +describe 'pw_hash function', :unless => (UNSUPPORTED_PLATFORMS + ['windows', 'Darwin', 'SLES']).include?(fact('operatingsystem')) do + describe 'success' do + it 'hashes passwords' do + pp = <<-EOS + $o = pw_hash('password', 'sha-512', 'salt') + notice(inline_template('pw_hash is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/pw_hash is "\$6\$salt\$IxDD3jeSOb5eB1CX5LBsqZFVkJdido3OUILO5Ifz5iwMuTS4XMS130MTSuDDl3aCI6WouIL9AjRbLCelDCy\.g\."/) + end + end + + it 'returns nil if no password is provided' do + pp = <<-EOS + $o = pw_hash('', 'sha-512', 'salt') + notice(inline_template('pw_hash is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/pw_hash is nil/) + end + end + end + describe 'failure' do + it 'handles less than three arguments' + it 'handles more than three arguments' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/range_spec.rb b/modules/dependencies/stdlib/spec/acceptance/range_spec.rb new file mode 100755 index 000000000..a3ccd3396 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/range_spec.rb @@ -0,0 +1,36 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'range function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'ranges letters' do + pp = <<-EOS + $o = range('a','d') + notice(inline_template('range is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/range is \["a", "b", "c", "d"\]/) + end + end + it 'ranges letters with a step' do + pp = <<-EOS + $o = range('a','d', '2') + notice(inline_template('range is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/range is \["a", "c"\]/) + end + end + it 'ranges letters with a negative step' + it 'ranges numbers' + it 'ranges numbers with a step' + it 'ranges numbers with a negative step' + it 'ranges numeric strings' + it 'ranges zero padded numbers' + end + describe 'failure' do + it 'fails with no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/reject_spec.rb b/modules/dependencies/stdlib/spec/acceptance/reject_spec.rb new file mode 100755 index 000000000..7f16a008d --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/reject_spec.rb @@ -0,0 +1,42 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'reject function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'rejects array of values' do + pp = <<-EOS + $o = reject(['aaa','bbb','ccc','aaaddd'], 'aaa') + notice(inline_template('reject is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/reject is \["bbb", "ccc"\]/) + end + end + it 'rejects with empty array' do + pp = <<-EOS + $o = reject([],'aaa') + notice(inline_template('reject is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/reject is \[\]/) + end + end + it 'rejects array of values with undef' do + pp = <<-EOS + $o = reject(['aaa','bbb','ccc','aaaddd'], undef) + notice(inline_template('reject is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/reject is \[\]/) + end + end + end + describe 'failure' do + it 'fails with no arguments' + it 'fails when first argument is not array' + it 'fails when second argument is not string' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/reverse_spec.rb b/modules/dependencies/stdlib/spec/acceptance/reverse_spec.rb new file mode 100755 index 000000000..c3f01567a --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/reverse_spec.rb @@ -0,0 +1,23 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'reverse function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'reverses strings' do + pp = <<-EOS + $a = "the public art galleries" + # Anagram: Large picture halls, I bet + $o = reverse($a) + notice(inline_template('reverse is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/reverse is "seirellag tra cilbup eht"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/rstrip_spec.rb b/modules/dependencies/stdlib/spec/acceptance/rstrip_spec.rb new file mode 100755 index 000000000..b57a8b045 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/rstrip_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'rstrip function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'rstrips arrays' do + pp = <<-EOS + $a = [" the "," public "," art","galleries "] + # Anagram: Large picture halls, I bet + $o = rstrip($a) + notice(inline_template('rstrip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/rstrip is \[" the", " public", " art", "galleries"\]/) + end + end + it 'rstrips strings' do + pp = <<-EOS + $a = " blowzy night-frumps vex'd jack q " + $o = rstrip($a) + notice(inline_template('rstrip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/rstrip is " blowzy night-frumps vex'd jack q"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/shuffle_spec.rb b/modules/dependencies/stdlib/spec/acceptance/shuffle_spec.rb new file mode 100755 index 000000000..b840d1f1b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/shuffle_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'shuffle function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'shuffles arrays' do + pp = <<-EOS + $a = ["1", "2", "3", "4", "5", "6", "7", "8", "the","public","art","galleries"] + # Anagram: Large picture halls, I bet + $o = shuffle($a) + notice(inline_template('shuffle is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to_not match(/shuffle is \["1", "2", "3", "4", "5", "6", "7", "8", "the", "public", "art", "galleries"\]/) + end + end + it 'shuffles strings' do + pp = <<-EOS + $a = "blowzy night-frumps vex'd jack q" + $o = shuffle($a) + notice(inline_template('shuffle is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to_not match(/shuffle is "blowzy night-frumps vex'd jack q"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/size_spec.rb b/modules/dependencies/stdlib/spec/acceptance/size_spec.rb new file mode 100755 index 000000000..a52b778bd --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/size_spec.rb @@ -0,0 +1,55 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'size function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'single string size' do + pp = <<-EOS + $a = 'discombobulate' + $o = size($a) + notice(inline_template('size is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/size is 14/) + end + end + it 'with empty string' do + pp = <<-EOS + $a = '' + $o = size($a) + notice(inline_template('size is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/size is 0/) + end + end + it 'with undef' do + pp = <<-EOS + $a = undef + $o = size($a) + notice(inline_template('size is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/size is 0/) + end + end + it 'strings in array' do + pp = <<-EOS + $a = ['discombobulate', 'moo'] + $o = size($a) + notice(inline_template('size is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/size is 2/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/sort_spec.rb b/modules/dependencies/stdlib/spec/acceptance/sort_spec.rb new file mode 100755 index 000000000..c85bfabd5 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/sort_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'sort function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'sorts arrays' do + pp = <<-EOS + $a = ["the","public","art","galleries"] + # Anagram: Large picture halls, I bet + $o = sort($a) + notice(inline_template('sort is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/sort is \["art", "galleries", "public", "the"\]/) + end + end + it 'sorts strings' do + pp = <<-EOS + $a = "blowzy night-frumps vex'd jack q" + $o = sort($a) + notice(inline_template('sort is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/sort is " '-abcdefghijklmnopqrstuvwxyz"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/squeeze_spec.rb b/modules/dependencies/stdlib/spec/acceptance/squeeze_spec.rb new file mode 100755 index 000000000..400a458c9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/squeeze_spec.rb @@ -0,0 +1,47 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'squeeze function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'squeezes arrays' do + pp = <<-EOS + # Real words! + $a = ["wallless", "laparohysterosalpingooophorectomy", "brrr", "goddessship"] + $o = squeeze($a) + notice(inline_template('squeeze is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/squeeze is \["wales", "laparohysterosalpingophorectomy", "br", "godeship"\]/) + end + end + it 'squeezez arrays with an argument' + it 'squeezes strings' do + pp = <<-EOS + $a = "wallless laparohysterosalpingooophorectomy brrr goddessship" + $o = squeeze($a) + notice(inline_template('squeeze is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/squeeze is "wales laparohysterosalpingophorectomy br godeship"/) + end + end + + it 'squeezes strings with an argument' do + pp = <<-EOS + $a = "countessship duchessship governessship hostessship" + $o = squeeze($a, 's') + notice(inline_template('squeeze is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/squeeze is "counteship ducheship governeship hosteship"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/str2bool_spec.rb b/modules/dependencies/stdlib/spec/acceptance/str2bool_spec.rb new file mode 100755 index 000000000..cf549dab8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/str2bool_spec.rb @@ -0,0 +1,31 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'str2bool function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'works with "y"' do + pp = <<-EOS + $o = str2bool('y') + notice(inline_template('str2bool is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/str2bool is true/) + end + end + it 'works with "Y"' + it 'works with "yes"' + it 'works with "1"' + it 'works with "true"' + it 'works with "n"' + it 'works with "N"' + it 'works with "no"' + it 'works with "0"' + it 'works with "false"' + it 'works with undef' + end + describe 'failure' do + it 'handles no arguments' + it 'handles non arrays or strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/str2saltedsha512_spec.rb b/modules/dependencies/stdlib/spec/acceptance/str2saltedsha512_spec.rb new file mode 100755 index 000000000..993e63bac --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/str2saltedsha512_spec.rb @@ -0,0 +1,22 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'str2saltedsha512 function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'works with "y"' do + pp = <<-EOS + $o = str2saltedsha512('password') + notice(inline_template('str2saltedsha512 is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/str2saltedsha512 is "[a-f0-9]{136}"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles more than one argument' + it 'handles non strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/strftime_spec.rb b/modules/dependencies/stdlib/spec/acceptance/strftime_spec.rb new file mode 100755 index 000000000..53b7f903b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/strftime_spec.rb @@ -0,0 +1,22 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'strftime function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'gives the Century' do + pp = <<-EOS + $o = strftime('%C') + notice(inline_template('strftime is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/strftime is "20"/) + end + end + it 'takes a timezone argument' + end + describe 'failure' do + it 'handles no arguments' + it 'handles invalid format strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/strip_spec.rb b/modules/dependencies/stdlib/spec/acceptance/strip_spec.rb new file mode 100755 index 000000000..906fd7abe --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/strip_spec.rb @@ -0,0 +1,34 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'strip function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'strips arrays' do + pp = <<-EOS + $a = [" the "," public "," art","galleries "] + # Anagram: Large picture halls, I bet + $o = strip($a) + notice(inline_template('strip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/strip is \["the", "public", "art", "galleries"\]/) + end + end + it 'strips strings' do + pp = <<-EOS + $a = " blowzy night-frumps vex'd jack q " + $o = strip($a) + notice(inline_template('strip is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/strip is "blowzy night-frumps vex'd jack q"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/suffix_spec.rb b/modules/dependencies/stdlib/spec/acceptance/suffix_spec.rb new file mode 100755 index 000000000..630f866d7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/suffix_spec.rb @@ -0,0 +1,42 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'suffix function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'suffixes array of values' do + pp = <<-EOS + $o = suffix(['a','b','c'],'p') + notice(inline_template('suffix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/suffix is \["ap", "bp", "cp"\]/) + end + end + it 'suffixs with empty array' do + pp = <<-EOS + $o = suffix([],'p') + notice(inline_template('suffix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/suffix is \[\]/) + end + end + it 'suffixs array of values with undef' do + pp = <<-EOS + $o = suffix(['a','b','c'], undef) + notice(inline_template('suffix is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/suffix is \["a", "b", "c"\]/) + end + end + end + describe 'failure' do + it 'fails with no arguments' + it 'fails when first argument is not array' + it 'fails when second argument is not string' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/swapcase_spec.rb b/modules/dependencies/stdlib/spec/acceptance/swapcase_spec.rb new file mode 100755 index 000000000..b7894fbe2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/swapcase_spec.rb @@ -0,0 +1,22 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'swapcase function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'works with strings' do + pp = <<-EOS + $o = swapcase('aBcD') + notice(inline_template('swapcase is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/swapcase is "AbCd"/) + end + end + it 'works with arrays' + end + describe 'failure' do + it 'handles no arguments' + it 'handles non arrays or strings' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/time_spec.rb b/modules/dependencies/stdlib/spec/acceptance/time_spec.rb new file mode 100755 index 000000000..cdb296070 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/time_spec.rb @@ -0,0 +1,36 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'time function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'gives the time' do + pp = <<-EOS + $o = time() + notice(inline_template('time is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + m = r.stdout.match(/time is (\d+)\D/) + + # When I wrote this test + expect(Integer(m[1])).to be > 1398894170 + end + end + it 'takes a timezone argument' do + pp = <<-EOS + $o = time('UTC') + notice(inline_template('time is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + m = r.stdout.match(/time is (\d+)\D/) + + expect(Integer(m[1])).to be > 1398894170 + end + end + end + describe 'failure' do + it 'handles more arguments' + it 'handles invalid timezones' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/to_bytes_spec.rb b/modules/dependencies/stdlib/spec/acceptance/to_bytes_spec.rb new file mode 100755 index 000000000..2b4c61f48 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/to_bytes_spec.rb @@ -0,0 +1,27 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'to_bytes function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'converts kB to B' do + pp = <<-EOS + $o = to_bytes('4 kB') + notice(inline_template('to_bytes is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + m = r.stdout.match(/to_bytes is (\d+)\D/) + expect(m[1]).to eq("4096") + end + end + it 'works without the B in unit' + it 'works without a space before unit' + it 'works without a unit' + it 'converts fractions' + end + describe 'failure' do + it 'handles no arguments' + it 'handles non integer arguments' + it 'handles unknown units like uB' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/try_get_value_spec.rb b/modules/dependencies/stdlib/spec/acceptance/try_get_value_spec.rb new file mode 100755 index 000000000..c0bf38ae3 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/try_get_value_spec.rb @@ -0,0 +1,47 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'try_get_value function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'gets a value' do + pp = <<-EOS + $data = { + 'a' => { 'b' => 'passing'} + } + + $tests = try_get_value($data, 'a/b') + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/tests are "passing"/) + end + end + end + describe 'failure' do + it 'uses a default value' do + pp = <<-EOS + $data = { + 'a' => { 'b' => 'passing'} + } + + $tests = try_get_value($data, 'c/d', 'using the default value') + notice(inline_template('tests are <%= @tests.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/using the default value/) + end + end + + it 'raises error on incorrect number of arguments' do + pp = <<-EOS + $o = try_get_value() + EOS + + apply_manifest(pp, :expect_failures => true) do |r| + expect(r.stderr).to match(/wrong number of arguments/i) + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/type_spec.rb b/modules/dependencies/stdlib/spec/acceptance/type_spec.rb new file mode 100755 index 000000000..67e324803 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/type_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'type function', :unless => (UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) || is_future_parser_enabled?) do + describe 'success' do + it 'types arrays' do + pp = <<-EOS + $a = ["the","public","art","galleries"] + # Anagram: Large picture halls, I bet + $o = type($a) + notice(inline_template('type is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/type is "array"/) + end + end + it 'types strings' do + pp = <<-EOS + $a = "blowzy night-frumps vex'd jack q" + $o = type($a) + notice(inline_template('type is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/type is "string"/) + end + end + it 'types hashes' + it 'types integers' + it 'types floats' + it 'types booleans' + end + describe 'failure' do + it 'handles no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/union_spec.rb b/modules/dependencies/stdlib/spec/acceptance/union_spec.rb new file mode 100755 index 000000000..160fd7b09 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/union_spec.rb @@ -0,0 +1,25 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'union function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'unions arrays' do + pp = <<-EOS + $a = ["the","public"] + $b = ["art"] + $c = ["galleries"] + # Anagram: Large picture halls, I bet + $o = union($a,$b,$c) + notice(inline_template('union is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/union is \["the", "public", "art", "galleries"\]/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/unique_spec.rb b/modules/dependencies/stdlib/spec/acceptance/unique_spec.rb new file mode 100755 index 000000000..bfadad19b --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/unique_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'unique function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'uniques arrays' do + pp = <<-EOS + $a = ["wallless", "wallless", "brrr", "goddessship"] + $o = unique($a) + notice(inline_template('unique is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/unique is \["wallless", "brrr", "goddessship"\]/) + end + end + it 'uniques strings' do + pp = <<-EOS + $a = "wallless laparohysterosalpingooophorectomy brrr goddessship" + $o = unique($a) + notice(inline_template('unique is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/unique is "wales prohytingcmbd"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/unsupported_spec.rb b/modules/dependencies/stdlib/spec/acceptance/unsupported_spec.rb new file mode 100755 index 000000000..1c559f67e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/unsupported_spec.rb @@ -0,0 +1,11 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + it 'should fail' do + pp = <<-EOS + class { 'mysql::server': } + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/unsupported osfamily/i) + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/upcase_spec.rb b/modules/dependencies/stdlib/spec/acceptance/upcase_spec.rb new file mode 100755 index 000000000..3d2906d72 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/upcase_spec.rb @@ -0,0 +1,33 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'upcase function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'upcases arrays' do + pp = <<-EOS + $a = ["wallless", "laparohysterosalpingooophorectomy", "brrr", "goddessship"] + $o = upcase($a) + notice(inline_template('upcase is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/upcase is \["WALLLESS", "LAPAROHYSTEROSALPINGOOOPHORECTOMY", "BRRR", "GODDESSSHIP"\]/) + end + end + it 'upcases strings' do + pp = <<-EOS + $a = "wallless laparohysterosalpingooophorectomy brrr goddessship" + $o = upcase($a) + notice(inline_template('upcase is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/upcase is "WALLLESS LAPAROHYSTEROSALPINGOOOPHORECTOMY BRRR GODDESSSHIP"/) + end + end + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/uriescape_spec.rb b/modules/dependencies/stdlib/spec/acceptance/uriescape_spec.rb new file mode 100755 index 000000000..7e30205e8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/uriescape_spec.rb @@ -0,0 +1,23 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'uriescape function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'uriescape strings' do + pp = <<-EOS + $a = ":/?#[]@!$&'()*+,;= \\\"{}" + $o = uriescape($a) + notice(inline_template('uriescape is <%= @o.inspect %>')) + EOS + + apply_manifest(pp, :catch_failures => true) do |r| + expect(r.stdout).to match(/uriescape is ":\/\?%23\[\]@!\$&'\(\)\*\+,;=%20%22%7B%7D"/) + end + end + it 'does nothing if a string is already safe' + end + describe 'failure' do + it 'handles no arguments' + it 'handles non strings or arrays' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_absolute_path_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_absolute_path_spec.rb new file mode 100755 index 000000000..7082e848e --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_absolute_path_spec.rb @@ -0,0 +1,31 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_absolute_path function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + %w{ + C:/ + C:\\\\ + C:\\\\WINDOWS\\\\System32 + C:/windows/system32 + X:/foo/bar + X:\\\\foo\\\\bar + /var/tmp + /var/lib/puppet + /var/opt/../lib/puppet + }.each do |path| + it "validates a single argument #{path}" do + pp = <<-EOS + $one = '#{path}' + validate_absolute_path($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles relative paths' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_array_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_array_spec.rb new file mode 100755 index 000000000..b53e98c27 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_array_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_array function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = ['a', 'b'] + validate_array($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = ['a', 'b'] + $two = [['c'], 'd'] + validate_array($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a non-array' do + { + %{validate_array({'a' => 'hash' })} => "Hash", + %{validate_array('string')} => "String", + %{validate_array(false)} => "FalseClass", + %{validate_array(undef)} => "String" + }.each do |pp,type| + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/a #{type}/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_augeas_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_augeas_spec.rb new file mode 100755 index 000000000..71a4c8425 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_augeas_spec.rb @@ -0,0 +1,63 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_augeas function', :unless => ((UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem'))) or (fact('osfamily') == 'windows')) do + describe 'prep' do + it 'installs augeas for tests' + end + describe 'success' do + context 'valid inputs with no 3rd argument' do + { + 'root:x:0:0:root:/root:/bin/bash\n' => 'Passwd.lns', + 'proc /proc proc nodev,noexec,nosuid 0 0\n' => 'Fstab.lns' + }.each do |line,lens| + it "validates a single argument for #{lens}" do + pp = <<-EOS + $line = "#{line}" + $lens = "#{lens}" + validate_augeas($line, $lens) + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + end + context 'valid inputs with 3rd and 4th arguments' do + it "validates a restricted value" do + line = 'root:x:0:0:root:/root:/bin/barsh\n' + lens = 'Passwd.lns' + restriction = '$file/*[shell="/bin/barsh"]' + pp = <<-EOS + $line = "#{line}" + $lens = "#{lens}" + $restriction = ['#{restriction}'] + validate_augeas($line, $lens, $restriction, "my custom failure message") + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/my custom failure message/) + end + end + context 'invalid inputs' do + { + 'root:x:0:0:root' => 'Passwd.lns', + '127.0.1.1' => 'Hosts.lns' + }.each do |line,lens| + it "validates a single argument for #{lens}" do + pp = <<-EOS + $line = "#{line}" + $lens = "#{lens}" + validate_augeas($line, $lens) + EOS + + apply_manifest(pp, :expect_failures => true) + end + end + end + context 'garbage inputs' do + it 'raises an error on invalid inputs' + end + end + describe 'failure' do + it 'handles improper number of arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_bool_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_bool_spec.rb new file mode 100755 index 000000000..c837f089f --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_bool_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_bool function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = true + validate_bool($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = true + $two = false + validate_bool($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a non-bool' do + { + %{validate_bool('true')} => "String", + %{validate_bool('false')} => "String", + %{validate_bool([true])} => "Array", + %{validate_bool(undef)} => "String", + }.each do |pp,type| + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/a #{type}/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_cmd_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_cmd_spec.rb new file mode 100755 index 000000000..5ac66fdbf --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_cmd_spec.rb @@ -0,0 +1,52 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_cmd function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a true command' do + pp = <<-EOS + $one = 'foo' + if $::osfamily == 'windows' { + $two = 'echo' #shell built-in + } else { + $two = '/bin/echo' + } + validate_cmd($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a fail command' do + pp = <<-EOS + $one = 'foo' + if $::osfamily == 'windows' { + $two = 'C:/aoeu' + } else { + $two = '/bin/aoeu' + } + validate_cmd($one,$two) + EOS + + apply_manifest(pp, :expect_failures => true) + end + it 'validates a fail command with a custom error message' do + pp = <<-EOS + $one = 'foo' + if $::osfamily == 'windows' { + $two = 'C:/aoeu' + } else { + $two = '/bin/aoeu' + } + validate_cmd($one,$two,"aoeu is dvorak") + EOS + + apply_manifest(pp, :expect_failures => true) do |output| + expect(output.stderr).to match(/aoeu is dvorak/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles improper argument types' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_hash_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_hash_spec.rb new file mode 100755 index 000000000..52fb615bd --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_hash_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_hash function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = { 'a' => 1 } + validate_hash($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = { 'a' => 1 } + $two = { 'b' => 2 } + validate_hash($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a non-hash' do + { + %{validate_hash('{ "not" => "hash" }')} => "String", + %{validate_hash('string')} => "String", + %{validate_hash(["array"])} => "Array", + %{validate_hash(undef)} => "String", + }.each do |pp,type| + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/a #{type}/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_ipv4_address_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_ipv4_address_spec.rb new file mode 100755 index 000000000..64841c371 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_ipv4_address_spec.rb @@ -0,0 +1,31 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_ipv4_address function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = '1.2.3.4' + validate_ipv4_address($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = '1.2.3.4' + $two = '5.6.7.8' + validate_ipv4_address($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles ipv6 addresses' + it 'handles non-ipv4 strings' + it 'handles numbers' + it 'handles no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_ipv6_address_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_ipv6_address_spec.rb new file mode 100755 index 000000000..6426d1a52 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_ipv6_address_spec.rb @@ -0,0 +1,31 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_ipv6_address function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = '3ffe:0505:0002::' + validate_ipv6_address($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = '3ffe:0505:0002::' + $two = '3ffe:0505:0001::' + validate_ipv6_address($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles ipv6 addresses' + it 'handles non-ipv6 strings' + it 'handles numbers' + it 'handles no arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_re_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_re_spec.rb new file mode 100755 index 000000000..22f6d47d1 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_re_spec.rb @@ -0,0 +1,47 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_re function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a string' do + pp = <<-EOS + $one = 'one' + $two = '^one$' + validate_re($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an array' do + pp = <<-EOS + $one = 'one' + $two = ['^one$', '^two'] + validate_re($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a failed array' do + pp = <<-EOS + $one = 'one' + $two = ['^two$', '^three'] + validate_re($one,$two) + EOS + + apply_manifest(pp, :expect_failures => true) + end + it 'validates a failed array with a custom error message' do + pp = <<-EOS + $one = '3.4.3' + $two = '^2.7' + validate_re($one,$two,"The $puppetversion fact does not match 2.7") + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/does not match/) + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles improper argument types' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_slength_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_slength_spec.rb new file mode 100755 index 000000000..1ab2bb986 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_slength_spec.rb @@ -0,0 +1,72 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_slength function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single string max' do + pp = <<-EOS + $one = 'discombobulate' + $two = 17 + validate_slength($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates multiple string maxes' do + pp = <<-EOS + $one = ['discombobulate', 'moo'] + $two = 17 + validate_slength($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates min/max of strings in array' do + pp = <<-EOS + $one = ['discombobulate', 'moo'] + $two = 17 + $three = 3 + validate_slength($one,$two,$three) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a single string max of incorrect length' do + pp = <<-EOS + $one = 'discombobulate' + $two = 1 + validate_slength($one,$two) + EOS + + apply_manifest(pp, :expect_failures => true) + end + it 'validates multiple string maxes of incorrect length' do + pp = <<-EOS + $one = ['discombobulate', 'moo'] + $two = 3 + validate_slength($one,$two) + EOS + + apply_manifest(pp, :expect_failures => true) + end + it 'validates multiple strings min/maxes of incorrect length' do + pp = <<-EOS + $one = ['discombobulate', 'moo'] + $two = 17 + $three = 10 + validate_slength($one,$two,$three) + EOS + + apply_manifest(pp, :expect_failures => true) + end + end + describe 'failure' do + it 'handles improper number of arguments' + it 'handles improper first argument type' + it 'handles non-strings in array of first argument' + it 'handles improper second argument type' + it 'handles improper third argument type' + it 'handles negative ranges' + it 'handles improper ranges' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/validate_string_spec.rb b/modules/dependencies/stdlib/spec/acceptance/validate_string_spec.rb new file mode 100755 index 000000000..8956f48c9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/validate_string_spec.rb @@ -0,0 +1,36 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'validate_string function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'validates a single argument' do + pp = <<-EOS + $one = 'string' + validate_string($one) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates an multiple arguments' do + pp = <<-EOS + $one = 'string' + $two = 'also string' + validate_string($one,$two) + EOS + + apply_manifest(pp, :catch_failures => true) + end + it 'validates a non-string' do + { + %{validate_string({ 'a' => 'hash' })} => "Hash", + %{validate_string(['array'])} => "Array", + %{validate_string(false)} => "FalseClass", + }.each do |pp,type| + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/a #{type}/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/values_at_spec.rb b/modules/dependencies/stdlib/spec/acceptance/values_at_spec.rb new file mode 100755 index 000000000..da63cf307 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/values_at_spec.rb @@ -0,0 +1,73 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'values_at function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'returns a specific value' do + pp = <<-EOS + $one = ['a','b','c','d','e'] + $two = 1 + $output = values_at($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["b"\]/) + end + it 'returns a specific negative index value' do + pending("negative numbers don't work") + pp = <<-EOS + $one = ['a','b','c','d','e'] + $two = -1 + $output = values_at($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["e"\]/) + end + it 'returns a range of values' do + pp = <<-EOS + $one = ['a','b','c','d','e'] + $two = "1-3" + $output = values_at($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["b", "c", "d"\]/) + end + it 'returns a negative specific value and range of values' do + pp = <<-EOS + $one = ['a','b','c','d','e'] + $two = ["1-3",0] + $output = values_at($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["b", "c", "d", "a"\]/) + end + end + describe 'failure' do + it 'handles improper number of arguments' do + pp = <<-EOS + $one = ['a','b','c','d','e'] + $output = values_at($one) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Wrong number of arguments/) + end + it 'handles non-indicies arguments' do + pp = <<-EOS + $one = ['a','b','c','d','e'] + $two = [] + $output = values_at($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/at least one positive index/) + end + + it 'detects index ranges smaller than the start range' + it 'handles index ranges larger than array' + it 'handles non-integer indicies' + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/values_spec.rb b/modules/dependencies/stdlib/spec/acceptance/values_spec.rb new file mode 100755 index 000000000..a2eff329d --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/values_spec.rb @@ -0,0 +1,35 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' + +describe 'values function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'returns an array of values' do + pp = <<-EOS + $arg = { + 'a' => 1, + 'b' => 2, + 'c' => 3, + } + $output = values($arg) + notice(inline_template('<%= @output.sort.inspect %>')) + EOS + if is_future_parser_enabled? + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[1, 2, 3\]/) + else + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["1", "2", "3"\]/) + end + + end + end + describe 'failure' do + it 'handles non-hash arguments' do + pp = <<-EOS + $arg = "foo" + $output = values($arg) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Requires hash/) + end + end +end diff --git a/modules/dependencies/stdlib/spec/acceptance/zip_spec.rb b/modules/dependencies/stdlib/spec/acceptance/zip_spec.rb new file mode 100755 index 000000000..139079e31 --- /dev/null +++ b/modules/dependencies/stdlib/spec/acceptance/zip_spec.rb @@ -0,0 +1,86 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper_acceptance' +require 'puppet' + +describe 'zip function', :unless => UNSUPPORTED_PLATFORMS.include?(fact('operatingsystem')) do + describe 'success' do + it 'zips two arrays of numbers together' do + pp = <<-EOS + $one = [1,2,3,4] + $two = [5,6,7,8] + $output = zip($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + if is_future_parser_enabled? + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\[1, 5\], \[2, 6\], \[3, 7\], \[4, 8\]\]/) + else + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\["1", "5"\], \["2", "6"\], \["3", "7"\], \["4", "8"\]\]/) + end + end + it 'zips two arrays of numbers & bools together' do + pp = <<-EOS + $one = [1,2,"three",4] + $two = [true,true,false,false] + $output = zip($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + if is_future_parser_enabled? + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\[1, true\], \[2, true\], \["three", false\], \[4, false\]\]/) + else + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\["1", true\], \["2", true\], \["three", false\], \["4", false\]\]/) + end + end + it 'zips two arrays of numbers together and flattens them' do + # XXX This only tests the argument `true`, even though the following are valid: + # 1 t y true yes + # 0 f n false no + # undef undefined + pp = <<-EOS + $one = [1,2,3,4] + $two = [5,6,7,8] + $output = zip($one,$two,true) + notice(inline_template('<%= @output.inspect %>')) + EOS + if is_future_parser_enabled? + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[1, 5, 2, 6, 3, 7, 4, 8\]/) + else + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\["1", "5", "2", "6", "3", "7", "4", "8"\]/) + end + end + it 'handles unmatched length' do + # XXX Is this expected behavior? + pp = <<-EOS + $one = [1,2] + $two = [5,6,7,8] + $output = zip($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + if is_future_parser_enabled? + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\[1, 5\], \[2, 6\]\]/) + else + expect(apply_manifest(pp, :catch_failures => true).stdout).to match(/\[\["1", "5"\], \["2", "6"\]\]/) + end + end + end + describe 'failure' do + it 'handles improper number of arguments' do + pp = <<-EOS + $one = [1,2] + $output = zip($one) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Wrong number of arguments/) + end + it 'handles improper argument types' do + pp = <<-EOS + $one = "a string" + $two = [5,6,7,8] + $output = zip($one,$two) + notice(inline_template('<%= @output.inspect %>')) + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Requires array/) + end + end +end diff --git a/modules/dependencies/stdlib/spec/fixtures/dscacheutil/root b/modules/dependencies/stdlib/spec/fixtures/dscacheutil/root new file mode 100644 index 000000000..1e34519b2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/fixtures/dscacheutil/root @@ -0,0 +1,8 @@ +name: root +password: * +uid: 0 +gid: 0 +dir: /var/root +shell: /bin/bash +gecos: rawr Root + diff --git a/modules/dependencies/stdlib/spec/fixtures/lsuser/root b/modules/dependencies/stdlib/spec/fixtures/lsuser/root new file mode 100644 index 000000000..afd59ca42 --- /dev/null +++ b/modules/dependencies/stdlib/spec/fixtures/lsuser/root @@ -0,0 +1,2 @@ +#name:home +root:/root diff --git a/modules/dependencies/stdlib/spec/functions/abs_spec.rb b/modules/dependencies/stdlib/spec/functions/abs_spec.rb new file mode 100755 index 000000000..7d2257b02 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/abs_spec.rb @@ -0,0 +1,30 @@ +require 'spec_helper' + +describe 'abs' do + it { is_expected.not_to eq(nil) } + + describe 'signature validation in puppet3', :unless => RSpec.configuration.puppet_future do + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params(1, 2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + end + + describe 'signature validation in puppet4', :if => RSpec.configuration.puppet_future do + it { pending "the puppet 4 implementation"; is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(1, 2).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params([]).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params({}).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(true).and_raise_error(ArgumentError) } + end + + it { is_expected.to run.with_params(-34).and_return(34) } + it { is_expected.to run.with_params("-34").and_return(34) } + it { is_expected.to run.with_params(34).and_return(34) } + it { is_expected.to run.with_params("34").and_return(34) } + it { is_expected.to run.with_params(-34.5).and_return(34.5) } + it { is_expected.to run.with_params("-34.5").and_return(34.5) } + it { is_expected.to run.with_params(34.5).and_return(34.5) } + it { is_expected.to run.with_params("34.5").and_return(34.5) } +end diff --git a/modules/dependencies/stdlib/spec/functions/any2array_spec.rb b/modules/dependencies/stdlib/spec/functions/any2array_spec.rb new file mode 100755 index 000000000..70121f1e3 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/any2array_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe "any2array" do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_return([]) } + it { is_expected.to run.with_params(true).and_return([true]) } + it { is_expected.to run.with_params('one').and_return(['one']) } + it { is_expected.to run.with_params('one', 'two').and_return(['one', 'two']) } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two']).and_return(['one', 'two']) } + it { is_expected.to run.with_params({}).and_return([]) } + it { is_expected.to run.with_params({ 'key' => 'value' }).and_return(['key', 'value']) } + it { is_expected.to run.with_params({ 'key' => 'value' }).and_return(['key', 'value']) } +end diff --git a/modules/dependencies/stdlib/spec/functions/assert_private_spec.rb b/modules/dependencies/stdlib/spec/functions/assert_private_spec.rb new file mode 100755 index 000000000..98f2598ea --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/assert_private_spec.rb @@ -0,0 +1,47 @@ +require 'spec_helper' + +describe 'assert_private' do + context 'when called from inside module' do + it "should not fail" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('foo') + expect { + subject.call [] + }.not_to raise_error + end + end + + context "with an explicit failure message" do + it "prints the failure message on error" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + expect { + subject.call ['failure message!'] + }.to raise_error Puppet::ParseError, /failure message!/ + end + end + + context "when called from private class" do + it "should fail with a class error message" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + scope.source.expects(:name).returns('foo::baz') + scope.source.expects(:type).returns('hostclass') + expect { + subject.call [] + }.to raise_error Puppet::ParseError, /Class foo::baz is private/ + end + end + + context "when called from private definition" do + it "should fail with a class error message" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + scope.source.expects(:name).returns('foo::baz') + scope.source.expects(:type).returns('definition') + expect { + subject.call [] + }.to raise_error Puppet::ParseError, /Definition foo::baz is private/ + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/base64_spec.rb b/modules/dependencies/stdlib/spec/functions/base64_spec.rb new file mode 100755 index 000000000..c529e9ed8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/base64_spec.rb @@ -0,0 +1,16 @@ +require 'spec_helper' + +describe 'base64' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("one").and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("one", "two", "three").and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("one", "two").and_raise_error(Puppet::ParseError, /first argument must be one of/) } + it { is_expected.to run.with_params("encode", ["two"]).and_raise_error(Puppet::ParseError, /second argument must be a string/) } + it { is_expected.to run.with_params("encode", 2).and_raise_error(Puppet::ParseError, /second argument must be a string/) } + + it { is_expected.to run.with_params("encode", "thestring").and_return("dGhlc3RyaW5n\n") } + it { is_expected.to run.with_params("encode", "a very long string that will cause the base64 encoder to produce output with multiple lines").and_return("YSB2ZXJ5IGxvbmcgc3RyaW5nIHRoYXQgd2lsbCBjYXVzZSB0aGUgYmFzZTY0\nIGVuY29kZXIgdG8gcHJvZHVjZSBvdXRwdXQgd2l0aCBtdWx0aXBsZSBsaW5l\ncw==\n") } + it { is_expected.to run.with_params("decode", "dGhlc3RyaW5n").and_return("thestring") } + it { is_expected.to run.with_params("decode", "dGhlc3RyaW5n\n").and_return("thestring") } +end diff --git a/modules/dependencies/stdlib/spec/functions/basename_spec.rb b/modules/dependencies/stdlib/spec/functions/basename_spec.rb new file mode 100755 index 000000000..0ea30e7a7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/basename_spec.rb @@ -0,0 +1,13 @@ +require 'spec_helper' + +describe 'basename' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('/path/to/a/file.ext', []).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('/path/to/a/file.ext').and_return('file.ext') } + it { is_expected.to run.with_params('relative_path/to/a/file.ext').and_return('file.ext') } + it { is_expected.to run.with_params('/path/to/a/file.ext', '.ext').and_return('file') } + it { is_expected.to run.with_params('relative_path/to/a/file.ext', '.ext').and_return('file') } +end diff --git a/modules/dependencies/stdlib/spec/functions/bool2num_spec.rb b/modules/dependencies/stdlib/spec/functions/bool2num_spec.rb new file mode 100755 index 000000000..e5068594b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/bool2num_spec.rb @@ -0,0 +1,14 @@ +require 'spec_helper' + +describe 'bool2num' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + + [ true, 'true', AlsoString.new('true') ].each do |truthy| + it { is_expected.to run.with_params(truthy).and_return(1) } + end + + [ false, 'false', AlsoString.new('false') ].each do |falsey| + it { is_expected.to run.with_params(falsey).and_return(0) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/bool2str_spec.rb b/modules/dependencies/stdlib/spec/functions/bool2str_spec.rb new file mode 100755 index 000000000..23a754ba4 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/bool2str_spec.rb @@ -0,0 +1,17 @@ +require 'spec_helper' + +describe 'bool2str' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + [ 'true', 'false', nil, :undef, ''].each do |invalid| + it { is_expected.to run.with_params(invalid).and_raise_error(Puppet::ParseError) } + end + it { is_expected.to run.with_params(true, 'yes', 'no', 'maybe').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(true, 'maybe').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(true, 0, 1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(true).and_return("true") } + it { is_expected.to run.with_params(false).and_return("false") } + it { is_expected.to run.with_params(true, 'yes', 'no').and_return("yes") } + it { is_expected.to run.with_params(false, 'yes', 'no').and_return("no") } + +end diff --git a/modules/dependencies/stdlib/spec/functions/camelcase_spec.rb b/modules/dependencies/stdlib/spec/functions/camelcase_spec.rb new file mode 100755 index 000000000..c78aa62ff --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/camelcase_spec.rb @@ -0,0 +1,17 @@ +require 'spec_helper' + +describe 'camelcase' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(100).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("abc").and_return("Abc") } + it { is_expected.to run.with_params("aa_bb_cc").and_return("AaBbCc") } + it { is_expected.to run.with_params("_aa__bb__cc_").and_return("AaBbCc") } + it { is_expected.to run.with_params("100").and_return("100") } + it { is_expected.to run.with_params("1_00").and_return("100") } + it { is_expected.to run.with_params("_").and_return("") } + it { is_expected.to run.with_params("").and_return("") } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(["abc", "aa_bb_cc"]).and_return(["Abc", "AaBbCc"]) } + it { is_expected.to run.with_params(["abc", 1, "aa_bb_cc"]).and_return(["Abc", 1, "AaBbCc"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/capitalize_spec.rb b/modules/dependencies/stdlib/spec/functions/capitalize_spec.rb new file mode 100755 index 000000000..7ce2e1630 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/capitalize_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'capitalize' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(100).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("one").and_return("One") } + it { is_expected.to run.with_params("one two").and_return("One two") } + it { is_expected.to run.with_params("ONE TWO").and_return("One two") } + + it { is_expected.to run.with_params(AlsoString.new("one")).and_return("One") } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(["one", "two"]).and_return(["One", "Two"]) } + it { is_expected.to run.with_params(["one", 1, "two"]).and_return(["One", 1, "Two"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/ceiling_spec.rb b/modules/dependencies/stdlib/spec/functions/ceiling_spec.rb new file mode 100755 index 000000000..567426fd3 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/ceiling_spec.rb @@ -0,0 +1,13 @@ +require 'spec_helper' + +describe 'ceiling' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("foo").and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(34).and_return(34) } + it { is_expected.to run.with_params(-34).and_return(-34) } + it { is_expected.to run.with_params(33.1).and_return(34) } + it { is_expected.to run.with_params(-33.1).and_return(-33) } +end + diff --git a/modules/dependencies/stdlib/spec/functions/chomp_spec.rb b/modules/dependencies/stdlib/spec/functions/chomp_spec.rb new file mode 100755 index 000000000..687874292 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/chomp_spec.rb @@ -0,0 +1,20 @@ +require 'spec_helper' + +describe 'chomp' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params("a", "b").and_raise_error(Puppet::ParseError) + } + it { is_expected.to run.with_params("one").and_return("one") } + it { is_expected.to run.with_params("one\n").and_return("one") } + it { is_expected.to run.with_params("one\n\n").and_return("one\n") } + it { is_expected.to run.with_params(["one\n", "two", "three\n"]).and_return(["one", "two", "three"]) } + + it { is_expected.to run.with_params(AlsoString.new("one")).and_return("one") } + it { is_expected.to run.with_params(AlsoString.new("one\n")).and_return("one") } + it { is_expected.to run.with_params(AlsoString.new("one\n\n")).and_return("one\n") } + it { is_expected.to run.with_params([AlsoString.new("one\n"), AlsoString.new("two"), "three\n"]).and_return(["one", "two", "three"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/chop_spec.rb b/modules/dependencies/stdlib/spec/functions/chop_spec.rb new file mode 100755 index 000000000..db7d18b8c --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/chop_spec.rb @@ -0,0 +1,20 @@ +require 'spec_helper' + +describe 'chop' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params("a", "b").and_raise_error(Puppet::ParseError) + } + it { is_expected.to run.with_params("one").and_return("on") } + it { is_expected.to run.with_params("one\n").and_return("one") } + it { is_expected.to run.with_params("one\n\n").and_return("one\n") } + it { is_expected.to run.with_params(["one\n", "two", "three\n"]).and_return(["one", "tw", "three"]) } + + it { is_expected.to run.with_params(AlsoString.new("one")).and_return("on") } + it { is_expected.to run.with_params(AlsoString.new("one\n")).and_return("one") } + it { is_expected.to run.with_params(AlsoString.new("one\n\n")).and_return("one\n") } + it { is_expected.to run.with_params([AlsoString.new("one\n"), AlsoString.new("two"), "three\n"]).and_return(["one", "tw", "three"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/concat_spec.rb b/modules/dependencies/stdlib/spec/functions/concat_spec.rb new file mode 100755 index 000000000..1694d5ee5 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/concat_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'concat' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([1]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1, [2]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([1], [2], [3]).and_return([1, 2, 3]) } + it { is_expected.to run.with_params(['1','2','3'],['4','5','6']).and_return(['1','2','3','4','5','6']) } + it { is_expected.to run.with_params(['1','2','3'],'4').and_return(['1','2','3','4']) } + it { is_expected.to run.with_params(['1','2','3'],[['4','5'],'6']).and_return(['1','2','3',['4','5'],'6']) } + it { is_expected.to run.with_params(['1','2'],['3','4'],['5','6']).and_return(['1','2','3','4','5','6']) } + it { is_expected.to run.with_params(['1','2'],'3','4',['5','6']).and_return(['1','2','3','4','5','6']) } + + it "should leave the original array intact" do + argument1 = ['1','2','3'] + original1 = argument1.dup + argument2 = ['4','5','6'] + original2 = argument2.dup + result = subject.call([argument1,argument2]) + expect(argument1).to eq(original1) + expect(argument2).to eq(original2) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/convert_base_spec.rb b/modules/dependencies/stdlib/spec/functions/convert_base_spec.rb new file mode 100644 index 000000000..8ab228454 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/convert_base_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'convert_base' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { is_expected.to run.with_params("asdf").and_raise_error(ArgumentError) } + it { is_expected.to run.with_params("asdf","moo","cow").and_raise_error(ArgumentError) } + it { is_expected.to run.with_params(["1"],"2").and_raise_error(Puppet::ParseError, /argument must be either a string or an integer/) } + it { is_expected.to run.with_params("1",["2"]).and_raise_error(Puppet::ParseError, /argument must be either a string or an integer/) } + it { is_expected.to run.with_params("1",1).and_raise_error(Puppet::ParseError, /base must be at least 2 and must not be greater than 36/) } + it { is_expected.to run.with_params("1",37).and_raise_error(Puppet::ParseError, /base must be at least 2 and must not be greater than 36/) } + + it "should raise a ParseError if argument 1 is a string that does not correspond to an integer in base 10" do + is_expected.to run.with_params("ten",6).and_raise_error(Puppet::ParseError, /argument must be an integer or a string corresponding to an integer in base 10/) + end + + it "should raise a ParseError if argument 2 is a string and does not correspond to an integer in base 10" do + is_expected.to run.with_params(100,"hex").and_raise_error(Puppet::ParseError, /argument must be an integer or a string corresponding to an integer in base 10/) + end + + it { is_expected.to run.with_params("11",'16').and_return('b') } + it { is_expected.to run.with_params("35",'36').and_return('z') } + it { is_expected.to run.with_params(5, 2).and_return('101') } +end diff --git a/modules/dependencies/stdlib/spec/functions/count_spec.rb b/modules/dependencies/stdlib/spec/functions/count_spec.rb new file mode 100755 index 000000000..c8d19601c --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/count_spec.rb @@ -0,0 +1,18 @@ +require 'spec_helper' + +describe 'count' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { is_expected.to run.with_params("one").and_raise_error(ArgumentError) } + it { is_expected.to run.with_params("one", "two").and_return(1) } + it { + pending("should actually be like this, and not like above") + is_expected.to run.with_params("one", "two").and_raise_error(ArgumentError) + } + it { is_expected.to run.with_params("one", "two", "three").and_raise_error(ArgumentError) } + it { is_expected.to run.with_params(["one", "two", "three"]).and_return(3) } + it { is_expected.to run.with_params(["one", "two", "two"], "two").and_return(2) } + it { is_expected.to run.with_params(["one", nil, "two"]).and_return(2) } + it { is_expected.to run.with_params(["one", "", "two"]).and_return(2) } + it { is_expected.to run.with_params(["one", :undef, "two"]).and_return(2) } +end diff --git a/modules/dependencies/stdlib/spec/functions/deep_merge_spec.rb b/modules/dependencies/stdlib/spec/functions/deep_merge_spec.rb new file mode 100755 index 000000000..397e048ce --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/deep_merge_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' + +describe 'deep_merge' do + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params({ 'key' => 'value' }).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params({}, '2').and_raise_error(Puppet::ParseError, /unexpected argument type String/) } + it { is_expected.to run.with_params({}, 2).and_raise_error(Puppet::ParseError, /unexpected argument type Fixnum/) } + it { is_expected.to run.with_params({}, '').and_return({}) } + it { is_expected.to run.with_params({}, {}).and_return({}) } + it { is_expected.to run.with_params({}, {}, {}).and_return({}) } + it { is_expected.to run.with_params({}, {}, {}, {}).and_return({}) } + it { is_expected.to run.with_params({'key' => 'value'}, '').and_return({'key' => 'value'}) } + it { is_expected.to run.with_params({'key1' => 'value1'}, {'key2' => 'value2' }).and_return({'key1' => 'value1', 'key2' => 'value2'}) } + + describe 'when arguments have key collisions' do + it 'should prefer values from the last hash' do + is_expected.to run \ + .with_params( + {'key1' => 'value1', 'key2' => 'value2' }, + {'key2' => 'replacement_value', 'key3' => 'value3'}) \ + .and_return( + {'key1' => 'value1', 'key2' => 'replacement_value', 'key3' => 'value3'}) + end + it { is_expected.to run \ + .with_params({'key1' => 'value1'}, {'key1' => 'value2'}, {'key1' => 'value3'}) \ + .and_return({'key1' => 'value3' }) + } + end + + describe 'when arguments have subhashes' do + it { is_expected.to run \ + .with_params({'key1' => 'value1'}, {'key2' => 'value2', 'key3' => {'subkey1' => 'value4'}}) \ + .and_return( {'key1' => 'value1', 'key2' => 'value2', 'key3' => {'subkey1' => 'value4'}}) + } + it { is_expected.to run \ + .with_params({'key1' => {'subkey1' => 'value1'}}, {'key1' => {'subkey2' => 'value2'}}) \ + .and_return( {'key1' => {'subkey1' => 'value1', 'subkey2' => 'value2'}}) + } + it { is_expected.to run \ + .with_params({'key1' => {'subkey1' => {'subsubkey1' => 'value1'}}}, {'key1' => {'subkey1' => {'subsubkey1' => 'value2'}}}) \ + .and_return( {'key1' => {'subkey1' => {'subsubkey1' => 'value2'}}}) + } + end + + it 'should not change the original hashes' do + argument1 = { 'key1' => 'value1' } + original1 = argument1.dup + argument2 = { 'key2' => 'value2' } + original2 = argument2.dup + + subject.call([argument1, argument2]) + expect(argument1).to eq(original1) + expect(argument2).to eq(original2) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/defined_with_params_spec.rb b/modules/dependencies/stdlib/spec/functions/defined_with_params_spec.rb new file mode 100755 index 000000000..516d986db --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/defined_with_params_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper' + +describe 'defined_with_params' do + describe 'when no resource is specified' do + it { is_expected.to run.with_params().and_raise_error(ArgumentError) } + end + describe 'when compared against a resource with no attributes' do + let :pre_condition do + 'user { "dan": }' + end + it { is_expected.to run.with_params('User[dan]', {}).and_return(true) } + it { is_expected.to run.with_params('User[bob]', {}).and_return(false) } + it { is_expected.to run.with_params('User[dan]', {'foo' => 'bar'}).and_return(false) } + end + + describe 'when compared against a resource with attributes' do + let :pre_condition do + 'user { "dan": ensure => present, shell => "/bin/csh", managehome => false}' + end + it { is_expected.to run.with_params('User[dan]', {}).and_return(true) } + it { is_expected.to run.with_params('User[dan]', '').and_return(true) } + it { is_expected.to run.with_params('User[dan]', {'ensure' => 'present'}).and_return(true) } + it { is_expected.to run.with_params('User[dan]', {'ensure' => 'present', 'managehome' => false}).and_return(true) } + it { is_expected.to run.with_params('User[dan]', {'ensure' => 'absent', 'managehome' => false}).and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/delete_at_spec.rb b/modules/dependencies/stdlib/spec/functions/delete_at_spec.rb new file mode 100755 index 000000000..0e19472ef --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/delete_at_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' + +describe 'delete_at' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1, 1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(['one'], 'two').and_raise_error(Puppet::ParseError) } + it { + pending("Current implementation ignores parameters after the first two.") + is_expected.to run.with_params(['one'], 0, 1).and_raise_error(Puppet::ParseError) + } + + describe 'argument validation' do + it { is_expected.to run.with_params([0, 1, 2], 3).and_raise_error(Puppet::ParseError) } + end + + it { is_expected.to run.with_params([0, 1, 2], 1).and_return([0, 2]) } + it { is_expected.to run.with_params([0, 1, 2], -1).and_return([0, 1]) } + it { is_expected.to run.with_params([0, 1, 2], -4).and_return([0, 1, 2]) } + + it "should leave the original array intact" do + argument = [1, 2, 3] + original = argument.dup + result = subject.call([argument,2]) + expect(argument).to eq(original) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/delete_spec.rb b/modules/dependencies/stdlib/spec/functions/delete_spec.rb new file mode 100755 index 000000000..6c4747bbd --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/delete_spec.rb @@ -0,0 +1,67 @@ +require 'spec_helper' + +describe 'delete' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], 'two', 'three').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1, 'two').and_raise_error(TypeError) } + + describe 'deleting from an array' do + it { is_expected.to run.with_params([], '').and_return([]) } + it { is_expected.to run.with_params([], 'two').and_return([]) } + it { is_expected.to run.with_params(['two'], 'two').and_return([]) } + it { is_expected.to run.with_params(['two', 'two'], 'two').and_return([]) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'four').and_return(['one', 'two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'two').and_return(['one', 'three']) } + it { is_expected.to run.with_params(['two', 'one', 'two', 'three', 'two'], 'two').and_return(['one', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'two'], ['one', 'two']).and_return(['three']) } + end + + describe 'deleting from a string' do + it { is_expected.to run.with_params('', '').and_return('') } + it { is_expected.to run.with_params('bar', '').and_return('bar') } + it { is_expected.to run.with_params('', 'bar').and_return('') } + it { is_expected.to run.with_params('bar', 'bar').and_return('') } + it { is_expected.to run.with_params('barbar', 'bar').and_return('') } + it { is_expected.to run.with_params('barfoobar', 'bar').and_return('foo') } + it { is_expected.to run.with_params('foobarbabarz', 'bar').and_return('foobaz') } + it { is_expected.to run.with_params('foobarbabarz', ['foo', 'bar']).and_return('baz') } + # this is so sick + it { is_expected.to run.with_params('barfoobar', ['barbar', 'foo']).and_return('barbar') } + it { is_expected.to run.with_params('barfoobar', ['foo', 'barbar']).and_return('') } + end + + describe 'deleting from an array' do + it { is_expected.to run.with_params({}, '').and_return({}) } + it { is_expected.to run.with_params({}, 'key').and_return({}) } + it { is_expected.to run.with_params({'key' => 'value'}, 'key').and_return({}) } + it { is_expected.to run \ + .with_params({'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3'}, 'key2') \ + .and_return( {'key1' => 'value1', 'key3' => 'value3'}) + } + it { is_expected.to run \ + .with_params({'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3'}, ['key1', 'key2']) \ + .and_return( {'key3' => 'value3'}) + } + end + + it "should leave the original array intact" do + argument1 = ['one','two','three'] + original1 = argument1.dup + result = subject.call([argument1,'two']) + expect(argument1).to eq(original1) + end + it "should leave the original string intact" do + argument1 = 'onetwothree' + original1 = argument1.dup + result = subject.call([argument1,'two']) + expect(argument1).to eq(original1) + end + it "should leave the original hash intact" do + argument1 = {'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3'} + original1 = argument1.dup + result = subject.call([argument1,'key2']) + expect(argument1).to eq(original1) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/delete_undef_values_spec.rb b/modules/dependencies/stdlib/spec/functions/delete_undef_values_spec.rb new file mode 100755 index 000000000..ec9fb9c23 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/delete_undef_values_spec.rb @@ -0,0 +1,56 @@ +require 'spec_helper' + +describe 'delete_undef_values' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError) } + + describe 'when deleting from an array' do + [ :undef, '', nil ].each do |undef_value| + describe "when undef is represented by #{undef_value.inspect}" do + before do + pending("review behaviour when being passed undef as #{undef_value.inspect}") if undef_value == '' + pending("review behaviour when being passed undef as #{undef_value.inspect}") if undef_value == nil + end + it { is_expected.to run.with_params([undef_value]).and_return([]) } + it { is_expected.to run.with_params(['one',undef_value,'two','three']).and_return(['one','two','three']) } + end + + it "should leave the original argument intact" do + argument = ['one',undef_value,'two'] + original = argument.dup + result = subject.call([argument,2]) + expect(argument).to eq(original) + end + end + + it { is_expected.to run.with_params(['undef']).and_return(['undef']) } + end + + describe 'when deleting from a hash' do + [ :undef, '', nil ].each do |undef_value| + describe "when undef is represented by #{undef_value.inspect}" do + before do + pending("review behaviour when being passed undef as #{undef_value.inspect}") if undef_value == '' + pending("review behaviour when being passed undef as #{undef_value.inspect}") if undef_value == nil + end + it { is_expected.to run.with_params({'key' => undef_value}).and_return({}) } + it { is_expected.to run \ + .with_params({'key1' => 'value1', 'undef_key' => undef_value, 'key2' => 'value2'}) \ + .and_return({'key1' => 'value1', 'key2' => 'value2'}) + } + end + + it "should leave the original argument intact" do + argument = { 'key1' => 'value1', 'key2' => undef_value } + original = argument.dup + result = subject.call([argument,2]) + expect(argument).to eq(original) + end + end + + it { is_expected.to run.with_params({'key' => 'undef'}).and_return({'key' => 'undef'}) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/delete_values_spec.rb b/modules/dependencies/stdlib/spec/functions/delete_values_spec.rb new file mode 100755 index 000000000..12907d4b7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/delete_values_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' + +describe 'delete_values' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError) } + describe 'when the first argument is not a hash' do + it { is_expected.to run.with_params(1, 'two').and_raise_error(TypeError) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(TypeError) } + it { is_expected.to run.with_params([], 'two').and_raise_error(TypeError) } + end + + describe 'when deleting from a hash' do + it { is_expected.to run.with_params({}, 'value').and_return({}) } + it { is_expected.to run \ + .with_params({'key1' => 'value1'}, 'non-existing value') \ + .and_return({'key1' => 'value1'}) + } + it { is_expected.to run \ + .with_params({'key1' => 'value1', 'key2' => 'value to delete'}, 'value to delete') \ + .and_return({'key1' => 'value1'}) + } + it { is_expected.to run \ + .with_params({'key1' => 'value1', 'key2' => 'value to delete', 'key3' => 'value to delete'}, 'value to delete') \ + .and_return({'key1' => 'value1'}) + } + end + + it "should leave the original argument intact" do + argument = { 'key1' => 'value1', 'key2' => 'value2' } + original = argument.dup + result = subject.call([argument, 'value2']) + expect(argument).to eq(original) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/difference_spec.rb b/modules/dependencies/stdlib/spec/functions/difference_spec.rb new file mode 100755 index 000000000..d5e983d8f --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/difference_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'difference' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', []).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], 'two').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params({}, {}).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], []).and_return([]) } + it { is_expected.to run.with_params([], ['one']).and_return([]) } + it { is_expected.to run.with_params(['one'], ['one']).and_return([]) } + it { is_expected.to run.with_params(['one'], []).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'three']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'two', 'three'], ['two', 'three']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'two', 'three']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'three', 'four']).and_return(['one']) } + it 'should not confuse types' do is_expected.to run.with_params(['1', '2', '3'], [1, 2]).and_return(['1', '2', '3']) end +end diff --git a/modules/dependencies/stdlib/spec/functions/dirname_spec.rb b/modules/dependencies/stdlib/spec/functions/dirname_spec.rb new file mode 100755 index 000000000..46c4c35c7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/dirname_spec.rb @@ -0,0 +1,13 @@ +require 'spec_helper' + +describe 'dirname' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('/path/to/a/file.ext', []).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('/path/to/a/file.ext').and_return('/path/to/a') } + it { is_expected.to run.with_params('relative_path/to/a/file.ext').and_return('relative_path/to/a') } +end diff --git a/modules/dependencies/stdlib/spec/functions/dos2unix_spec.rb b/modules/dependencies/stdlib/spec/functions/dos2unix_spec.rb new file mode 100644 index 000000000..9c84703cb --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/dos2unix_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'dos2unix' do + context 'Checking parameter validity' do + it { is_expected.not_to eq(nil) } + it do + is_expected.to run.with_params.and_raise_error(ArgumentError, /Wrong number of arguments/) + end + it do + is_expected.to run.with_params('one', 'two').and_raise_error(ArgumentError, /Wrong number of arguments/) + end + it do + is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) + end + it do + is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError) + end + it do + is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) + end + end + + context 'Converting from dos to unix format' do + sample_text = "Hello\r\nWorld\r\n" + desired_output = "Hello\nWorld\n" + + it 'should output unix format' do + should run.with_params(sample_text).and_return(desired_output) + end + end + + context 'Converting from unix to unix format' do + sample_text = "Hello\nWorld\n" + desired_output = "Hello\nWorld\n" + + it 'should output unix format' do + should run.with_params(sample_text).and_return(desired_output) + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/downcase_spec.rb b/modules/dependencies/stdlib/spec/functions/downcase_spec.rb new file mode 100755 index 000000000..c594560a0 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/downcase_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'downcase' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(100).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("abc").and_return("abc") } + it { is_expected.to run.with_params("Abc").and_return("abc") } + it { is_expected.to run.with_params("ABC").and_return("abc") } + + it { is_expected.to run.with_params(AlsoString.new("ABC")).and_return("abc") } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(["ONE", "TWO"]).and_return(["one", "two"]) } + it { is_expected.to run.with_params(["One", 1, "Two"]).and_return(["one", 1, "two"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/empty_spec.rb b/modules/dependencies/stdlib/spec/functions/empty_spec.rb new file mode 100755 index 000000000..a3a25d6a0 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/empty_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe 'empty' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError) + } + it { is_expected.to run.with_params(0).and_return(false) } + it { is_expected.to run.with_params('').and_return(true) } + it { is_expected.to run.with_params('one').and_return(false) } + + it { is_expected.to run.with_params(AlsoString.new('')).and_return(true) } + it { is_expected.to run.with_params(AlsoString.new('one')).and_return(false) } + + it { is_expected.to run.with_params([]).and_return(true) } + it { is_expected.to run.with_params(['one']).and_return(false) } + + it { is_expected.to run.with_params({}).and_return(true) } + it { is_expected.to run.with_params({'key' => 'value'}).and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/ensure_packages_spec.rb b/modules/dependencies/stdlib/spec/functions/ensure_packages_spec.rb new file mode 100755 index 000000000..c82473299 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/ensure_packages_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper' + +describe 'ensure_packages' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { + pending("should not accept numbers as arguments") + is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) + } + it { + pending("should not accept numbers as arguments") + is_expected.to run.with_params(["packagename", 1]).and_raise_error(Puppet::ParseError) + } + it { is_expected.to run.with_params("packagename") } + it { is_expected.to run.with_params(["packagename1", "packagename2"]) } + + context 'given a catalog with "package { puppet: ensure => absent }"' do + let(:pre_condition) { 'package { puppet: ensure => absent }' } + + describe 'after running ensure_package("facter")' do + before { subject.call(['facter']) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_package('puppet').with_ensure('absent') } + it { expect(lambda { catalogue }).to contain_package('facter').with_ensure('present') } + end + + describe 'after running ensure_package("facter", { "provider" => "gem" })' do + before { subject.call(['facter', { "provider" => "gem" }]) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_package('puppet').with_ensure('absent').without_provider() } + it { expect(lambda { catalogue }).to contain_package('facter').with_ensure('present').with_provider("gem") } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/ensure_resource_spec.rb b/modules/dependencies/stdlib/spec/functions/ensure_resource_spec.rb new file mode 100755 index 000000000..c4f2cbd0e --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/ensure_resource_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' + +describe 'ensure_resource' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError, /Must specify a type/) } + it { is_expected.to run.with_params('type').and_raise_error(ArgumentError, /Must specify a title/) } + it { is_expected.to run.with_params('type', 'title', {}, 'extras').and_raise_error(Puppet::ParseError) } + it { + pending("should not accept numbers as arguments") + is_expected.to run.with_params(1,2,3).and_raise_error(Puppet::ParseError) + } + + context 'given a catalog with "user { username1: ensure => present }"' do + let(:pre_condition) { 'user { username1: ensure => present }' } + + describe 'after running ensure_resource("user", "username1", {})' do + before { subject.call(['User', 'username1', {}]) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_user('username1').with_ensure('present') } + end + + describe 'after running ensure_resource("user", "username2", {})' do + before { subject.call(['User', 'username2', {}]) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_user('username1').with_ensure('present') } + it { expect(lambda { catalogue }).to contain_user('username2').without_ensure } + end + + describe 'after running ensure_resource("user", ["username1", "username2"], {})' do + before { subject.call(['User', ['username1', 'username2'], {}]) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_user('username1').with_ensure('present') } + it { expect(lambda { catalogue }).to contain_user('username2').without_ensure } + end + + describe 'when providing already set params' do + let(:params) { { 'ensure' => 'present' } } + before { subject.call(['User', ['username2', 'username3'], params]) } + + # this lambda is required due to strangeness within rspec-puppet's expectation handling + it { expect(lambda { catalogue }).to contain_user('username1').with(params) } + it { expect(lambda { catalogue }).to contain_user('username2').with(params) } + end + + context 'when trying to add params' do + it { is_expected.to run \ + .with_params('User', 'username1', { 'ensure' => 'present', 'shell' => true }) \ + .and_raise_error(Puppet::Resource::Catalog::DuplicateResourceError, /User\[username1\] is already declared/) + } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/flatten_spec.rb b/modules/dependencies/stdlib/spec/functions/flatten_spec.rb new file mode 100755 index 000000000..a4338be4d --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/flatten_spec.rb @@ -0,0 +1,14 @@ +require 'spec_helper' + +describe 'flatten' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], []).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['one']).and_return(['one']) } + it { is_expected.to run.with_params([['one']]).and_return(['one']) } + it { is_expected.to run.with_params(["a","b","c","d","e","f","g"]).and_return(["a","b","c","d","e","f","g"]) } + it { is_expected.to run.with_params([["a","b",["c",["d","e"],"f","g"]]]).and_return(["a","b","c","d","e","f","g"]) } +end diff --git a/modules/dependencies/stdlib/spec/functions/floor_spec.rb b/modules/dependencies/stdlib/spec/functions/floor_spec.rb new file mode 100755 index 000000000..608c602fa --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/floor_spec.rb @@ -0,0 +1,12 @@ +require 'spec_helper' + +describe 'floor' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params("foo").and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params(34).and_return(34) } + it { is_expected.to run.with_params(-34).and_return(-34) } + it { is_expected.to run.with_params(33.1).and_return(33) } + it { is_expected.to run.with_params(-33.1).and_return(-34) } +end diff --git a/modules/dependencies/stdlib/spec/functions/fqdn_rand_string_spec.rb b/modules/dependencies/stdlib/spec/functions/fqdn_rand_string_spec.rb new file mode 100644 index 000000000..e4070846b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/fqdn_rand_string_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper' + +describe 'fqdn_rand_string' do + let(:default_charset) { %r{\A[a-zA-Z0-9]{100}\z} } + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(0).and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(1.5).and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(-10).and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params("-10").and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params("string").and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params([]).and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params({}).and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(1, 1).and_raise_error(ArgumentError, /second argument must be undef or a string/) } + it { is_expected.to run.with_params(1, []).and_raise_error(ArgumentError, /second argument must be undef or a string/) } + it { is_expected.to run.with_params(1, {}).and_raise_error(ArgumentError, /second argument must be undef or a string/) } + it { is_expected.to run.with_params(100).and_return(default_charset) } + it { is_expected.to run.with_params("100").and_return(default_charset) } + it { is_expected.to run.with_params(100, nil).and_return(default_charset) } + it { is_expected.to run.with_params(100, '').and_return(default_charset) } + it { is_expected.to run.with_params(100, 'a').and_return(/\Aa{100}\z/) } + it { is_expected.to run.with_params(100, 'ab').and_return(/\A[ab]{100}\z/) } + + it "provides the same 'random' value on subsequent calls for the same host" do + expect(fqdn_rand_string(10)).to eql(fqdn_rand_string(10)) + end + + it "considers the same host and same extra arguments to have the same random sequence" do + first_random = fqdn_rand_string(10, :extra_identifier => [1, "same", "host"]) + second_random = fqdn_rand_string(10, :extra_identifier => [1, "same", "host"]) + + expect(first_random).to eql(second_random) + end + + it "allows extra arguments to control the random value on a single host" do + first_random = fqdn_rand_string(10, :extra_identifier => [1, "different", "host"]) + second_different_random = fqdn_rand_string(10, :extra_identifier => [2, "different", "host"]) + + expect(first_random).not_to eql(second_different_random) + end + + it "should return different strings for different hosts" do + val1 = fqdn_rand_string(10, :host => "first.host.com") + val2 = fqdn_rand_string(10, :host => "second.host.com") + + expect(val1).not_to eql(val2) + end + + def fqdn_rand_string(max, args = {}) + host = args[:host] || '127.0.0.1' + charset = args[:charset] + extra = args[:extra_identifier] || [] + + # workaround not being able to use let(:facts) because some tests need + # multiple different hostnames in one context + scope.stubs(:lookupvar).with("::fqdn", {}).returns(host) + + function_args = [max] + if args.has_key?(:charset) or !extra.empty? + function_args << charset + end + function_args += extra + scope.function_fqdn_rand_string(function_args) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/fqdn_rotate_spec.rb b/modules/dependencies/stdlib/spec/functions/fqdn_rotate_spec.rb new file mode 100755 index 000000000..db7a71732 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/fqdn_rotate_spec.rb @@ -0,0 +1,75 @@ +require 'spec_helper' + +describe 'fqdn_rotate' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(0).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['a']).and_return(['a']) } + + it "should rotate a string and the result should be the same size" do + expect(fqdn_rotate("asdf").size).to eq(4) + end + + it "should rotate a string to give the same results for one host" do + val1 = fqdn_rotate("abcdefg", :host => 'one') + val2 = fqdn_rotate("abcdefg", :host => 'one') + expect(val1).to eq(val2) + end + + it "allows extra arguments to control the random rotation on a single host" do + val1 = fqdn_rotate("abcdefg", :extra_identifier => [1, "different", "host"]) + val2 = fqdn_rotate("abcdefg", :extra_identifier => [2, "different", "host"]) + expect(val1).not_to eq(val2) + end + + it "considers the same host and same extra arguments to have the same random rotation" do + val1 = fqdn_rotate("abcdefg", :extra_identifier => [1, "same", "host"]) + val2 = fqdn_rotate("abcdefg", :extra_identifier => [1, "same", "host"]) + expect(val1).to eq(val2) + end + + it "should rotate a string to give different values on different hosts" do + val1 = fqdn_rotate("abcdefg", :host => 'one') + val2 = fqdn_rotate("abcdefg", :host => 'two') + expect(val1).not_to eq(val2) + end + + it "should accept objects which extend String" do + result = fqdn_rotate(AlsoString.new('asdf')) + expect(result).to eq('dfas') + end + + it "should use the Puppet::Util.deterministic_rand function" do + if Puppet::Util.respond_to?(:deterministic_rand) + Puppet::Util.expects(:deterministic_rand).with(44489829212339698569024999901561968770,4) + fqdn_rotate("asdf") + else + skip 'Puppet::Util#deterministic_rand not available' + end + end + + it "should not leave the global seed in a deterministic state" do + fqdn_rotate("asdf") + rand1 = rand() + fqdn_rotate("asdf") + rand2 = rand() + expect(rand1).not_to eql(rand2) + end + + def fqdn_rotate(value, args = {}) + host = args[:host] || '127.0.0.1' + extra = args[:extra_identifier] || [] + + # workaround not being able to use let(:facts) because some tests need + # multiple different hostnames in one context + scope.stubs(:lookupvar).with("::fqdn").returns(host) + + function_args = [value] + extra + scope.function_fqdn_rotate(function_args) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/get_module_path_spec.rb b/modules/dependencies/stdlib/spec/functions/get_module_path_spec.rb new file mode 100755 index 000000000..b1f682fdb --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/get_module_path_spec.rb @@ -0,0 +1,52 @@ +require 'spec_helper' + +describe 'get_module_path' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /Wrong number of arguments, expects one/) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /Wrong number of arguments, expects one/) } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError, /Wrong number of arguments, expects one/) } + if Puppet.version.to_f >= 4.0 + it { is_expected.to run.with_params('one').and_raise_error(Puppet::Environments::EnvironmentNotFound, /Could not find a directory environment/) } + else + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /Could not find module/) } + end + + class StubModule + attr_reader :path + def initialize(path) + @path = path + end + end + + describe 'when locating a module' do + let(:modulepath) { "/tmp/does_not_exist" } + let(:path_of_module_foo) { StubModule.new("/tmp/does_not_exist/foo") } + + before(:each) { Puppet[:modulepath] = modulepath } + + context 'in the default environment' do + before(:each) { Puppet::Module.expects(:find).with('foo', 'rp_env').returns(path_of_module_foo) } + + it { is_expected.to run.with_params('foo').and_return(path_of_module_foo.path) } + + context 'when the modulepath is a list' do + before(:each) { Puppet[:modulepath] = modulepath + 'tmp/something_else' } + + it { is_expected.to run.with_params('foo').and_return(path_of_module_foo.path) } + end + end + + context 'in a non-default default environment' do + let(:environment) { 'test' } + before(:each) { Puppet::Module.expects(:find).with('foo', 'test').returns(path_of_module_foo) } + + it { is_expected.to run.with_params('foo').and_return(path_of_module_foo.path) } + + context 'when the modulepath is a list' do + before(:each) { Puppet[:modulepath] = modulepath + 'tmp/something_else' } + + it { is_expected.to run.with_params('foo').and_return(path_of_module_foo.path) } + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/getparam_spec.rb b/modules/dependencies/stdlib/spec/functions/getparam_spec.rb new file mode 100755 index 000000000..9e3d9e470 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/getparam_spec.rb @@ -0,0 +1,30 @@ +require 'spec_helper' + +describe 'getparam' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError, /Must specify a reference/) } + it { is_expected.to run.with_params('User[one]').and_raise_error(ArgumentError, /Must specify name of a parameter/) } + it { is_expected.to run.with_params('User[one]', 2).and_raise_error(ArgumentError, /Must specify name of a parameter/) } + it { is_expected.to run.with_params('User[one]', []).and_raise_error(ArgumentError, /Must specify name of a parameter/) } + it { is_expected.to run.with_params('User[one]', {}).and_raise_error(ArgumentError, /Must specify name of a parameter/) } + + describe 'when compared against a user resource with no params' do + let(:pre_condition) { 'user { "one": }' } + + it { is_expected.to run.with_params('User[one]', 'ensure').and_return('') } + it { is_expected.to run.with_params('User[two]', 'ensure').and_return('') } + it { is_expected.to run.with_params('User[one]', 'shell').and_return('') } + end + + describe 'when compared against a user resource with params' do + let(:pre_condition) { 'user { "one": ensure => present, shell => "/bin/sh", managehome => false, }' } + + it { is_expected.to run.with_params('User[one]', 'ensure').and_return('present') } + it { is_expected.to run.with_params('User[two]', 'ensure').and_return('') } + it { is_expected.to run.with_params('User[one]', 'shell').and_return('/bin/sh') } + it { + pending("both rspec-puppet as well as the function do the wrong thing here.") + is_expected.to run.with_params('User[one]', 'managehome').and_return(false) + } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/getvar_spec.rb b/modules/dependencies/stdlib/spec/functions/getvar_spec.rb new file mode 100755 index 000000000..6ab137ec7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/getvar_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'getvar' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + context 'given variables in namespaces' do + let(:pre_condition) { + <<-'ENDofPUPPETcode' + class site::data { $foo = 'baz' } + include site::data + ENDofPUPPETcode + } + + it { is_expected.to run.with_params('site::data::foo').and_return('baz') } + it { is_expected.to run.with_params('::site::data::foo').and_return('baz') } + it { is_expected.to run.with_params('::site::data::bar').and_return(nil) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/grep_spec.rb b/modules/dependencies/stdlib/spec/functions/grep_spec.rb new file mode 100755 index 000000000..6e0bd6eb9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/grep_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'grep' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("grep does not actually check this, and raises NoMethodError instead") + is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /first argument not an array/) + } + it { + pending("grep does not actually check this, and raises NoMethodError instead") + is_expected.to run.with_params(1, 'two').and_raise_error(Puppet::ParseError, /first argument not an array/) + } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([], 'two').and_return([]) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'two').and_return(['two']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 't(wo|hree)').and_return(['two', 'three']) } +end diff --git a/modules/dependencies/stdlib/spec/functions/has_interface_with_spec.rb b/modules/dependencies/stdlib/spec/functions/has_interface_with_spec.rb new file mode 100755 index 000000000..7334d38b9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/has_interface_with_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' + +describe 'has_interface_with' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two", "three").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + # We need to mock out the Facts so we can specify how we expect this function + # to behave on different platforms. + context "On Mac OS X Systems" do + let(:facts) { { :interfaces => 'lo0,gif0,stf0,en1,p2p0,fw0,en0,vmnet1,vmnet8,utun0' } } + it { is_expected.to run.with_params('lo0').and_return(true) } + it { is_expected.to run.with_params('lo').and_return(false) } + end + + context "On Linux Systems" do + let(:facts) do + { + :interfaces => 'eth0,lo', + :ipaddress => '10.0.0.1', + :ipaddress_lo => '127.0.0.1', + :ipaddress_eth0 => '10.0.0.1', + :muppet => 'kermit', + :muppet_lo => 'mspiggy', + :muppet_eth0 => 'kermit', + } + end + + it { is_expected.to run.with_params('lo').and_return(true) } + it { is_expected.to run.with_params('lo0').and_return(false) } + it { is_expected.to run.with_params('ipaddress', '127.0.0.1').and_return(true) } + it { is_expected.to run.with_params('ipaddress', '10.0.0.1').and_return(true) } + it { is_expected.to run.with_params('ipaddress', '8.8.8.8').and_return(false) } + it { is_expected.to run.with_params('muppet', 'kermit').and_return(true) } + it { is_expected.to run.with_params('muppet', 'mspiggy').and_return(true) } + it { is_expected.to run.with_params('muppet', 'bigbird').and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/has_ip_address_spec.rb b/modules/dependencies/stdlib/spec/functions/has_ip_address_spec.rb new file mode 100755 index 000000000..42a5a7926 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/has_ip_address_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe 'has_ip_address' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + context "On Linux Systems" do + let(:facts) do + { + :interfaces => 'eth0,lo', + :ipaddress => '10.0.0.1', + :ipaddress_lo => '127.0.0.1', + :ipaddress_eth0 => '10.0.0.1', + } + end + + it { is_expected.to run.with_params('127.0.0.1').and_return(true) } + it { is_expected.to run.with_params('10.0.0.1').and_return(true) } + it { is_expected.to run.with_params('8.8.8.8').and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/has_ip_network_spec.rb b/modules/dependencies/stdlib/spec/functions/has_ip_network_spec.rb new file mode 100755 index 000000000..7b5fe66ac --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/has_ip_network_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe 'has_ip_network' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + context "On Linux Systems" do + let(:facts) do + { + :interfaces => 'eth0,lo', + :network => :undefined, + :network_lo => '127.0.0.0', + :network_eth0 => '10.0.0.0', + } + end + + it { is_expected.to run.with_params('127.0.0.0').and_return(true) } + it { is_expected.to run.with_params('10.0.0.0').and_return(true) } + it { is_expected.to run.with_params('8.8.8.0').and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/has_key_spec.rb b/modules/dependencies/stdlib/spec/functions/has_key_spec.rb new file mode 100755 index 000000000..965d5a657 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/has_key_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'has_key' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two", "three").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two").and_raise_error(Puppet::ParseError, /expects the first argument to be a hash/) } + it { is_expected.to run.with_params(1, "two").and_raise_error(Puppet::ParseError, /expects the first argument to be a hash/) } + it { is_expected.to run.with_params([], "two").and_raise_error(Puppet::ParseError, /expects the first argument to be a hash/) } + + it { is_expected.to run.with_params({ 'key' => 'value' }, "key").and_return(true) } + it { is_expected.to run.with_params({}, "key").and_return(false) } + it { is_expected.to run.with_params({ 'key' => 'value'}, "not a key").and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/hash_spec.rb b/modules/dependencies/stdlib/spec/functions/hash_spec.rb new file mode 100755 index 000000000..4fe99ceeb --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/hash_spec.rb @@ -0,0 +1,14 @@ +require 'spec_helper' + +describe 'hash' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], 'two').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(['one']).and_raise_error(Puppet::ParseError, /Unable to compute/) } + it { is_expected.to run.with_params([]).and_return({}) } + it { is_expected.to run.with_params(['key1', 'value1']).and_return({ 'key1' => 'value1' }) } + it { is_expected.to run.with_params(['key1', 'value1', 'key2', 'value2']).and_return({ 'key1' => 'value1', 'key2' => 'value2' }) } +end diff --git a/modules/dependencies/stdlib/spec/functions/intersection_spec.rb b/modules/dependencies/stdlib/spec/functions/intersection_spec.rb new file mode 100755 index 000000000..c0f608690 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/intersection_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'intersection' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', 'two', 'three').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params('one', []).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], 'two').and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params({}, {}).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([], []).and_return([]) } + it { is_expected.to run.with_params([], ['one']).and_return([]) } + it { is_expected.to run.with_params(['one'], []).and_return([]) } + it { is_expected.to run.with_params(['one'], ['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'three']).and_return(['two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'two', 'three'], ['two', 'three']).and_return(['two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'two', 'three']).and_return(['two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'three', 'four']).and_return(['two', 'three']) } + it 'should not confuse types' do is_expected.to run.with_params(['1', '2', '3'], [1, 2]).and_return([]) end +end diff --git a/modules/dependencies/stdlib/spec/functions/is_a_spec.rb b/modules/dependencies/stdlib/spec/functions/is_a_spec.rb new file mode 100644 index 000000000..8dec13f5a --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_a_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' + +if ENV["FUTURE_PARSER"] == 'yes' + describe 'type_of' do + pending 'teach rspec-puppet to load future-only functions under 3.7.5' do + it { is_expected.not_to eq(nil) } + end + end +end + +if Puppet.version.to_f >= 4.0 + describe 'is_a' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { is_expected.to run.with_params('', '').and_raise_error(ArgumentError) } + + it 'succeeds when comparing a string and a string' do + is_expected.to run.with_params('hello world', String).and_return(true) + end + + it 'fails when comparing an integer and a string' do + is_expected.to run.with_params(5, String).and_return(false) + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/is_array_spec.rb b/modules/dependencies/stdlib/spec/functions/is_array_spec.rb new file mode 100755 index 000000000..7dd21c23b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_array_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'is_array' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], []).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params([]).and_return(true) } + it { is_expected.to run.with_params(['one']).and_return(true) } + it { is_expected.to run.with_params([1]).and_return(true) } + it { is_expected.to run.with_params([{}]).and_return(true) } + it { is_expected.to run.with_params([[]]).and_return(true) } + it { is_expected.to run.with_params('').and_return(false) } + it { is_expected.to run.with_params('one').and_return(false) } + it { is_expected.to run.with_params(1).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_bool_spec.rb b/modules/dependencies/stdlib/spec/functions/is_bool_spec.rb new file mode 100755 index 000000000..76d619b00 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_bool_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'is_bool' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(true, false).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(true).and_return(true) } + it { is_expected.to run.with_params(false).and_return(true) } + it { is_expected.to run.with_params([1]).and_return(false) } + it { is_expected.to run.with_params([{}]).and_return(false) } + it { is_expected.to run.with_params([[]]).and_return(false) } + it { is_expected.to run.with_params([true]).and_return(false) } + it { is_expected.to run.with_params('true').and_return(false) } + it { is_expected.to run.with_params('false').and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_domain_name_spec.rb b/modules/dependencies/stdlib/spec/functions/is_domain_name_spec.rb new file mode 100755 index 000000000..c1bf0e34b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_domain_name_spec.rb @@ -0,0 +1,43 @@ +require 'spec_helper' + +describe 'is_domain_name' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_return(false) } + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params('').and_return(false) } + it { is_expected.to run.with_params('.').and_return(true) } + it { is_expected.to run.with_params('com').and_return(true) } + it { is_expected.to run.with_params('com.').and_return(true) } + it { is_expected.to run.with_params('x.com').and_return(true) } + it { is_expected.to run.with_params('x.com.').and_return(true) } + it { is_expected.to run.with_params('foo.example.com').and_return(true) } + it { is_expected.to run.with_params('foo.example.com.').and_return(true) } + it { is_expected.to run.with_params('2foo.example.com').and_return(true) } + it { is_expected.to run.with_params('2foo.example.com.').and_return(true) } + it { is_expected.to run.with_params('www.2foo.example.com').and_return(true) } + it { is_expected.to run.with_params('www.2foo.example.com.').and_return(true) } + describe 'inputs with spaces' do + it { is_expected.to run.with_params('invalid domain').and_return(false) } + end + describe 'inputs with hyphens' do + it { is_expected.to run.with_params('foo-bar.example.com').and_return(true) } + it { is_expected.to run.with_params('foo-bar.example.com.').and_return(true) } + it { is_expected.to run.with_params('www.foo-bar.example.com').and_return(true) } + it { is_expected.to run.with_params('www.foo-bar.example.com.').and_return(true) } + it { is_expected.to run.with_params('-foo.example.com').and_return(false) } + it { is_expected.to run.with_params('-foo.example.com').and_return(false) } + end + # Values obtained from Facter values will be frozen strings + # in newer versions of Facter: + it { is_expected.to run.with_params('www.example.com'.freeze).and_return(true) } + describe 'top level domain must be alphabetic if there are multiple labels' do + it { is_expected.to run.with_params('2com').and_return(true) } + it { is_expected.to run.with_params('www.example.2com').and_return(false) } + end + describe 'IP addresses are not domain names' do + it { is_expected.to run.with_params('192.168.1.1').and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/is_float_spec.rb b/modules/dependencies/stdlib/spec/functions/is_float_spec.rb new file mode 100755 index 000000000..ffff971a7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_float_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe 'is_float' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(0.1, 0.2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'passing a string' do + it { is_expected.to run.with_params('0.1').and_return(true) } + it { is_expected.to run.with_params('1.0').and_return(true) } + it { is_expected.to run.with_params('1').and_return(false) } + it { is_expected.to run.with_params('one').and_return(false) } + it { is_expected.to run.with_params('one 1.0').and_return(false) } + it { is_expected.to run.with_params('1.0 one').and_return(false) } + end + + describe 'passing numbers' do + it { is_expected.to run.with_params(0.1).and_return(true) } + it { is_expected.to run.with_params(1.0).and_return(true) } + it { is_expected.to run.with_params(1).and_return(false) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/is_function_available.rb b/modules/dependencies/stdlib/spec/functions/is_function_available.rb new file mode 100755 index 000000000..44f08c081 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_function_available.rb @@ -0,0 +1,9 @@ +require 'spec_helper' + +describe 'is_function_available' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('include').and_return(true) } + it { is_expected.to run.with_params('no_such_function').and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_hash_spec.rb b/modules/dependencies/stdlib/spec/functions/is_hash_spec.rb new file mode 100755 index 000000000..c2599a02a --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_hash_spec.rb @@ -0,0 +1,11 @@ +require 'spec_helper' + +describe 'is_hash' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params({}, {}).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('').and_return(false) } + it { is_expected.to run.with_params({}).and_return(true) } + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params(1).and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_integer_spec.rb b/modules/dependencies/stdlib/spec/functions/is_integer_spec.rb new file mode 100755 index 000000000..67263c18f --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_integer_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' + +describe 'is_integer' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1, 2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + it { is_expected.to run.with_params(3).and_return(true) } + it { is_expected.to run.with_params('3').and_return(true) } + it { is_expected.to run.with_params(-3).and_return(true) } + it { is_expected.to run.with_params('-3').and_return(true) } + + it { is_expected.to run.with_params(3.7).and_return(false) } + it { is_expected.to run.with_params('3.7').and_return(false) } + it { is_expected.to run.with_params(-3.7).and_return(false) } + it { is_expected.to run.with_params('3.7').and_return(false) } + + it { is_expected.to run.with_params('one').and_return(false) } + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params([1]).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params(true).and_return(false) } + it { is_expected.to run.with_params(false).and_return(false) } + it { is_expected.to run.with_params('0001234').and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_ip_address_spec.rb b/modules/dependencies/stdlib/spec/functions/is_ip_address_spec.rb new file mode 100755 index 000000000..a7a383a1e --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_ip_address_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper' + +describe 'is_ip_address' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([], []).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('1.2.3.4').and_return(true) } + it { is_expected.to run.with_params('1.2.3.255').and_return(true) } + it { is_expected.to run.with_params('1.2.3.256').and_return(false) } + it { is_expected.to run.with_params('1.2.3').and_return(false) } + it { is_expected.to run.with_params('1.2.3.4.5').and_return(false) } + it { is_expected.to run.with_params('fe00::1').and_return(true) } + it { is_expected.to run.with_params('fe80:0000:cd12:d123:e2f8:47ff:fe09:dd74').and_return(true) } + it { is_expected.to run.with_params('FE80:0000:CD12:D123:E2F8:47FF:FE09:DD74').and_return(true) } + it { is_expected.to run.with_params('fe80:0000:cd12:d123:e2f8:47ff:fe09:zzzz').and_return(false) } + it { is_expected.to run.with_params('fe80:0000:cd12:d123:e2f8:47ff:fe09').and_return(false) } + it { is_expected.to run.with_params('fe80:0000:cd12:d123:e2f8:47ff:fe09:dd74:dd74').and_return(false) } + it { is_expected.to run.with_params('').and_return(false) } + it { is_expected.to run.with_params('one').and_return(false) } + it { is_expected.to run.with_params(1).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params([]).and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_mac_address_spec.rb b/modules/dependencies/stdlib/spec/functions/is_mac_address_spec.rb new file mode 100755 index 000000000..5f76a91b4 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_mac_address_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'is_mac_address' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([], []).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('00:a0:1f:12:7f:a0').and_return(true) } + it { is_expected.to run.with_params('00:A0:1F:12:7F:A0').and_return(true) } + it { is_expected.to run.with_params('00:00:00:00:00:0g').and_return(false) } + it { is_expected.to run.with_params('').and_return(false) } + it { is_expected.to run.with_params('one').and_return(false) } + it { + pending "should properly typecheck its arguments" + is_expected.to run.with_params(1).and_return(false) + } + it { + pending "should properly typecheck its arguments" + is_expected.to run.with_params({}).and_return(false) + } + it { + pending "should properly typecheck its arguments" + is_expected.to run.with_params([]).and_return(false) + } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_numeric_spec.rb b/modules/dependencies/stdlib/spec/functions/is_numeric_spec.rb new file mode 100755 index 000000000..d0f5a6eb6 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_numeric_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' + +describe 'is_numeric' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1, 2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + it { is_expected.to run.with_params(3).and_return(true) } + it { is_expected.to run.with_params('3').and_return(true) } + it { is_expected.to run.with_params(-3).and_return(true) } + it { is_expected.to run.with_params('-3').and_return(true) } + + it { is_expected.to run.with_params(3.7).and_return(true) } + it { is_expected.to run.with_params('3.7').and_return(true) } + it { is_expected.to run.with_params(-3.7).and_return(true) } + it { is_expected.to run.with_params('3.7').and_return(true) } + + it { is_expected.to run.with_params('-342.2315e-12').and_return(true) } + + it { is_expected.to run.with_params('one').and_return(false) } + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params([1]).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params(true).and_return(false) } + it { is_expected.to run.with_params(false).and_return(false) } + it { is_expected.to run.with_params('0001234').and_return(false) } + it { is_expected.to run.with_params(' - 1234').and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/is_string_spec.rb b/modules/dependencies/stdlib/spec/functions/is_string_spec.rb new file mode 100755 index 000000000..8e459ccfe --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/is_string_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' + +describe 'is_string' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + + it { is_expected.to run.with_params(3).and_return(false) } + it { is_expected.to run.with_params('3').and_return(false) } + it { is_expected.to run.with_params(-3).and_return(false) } + it { is_expected.to run.with_params('-3').and_return(false) } + + it { is_expected.to run.with_params(3.7).and_return(false) } + it { is_expected.to run.with_params('3.7').and_return(false) } + it { is_expected.to run.with_params(-3.7).and_return(false) } + it { is_expected.to run.with_params('3.7').and_return(false) } + + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params([1]).and_return(false) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params(true).and_return(false) } + it { is_expected.to run.with_params(false).and_return(false) } + it { is_expected.to run.with_params('one').and_return(true) } + it { is_expected.to run.with_params('0001234').and_return(true) } +end diff --git a/modules/dependencies/stdlib/spec/functions/join_keys_to_values_spec.rb b/modules/dependencies/stdlib/spec/functions/join_keys_to_values_spec.rb new file mode 100755 index 000000000..6c109d1c2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/join_keys_to_values_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'join_keys_to_values' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /Takes exactly two arguments/) } + it { is_expected.to run.with_params({}, '', '').and_raise_error(Puppet::ParseError, /Takes exactly two arguments/) } + it { is_expected.to run.with_params('one', '').and_raise_error(TypeError, /The first argument must be a hash/) } + it { is_expected.to run.with_params({}, 2).and_raise_error(TypeError, /The second argument must be a string/) } + + it { is_expected.to run.with_params({}, '').and_return([]) } + it { is_expected.to run.with_params({}, ':').and_return([]) } + it { is_expected.to run.with_params({ 'key' => 'value' }, '').and_return(['keyvalue']) } + it { is_expected.to run.with_params({ 'key' => 'value' }, ':').and_return(['key:value']) } + it { is_expected.to run.with_params({ 'key' => nil }, ':').and_return(['key:']) } + it 'should run join_keys_to_values(, ":") and return the proper array' do + result = subject.call([{ 'key1' => 'value1', 'key2' => 'value2' }, ':']) + expect(result.sort).to eq(['key1:value1', 'key2:value2'].sort) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/join_spec.rb b/modules/dependencies/stdlib/spec/functions/join_spec.rb new file mode 100755 index 000000000..a3005714b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/join_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'join' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the second.") + is_expected.to run.with_params([], '', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /Requires array to work with/) } + it { is_expected.to run.with_params([], 2).and_raise_error(Puppet::ParseError, /Requires string to work with/) } + + it { is_expected.to run.with_params([]).and_return('') } + it { is_expected.to run.with_params([], ':').and_return('') } + it { is_expected.to run.with_params(['one']).and_return('one') } + it { is_expected.to run.with_params(['one'], ':').and_return('one') } + it { is_expected.to run.with_params(['one', 'two', 'three']).and_return('onetwothree') } + it { is_expected.to run.with_params(['one', 'two', 'three'], ':').and_return('one:two:three') } +end diff --git a/modules/dependencies/stdlib/spec/functions/keys_spec.rb b/modules/dependencies/stdlib/spec/functions/keys_spec.rb new file mode 100755 index 000000000..2e009dcc8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/keys_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'keys' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params({}, {}).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params({}).and_return([]) } + it { is_expected.to run.with_params({ 'key' => 'value' }).and_return(['key']) } + it 'should return the array of keys' do + result = subject.call([{ 'key1' => 'value1', 'key2' => 'value2' }]) + expect(result).to match_array(['key1', 'key2']) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/load_module_metadata_spec.rb b/modules/dependencies/stdlib/spec/functions/load_module_metadata_spec.rb new file mode 100755 index 000000000..fe665fb50 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/load_module_metadata_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe 'load_module_metadata' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params("one", "two", "three").and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + it "should json parse the file" do + allow(scope).to receive(:function_get_module_path).with(['science']).and_return('/path/to/module/') + allow(File).to receive(:exists?).with(/metadata.json/).and_return(true) + allow(File).to receive(:read).with(/metadata.json/).and_return('{"name": "spencer-science"}') + + result = subject.call(['science']) + expect(result['name']).to eq('spencer-science') + end + + it "should fail by default if there is no metadata.json" do + allow(scope).to receive(:function_get_module_path).with(['science']).and_return('/path/to/module/') + allow(File).to receive(:exists?).with(/metadata.json/).and_return(false) + expect {subject.call(['science'])}.to raise_error(Puppet::ParseError) + end + + it "should return nil if user allows empty metadata.json" do + allow(scope).to receive(:function_get_module_path).with(['science']).and_return('/path/to/module/') + allow(File).to receive(:exists?).with(/metadata.json/).and_return(false) + result = subject.call(['science', true]) + expect(result).to eq({}) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/loadyaml_spec.rb b/modules/dependencies/stdlib/spec/functions/loadyaml_spec.rb new file mode 100755 index 000000000..ffc714d11 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/loadyaml_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'loadyaml' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + context 'when a non-existing file is specified' do + let(:filename) { '/tmp/doesnotexist' } + before { + File.expects(:exists?).with(filename).returns(false).once + YAML.expects(:load_file).never + } + it { is_expected.to run.with_params(filename).and_return(nil) } + end + context 'when an existing file is specified' do + let(:filename) { '/tmp/doesexist' } + let(:data) { { 'key' => 'value' } } + before { + File.expects(:exists?).with(filename).returns(true).once + YAML.expects(:load_file).with(filename).returns(data).once + } + it { is_expected.to run.with_params(filename).and_return(data) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/lstrip_spec.rb b/modules/dependencies/stdlib/spec/functions/lstrip_spec.rb new file mode 100755 index 000000000..981794edf --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/lstrip_spec.rb @@ -0,0 +1,34 @@ +require 'spec_helper' + +describe 'lstrip' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params("\t").and_return('') } + it { is_expected.to run.with_params("\t ").and_return('') } + it { is_expected.to run.with_params('one').and_return('one') } + it { is_expected.to run.with_params(' one').and_return('one') } + it { is_expected.to run.with_params(' one').and_return('one') } + it { is_expected.to run.with_params("\tone").and_return('one') } + it { is_expected.to run.with_params("\t one").and_return('one') } + it { is_expected.to run.with_params('one ').and_return('one ') } + it { is_expected.to run.with_params(' one ').and_return('one ') } + it { is_expected.to run.with_params(' one ').and_return('one ') } + it { is_expected.to run.with_params("\tone ").and_return('one ') } + it { is_expected.to run.with_params("\t one ").and_return('one ') } + it { is_expected.to run.with_params("one \t").and_return("one \t") } + it { is_expected.to run.with_params(" one \t").and_return("one \t") } + it { is_expected.to run.with_params(" one \t").and_return("one \t") } + it { is_expected.to run.with_params("\tone \t").and_return("one \t") } + it { is_expected.to run.with_params("\t one \t").and_return("one \t") } + it { is_expected.to run.with_params(' o n e ').and_return('o n e ') } + it { is_expected.to run.with_params(AlsoString.new(' one ')).and_return('one ') } +end diff --git a/modules/dependencies/stdlib/spec/functions/max_spec.rb b/modules/dependencies/stdlib/spec/functions/max_spec.rb new file mode 100755 index 000000000..66fb0c869 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/max_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'max' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_return(1) } + it { is_expected.to run.with_params(1, 2).and_return(2) } + it { is_expected.to run.with_params(1, 2, 3).and_return(3) } + it { is_expected.to run.with_params(3, 2, 1).and_return(3) } + it { is_expected.to run.with_params('one').and_return('one') } + it { is_expected.to run.with_params('one', 'two').and_return('two') } + it { is_expected.to run.with_params('one', 'two', 'three').and_return('two') } + it { is_expected.to run.with_params('three', 'two', 'one').and_return('two') } + + describe 'implementation artifacts' do + it { is_expected.to run.with_params(1, 'one').and_return('one') } + it { is_expected.to run.with_params('1', 'one').and_return('one') } + it { is_expected.to run.with_params('1.3e1', '1.4e0').and_return('1.4e0') } + it { is_expected.to run.with_params(1.3e1, 1.4e0).and_return(1.3e1) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/member_spec.rb b/modules/dependencies/stdlib/spec/functions/member_spec.rb new file mode 100755 index 000000000..527f887fa --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/member_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'member' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], [], []).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params([], '').and_return(false) } + it { is_expected.to run.with_params([], ['']).and_return(false) } + it { is_expected.to run.with_params([''], '').and_return(true) } + it { is_expected.to run.with_params([''], ['']).and_return(true) } + it { is_expected.to run.with_params([], 'one').and_return(false) } + it { is_expected.to run.with_params([], ['one']).and_return(false) } + it { is_expected.to run.with_params(['one'], 'one').and_return(true) } + it { is_expected.to run.with_params(['one'], ['one']).and_return(true) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'four'], ['four', 'two']).and_return(true) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'four'], ['four', 'five']).and_return(false) } +end diff --git a/modules/dependencies/stdlib/spec/functions/merge_spec.rb b/modules/dependencies/stdlib/spec/functions/merge_spec.rb new file mode 100755 index 000000000..7b53363ed --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/merge_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' + +describe 'merge' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params({}, 'two').and_raise_error(Puppet::ParseError, /unexpected argument type String/) } + it { is_expected.to run.with_params({}, 1).and_raise_error(Puppet::ParseError, /unexpected argument type Fixnum/) } + it { + pending 'should not special case this' + is_expected.to run.with_params({}).and_return({}) + } + it { is_expected.to run.with_params({}, {}).and_return({}) } + it { is_expected.to run.with_params({}, {}, {}).and_return({}) } + describe 'should accept empty strings as puppet undef' do + it { is_expected.to run.with_params({}, '').and_return({}) } + end + it { is_expected.to run.with_params({ 'key' => 'value' }, {}).and_return({ 'key' => 'value' }) } + it { is_expected.to run.with_params({}, { 'key' => 'value' }).and_return({ 'key' => 'value' }) } + it { is_expected.to run.with_params({ 'key' => 'value1' }, { 'key' => 'value2' }).and_return({ 'key' => 'value2' }) } + it { + is_expected.to run \ + .with_params({ 'key1' => 'value1' }, { 'key2' => 'value2' }, { 'key3' => 'value3' }) \ + .and_return({ 'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3' }) + } +end diff --git a/modules/dependencies/stdlib/spec/functions/min_spec.rb b/modules/dependencies/stdlib/spec/functions/min_spec.rb new file mode 100755 index 000000000..c840a72c9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/min_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'min' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_return(1) } + it { is_expected.to run.with_params(1, 2).and_return(1) } + it { is_expected.to run.with_params(1, 2, 3).and_return(1) } + it { is_expected.to run.with_params(3, 2, 1).and_return(1) } + it { is_expected.to run.with_params('one').and_return('one') } + it { is_expected.to run.with_params('one', 'two').and_return('one') } + it { is_expected.to run.with_params('one', 'two', 'three').and_return('one') } + it { is_expected.to run.with_params('three', 'two', 'one').and_return('one') } + + describe 'implementation artifacts' do + it { is_expected.to run.with_params(1, 'one').and_return(1) } + it { is_expected.to run.with_params('1', 'one').and_return('1') } + it { is_expected.to run.with_params('1.3e1', '1.4e0').and_return('1.3e1') } + it { is_expected.to run.with_params(1.3e1, 1.4e0).and_return(1.4e0) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/num2bool_spec.rb b/modules/dependencies/stdlib/spec/functions/num2bool_spec.rb new file mode 100755 index 000000000..494afff9f --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/num2bool_spec.rb @@ -0,0 +1,22 @@ +require 'spec_helper' + +describe 'num2bool' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1, 2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('abc').and_raise_error(Puppet::ParseError, /does not look like a number/) } + it { is_expected.to run.with_params(1).and_return(true) } + it { is_expected.to run.with_params('1').and_return(true) } + it { is_expected.to run.with_params(1.5).and_return(true) } + it { is_expected.to run.with_params('1.5').and_return(true) } + it { is_expected.to run.with_params(-1).and_return(false) } + it { is_expected.to run.with_params('-1').and_return(false) } + it { is_expected.to run.with_params(-1.5).and_return(false) } + it { is_expected.to run.with_params('-1.5').and_return(false) } + it { is_expected.to run.with_params(0).and_return(false) } + it { is_expected.to run.with_params('0').and_return(false) } + it { is_expected.to run.with_params([]).and_return(false) } + it { is_expected.to run.with_params('[]').and_raise_error(Puppet::ParseError, /does not look like a number/) } + it { is_expected.to run.with_params({}).and_return(false) } + it { is_expected.to run.with_params('{}').and_raise_error(Puppet::ParseError, /does not look like a number/) } +end diff --git a/modules/dependencies/stdlib/spec/functions/parsejson_spec.rb b/modules/dependencies/stdlib/spec/functions/parsejson_spec.rb new file mode 100755 index 000000000..a01f1f67b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/parsejson_spec.rb @@ -0,0 +1,64 @@ +require 'spec_helper' + +describe 'parsejson' do + it 'should exist' do + is_expected.not_to eq(nil) + end + + it 'should raise an error if called without any arguments' do + is_expected.to run.with_params(). + and_raise_error(/wrong number of arguments/i) + end + + context 'with correct JSON data' do + + it 'should be able to parse a JSON data with a Hash' do + is_expected.to run.with_params('{"a":"1","b":"2"}'). + and_return({'a'=>'1', 'b'=>'2'}) + end + + it 'should be able to parse a JSON data with an Array' do + is_expected.to run.with_params('["a","b","c"]'). + and_return(['a', 'b', 'c']) + end + + it 'should be able to parse empty JSON values' do + is_expected.to run.with_params('[]'). + and_return([]) + is_expected.to run.with_params('{}'). + and_return({}) + end + + it 'should be able to parse a JSON data with a mixed structure' do + is_expected.to run.with_params('{"a":"1","b":2,"c":{"d":[true,false]}}'). + and_return({'a' =>'1', 'b' => 2, 'c' => { 'd' => [true, false] } }) + end + + it 'should not return the default value if the data was parsed correctly' do + is_expected.to run.with_params('{"a":"1"}', 'default_value'). + and_return({'a' => '1'}) + end + + end + + context 'with incorrect JSON data' do + it 'should raise an error with invalid JSON and no default' do + is_expected.to run.with_params(''). + and_raise_error(PSON::ParserError) + end + + it 'should support a structure for a default value' do + is_expected.to run.with_params('', {'a' => '1'}). + and_return({'a' => '1'}) + end + + ['', 1, 1.2, nil, true, false, [], {}, :yaml].each do |value| + it "should return the default value for an incorrect #{value.inspect} (#{value.class}) parameter" do + is_expected.to run.with_params(value, 'default_value'). + and_return('default_value') + end + end + + end + +end diff --git a/modules/dependencies/stdlib/spec/functions/parseyaml_spec.rb b/modules/dependencies/stdlib/spec/functions/parseyaml_spec.rb new file mode 100755 index 000000000..fa947ca6a --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/parseyaml_spec.rb @@ -0,0 +1,81 @@ +require 'spec_helper' + +describe 'parseyaml' do + it 'should exist' do + is_expected.not_to eq(nil) + end + + it 'should raise an error if called without any arguments' do + is_expected.to run.with_params(). + and_raise_error(/wrong number of arguments/i) + end + + context 'with correct YAML data' do + it 'should be able to parse a YAML data with a String' do + is_expected.to run.with_params('--- just a string'). + and_return('just a string') + is_expected.to run.with_params('just a string'). + and_return('just a string') + end + + it 'should be able to parse a YAML data with a Hash' do + is_expected.to run.with_params("---\na: '1'\nb: '2'\n"). + and_return({'a' => '1', 'b' => '2'}) + end + + it 'should be able to parse a YAML data with an Array' do + is_expected.to run.with_params("---\n- a\n- b\n- c\n"). + and_return(['a', 'b', 'c']) + end + + it 'should be able to parse a YAML data with a mixed structure' do + is_expected.to run.with_params("---\na: '1'\nb: 2\nc:\n d:\n - :a\n - true\n - false\n"). + and_return({'a' => '1', 'b' => 2, 'c' => {'d' => [:a, true, false]}}) + end + + it 'should not return the default value if the data was parsed correctly' do + is_expected.to run.with_params("---\na: '1'\n", 'default_value'). + and_return({'a' => '1'}) + end + + end + + context 'on a modern ruby', :unless => RUBY_VERSION == '1.8.7' do + it 'should raise an error with invalid YAML and no default' do + is_expected.to run.with_params('["one"'). + and_raise_error(Psych::SyntaxError) + end + end + + context 'when running on ruby 1.8.7, which does not have Psych', :if => RUBY_VERSION == '1.8.7' do + it 'should raise an error with invalid YAML and no default' do + is_expected.to run.with_params('["one"'). + and_raise_error(ArgumentError) + end + end + + context 'with incorrect YAML data' do + it 'should support a structure for a default value' do + is_expected.to run.with_params('', {'a' => '1'}). + and_return({'a' => '1'}) + end + + [1, 1.2, nil, true, false, [], {}, :yaml].each do |value| + it "should return the default value for an incorrect #{value.inspect} (#{value.class}) parameter" do + is_expected.to run.with_params(value, 'default_value'). + and_return('default_value') + end + end + + context 'when running on modern rubies', :unless => RUBY_VERSION == '1.8.7' do + ['---', '...', '*8', ''].each do |value| + it "should return the default value for an incorrect #{value.inspect} string parameter" do + is_expected.to run.with_params(value, 'default_value'). + and_return('default_value') + end + end + end + + end + +end diff --git a/modules/dependencies/stdlib/spec/functions/pick_default_spec.rb b/modules/dependencies/stdlib/spec/functions/pick_default_spec.rb new file mode 100755 index 000000000..e2fc64a11 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/pick_default_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'pick_default' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::Error, /Must receive at least one argument/) } + + it { is_expected.to run.with_params('one', 'two').and_return('one') } + it { is_expected.to run.with_params('', 'two').and_return('two') } + it { is_expected.to run.with_params(:undef, 'two').and_return('two') } + it { is_expected.to run.with_params(:undefined, 'two').and_return('two') } + it { is_expected.to run.with_params(nil, 'two').and_return('two') } + + [ '', :undef, :undefined, nil, {}, [], 1, 'default' ].each do |value| + describe "when providing #{value.inspect} as default" do + it { is_expected.to run.with_params('one', value).and_return('one') } + it { is_expected.to run.with_params([], value).and_return([]) } + it { is_expected.to run.with_params({}, value).and_return({}) } + it { is_expected.to run.with_params(value, value).and_return(value) } + it { is_expected.to run.with_params(:undef, value).and_return(value) } + it { is_expected.to run.with_params(:undefined, value).and_return(value) } + it { is_expected.to run.with_params(nil, value).and_return(value) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/pick_spec.rb b/modules/dependencies/stdlib/spec/functions/pick_spec.rb new file mode 100755 index 000000000..2c7caa87e --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/pick_spec.rb @@ -0,0 +1,12 @@ +require 'spec_helper' + +describe 'pick' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /must receive at least one non empty value/) } + it { is_expected.to run.with_params('', nil, :undef, :undefined).and_raise_error(Puppet::ParseError, /must receive at least one non empty value/) } + it { is_expected.to run.with_params('one', 'two').and_return('one') } + it { is_expected.to run.with_params('', 'two').and_return('two') } + it { is_expected.to run.with_params(:undef, 'two').and_return('two') } + it { is_expected.to run.with_params(:undefined, 'two').and_return('two') } + it { is_expected.to run.with_params(nil, 'two').and_return('two') } +end diff --git a/modules/dependencies/stdlib/spec/functions/prefix_spec.rb b/modules/dependencies/stdlib/spec/functions/prefix_spec.rb new file mode 100755 index 000000000..37610221a --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/prefix_spec.rb @@ -0,0 +1,28 @@ +require 'spec_helper' + +describe 'prefix' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the second.") + is_expected.to run.with_params([], 'a', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /expected first argument to be an Array or a Hash/) } + it { is_expected.to run.with_params([], 2).and_raise_error(Puppet::ParseError, /expected second argument to be a String/) } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['one', 2]).and_return(['one', '2']) } + it { is_expected.to run.with_params([], '').and_return([]) } + it { is_expected.to run.with_params([''], '').and_return(['']) } + it { is_expected.to run.with_params(['one'], 'pre').and_return(['preone']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'pre').and_return(['preone', 'pretwo', 'prethree']) } + it { is_expected.to run.with_params({}).and_return({}) } + it { is_expected.to run.with_params({ 'key1' => 'value1', 2 => 3}).and_return({ 'key1' => 'value1', '2' => 3 }) } + it { is_expected.to run.with_params({}, '').and_return({}) } + it { is_expected.to run.with_params({ 'key' => 'value' }, '').and_return({ 'key' => 'value' }) } + it { is_expected.to run.with_params({ 'key' => 'value' }, 'pre').and_return({ 'prekey' => 'value' }) } + it { + is_expected.to run \ + .with_params({ 'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3' }, 'pre') \ + .and_return({ 'prekey1' => 'value1', 'prekey2' => 'value2', 'prekey3' => 'value3' }) + } +end diff --git a/modules/dependencies/stdlib/spec/functions/private_spec.rb b/modules/dependencies/stdlib/spec/functions/private_spec.rb new file mode 100644 index 000000000..a13be6439 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/private_spec.rb @@ -0,0 +1,56 @@ +require 'spec_helper' + +describe 'private' do + it 'should issue a warning' do + scope.expects(:warning).with("private() DEPRECATED: This function will cease to function on Puppet 4; please use assert_private() before upgrading to puppet 4 for backwards-compatibility, or migrate to the new parser's typing system.") + begin + subject.call [] + rescue + # ignore this + end + end + + context "when called from inside module" do + it "should not fail" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('foo') + expect { + subject.call [] + }.not_to raise_error + end + end + + context "with an explicit failure message" do + it "prints the failure message on error" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + expect { + subject.call ['failure message!'] + }.to raise_error Puppet::ParseError, /failure message!/ + end + end + + context "when called from private class" do + it "should fail with a class error message" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + scope.source.expects(:name).returns('foo::baz') + scope.source.expects(:type).returns('hostclass') + expect { + subject.call [] + }.to raise_error Puppet::ParseError, /Class foo::baz is private/ + end + end + + context "when called from private definition" do + it "should fail with a class error message" do + scope.expects(:lookupvar).with('module_name').returns('foo') + scope.expects(:lookupvar).with('caller_module_name').returns('bar') + scope.source.expects(:name).returns('foo::baz') + scope.source.expects(:type).returns('definition') + expect { + subject.call [] + }.to raise_error Puppet::ParseError, /Definition foo::baz is private/ + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/pw_hash_spec.rb b/modules/dependencies/stdlib/spec/functions/pw_hash_spec.rb new file mode 100644 index 000000000..df5348c90 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/pw_hash_spec.rb @@ -0,0 +1,69 @@ +require 'spec_helper' + +describe 'pw_hash' do + + it { is_expected.not_to eq(nil) } + + context 'when there are less than 3 arguments' do + it { is_expected.to run.with_params().and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('password').and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('password', 'sha-256').and_raise_error(ArgumentError, /wrong number of arguments/i) } + end + + context 'when there are more than 3 arguments' do + it { is_expected.to run.with_params('password', 'sha-256', 'salt', 'extra').and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('password', 'sha-256', 'salt', 'extra', 'extra').and_raise_error(ArgumentError, /wrong number of arguments/i) } + end + + context 'when the first argument is not a string' do + it { is_expected.to run.with_params([], 'sha-256', 'salt').and_raise_error(ArgumentError, /first argument must be a string/) } + it { is_expected.to run.with_params({}, 'sha-256', 'salt').and_raise_error(ArgumentError, /first argument must be a string/) } + it { is_expected.to run.with_params(1, 'sha-256', 'salt').and_raise_error(ArgumentError, /first argument must be a string/) } + it { is_expected.to run.with_params(true, 'sha-256', 'salt').and_raise_error(ArgumentError, /first argument must be a string/) } + end + + context 'when the first argument is undefined' do + it { is_expected.to run.with_params('', 'sha-256', 'salt').and_return(nil) } + it { is_expected.to run.with_params(nil, 'sha-256', 'salt').and_return(nil) } + end + + context 'when the second argument is not a string' do + it { is_expected.to run.with_params('password', [], 'salt').and_raise_error(ArgumentError, /second argument must be a string/) } + it { is_expected.to run.with_params('password', {}, 'salt').and_raise_error(ArgumentError, /second argument must be a string/) } + it { is_expected.to run.with_params('password', 1, 'salt').and_raise_error(ArgumentError, /second argument must be a string/) } + it { is_expected.to run.with_params('password', true, 'salt').and_raise_error(ArgumentError, /second argument must be a string/) } + end + + context 'when the second argument is not one of the supported hashing algorithms' do + it { is_expected.to run.with_params('password', 'no such algo', 'salt').and_raise_error(ArgumentError, /is not a valid hash type/) } + end + + context 'when the third argument is not a string' do + it { is_expected.to run.with_params('password', 'sha-256', []).and_raise_error(ArgumentError, /third argument must be a string/) } + it { is_expected.to run.with_params('password', 'sha-256', {}).and_raise_error(ArgumentError, /third argument must be a string/) } + it { is_expected.to run.with_params('password', 'sha-256', 1).and_raise_error(ArgumentError, /third argument must be a string/) } + it { is_expected.to run.with_params('password', 'sha-256', true).and_raise_error(ArgumentError, /third argument must be a string/) } + end + + context 'when the third argument is empty' do + it { is_expected.to run.with_params('password', 'sha-512', '').and_raise_error(ArgumentError, /third argument must not be empty/) } + end + + context 'when the third argument contains invalid characters' do + it { is_expected.to run.with_params('password', 'sha-512', 'one%').and_raise_error(ArgumentError, /characters in salt must be in the set/) } + end + + context 'when running on a platform with a weak String#crypt implementation' do + before(:each) { allow_any_instance_of(String).to receive(:crypt).with('$1$1').and_return('a bad hash') } + + it { is_expected.to run.with_params('password', 'sha-512', 'salt').and_raise_error(Puppet::ParseError, /system does not support enhanced salts/) } + end + + if RUBY_PLATFORM == 'java' or 'test'.crypt('$1$1') == '$1$1$Bp8CU9Oujr9SSEw53WV6G.' + describe "on systems with enhanced salts support" do + it { is_expected.to run.with_params('password', 'md5', 'salt').and_return('$1$salt$qJH7.N4xYta3aEG/dfqo/0') } + it { is_expected.to run.with_params('password', 'sha-256', 'salt').and_return('$5$salt$Gcm6FsVtF/Qa77ZKD.iwsJlCVPY0XSMgLJL0Hnww/c1') } + it { is_expected.to run.with_params('password', 'sha-512', 'salt').and_return('$6$salt$IxDD3jeSOb5eB1CX5LBsqZFVkJdido3OUILO5Ifz5iwMuTS4XMS130MTSuDDl3aCI6WouIL9AjRbLCelDCy.g.') } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/range_spec.rb b/modules/dependencies/stdlib/spec/functions/range_spec.rb new file mode 100755 index 000000000..492cad40b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/range_spec.rb @@ -0,0 +1,118 @@ +require 'spec_helper' + +describe 'range' do + it { is_expected.not_to eq(nil) } + + describe 'signature validation in puppet3', :unless => RSpec.configuration.puppet_future do + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the third.") + is_expected.to run.with_params(1, 2, 3, 4).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('1..2..3').and_raise_error(Puppet::ParseError, /Unable to compute range/i) } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /Unknown range format/i) } + end + + describe 'signature validation in puppet4', :if => RSpec.configuration.puppet_future do + it { pending "the puppet 4 implementation"; is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params('').and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params({}).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params([]).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(true).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(true).and_raise_error(ArgumentError) } + it { is_expected.to run.with_params(1, 2, 'foo').and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(1, 2, []).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(1, 2, {}).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(1, 2, true).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params(1, 2, 3, 4).and_raise_error(ArgumentError) } + it { pending "the puppet 4 implementation"; is_expected.to run.with_params('1..2..3').and_raise_error(ArgumentError) } + end + + context 'with characters as bounds' do + it { is_expected.to run.with_params('d', 'a').and_return([]) } + it { is_expected.to run.with_params('a', 'a').and_return(['a']) } + it { is_expected.to run.with_params('a', 'b').and_return(['a', 'b']) } + it { is_expected.to run.with_params('a', 'd').and_return(['a', 'b', 'c', 'd']) } + it { is_expected.to run.with_params('a', 'd', 1).and_return(['a', 'b', 'c', 'd']) } + it { is_expected.to run.with_params('a', 'd', '1').and_return(['a', 'b', 'c', 'd']) } + it { is_expected.to run.with_params('a', 'd', 2).and_return(['a', 'c']) } + it { is_expected.to run.with_params('a', 'd', -2).and_return(['a', 'c']) } + it { is_expected.to run.with_params('a', 'd', 3).and_return(['a', 'd']) } + it { is_expected.to run.with_params('a', 'd', 4).and_return(['a']) } + end + + context 'with strings as bounds' do + it { is_expected.to run.with_params('onea', 'oned').and_return(['onea', 'oneb', 'onec', 'oned']) } + it { is_expected.to run.with_params('two', 'one').and_return([]) } + it { is_expected.to run.with_params('true', 'false').and_return([]) } + it { is_expected.to run.with_params('false', 'true').and_return(['false']) } + end + + context 'with integers as bounds' do + it { is_expected.to run.with_params(4, 1).and_return([]) } + it { is_expected.to run.with_params(1, 1).and_return([1]) } + it { is_expected.to run.with_params(1, 2).and_return([1, 2]) } + it { is_expected.to run.with_params(1, 4).and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params(1, 4, 1).and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params(1, 4, '1').and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params(1, 4, 2).and_return([1, 3]) } + it { is_expected.to run.with_params(1, 4, -2).and_return([1, 3]) } + it { is_expected.to run.with_params(1, 4, 3).and_return([1, 4]) } + it { is_expected.to run.with_params(1, 4, 4).and_return([1]) } + end + + context 'with integers as strings as bounds' do + it { is_expected.to run.with_params('4', '1').and_return([]) } + it { is_expected.to run.with_params('1', '1').and_return([1]) } + it { is_expected.to run.with_params('1', '2').and_return([1, 2]) } + it { is_expected.to run.with_params('1', '4').and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params('1', '4', 1).and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params('1', '4', '1').and_return([1, 2, 3, 4]) } + it { is_expected.to run.with_params('1', '4', 2).and_return([1, 3]) } + it { is_expected.to run.with_params('1', '4', -2).and_return([1, 3]) } + it { is_expected.to run.with_params('1', '4', 3).and_return([1, 4]) } + it { is_expected.to run.with_params('1', '4', 4).and_return([1]) } + end + + context 'with prefixed numbers as strings as bounds' do + it { is_expected.to run.with_params('host01', 'host04').and_return(['host01', 'host02', 'host03', 'host04']) } + it { is_expected.to run.with_params('01', '04').and_return([1, 2, 3, 4]) } + end + + context 'with dash-range syntax' do + it { is_expected.to run.with_params('4-1').and_return([]) } + it { is_expected.to run.with_params('1-1').and_return([1]) } + it { is_expected.to run.with_params('1-2').and_return([1, 2]) } + it { is_expected.to run.with_params('1-4').and_return([1, 2, 3, 4]) } + end + + context 'with two-dot-range syntax' do + it { is_expected.to run.with_params('4..1').and_return([]) } + it { is_expected.to run.with_params('1..1').and_return([1]) } + it { is_expected.to run.with_params('1..2').and_return([1, 2]) } + it { is_expected.to run.with_params('1..4').and_return([1, 2, 3, 4]) } + end + + context 'with three-dot-range syntax' do + it { is_expected.to run.with_params('4...1').and_return([]) } + it { is_expected.to run.with_params('1...1').and_return([]) } + it { is_expected.to run.with_params('1...2').and_return([1]) } + it { is_expected.to run.with_params('1...3').and_return([1, 2]) } + it { is_expected.to run.with_params('1...5').and_return([1, 2, 3, 4]) } + end + + describe 'when passing mixed arguments as bounds' do + it { + pending('these bounds should not be allowed as ruby will OOM hard. e.g. `(\'host0\'..\'hosta\').to_a` has 3239930 elements on ruby 1.9, adding more \'0\'s and \'a\'s increases that exponentially') + is_expected.to run.with_params('0', 'a').and_raise_error(Puppet::ParseError, /cannot interpolate between numeric and non-numeric bounds/) + } + it { + pending('these bounds should not be allowed as ruby will OOM hard. e.g. `(\'host0\'..\'hosta\').to_a` has 3239930 elements on ruby 1.9, adding more \'0\'s and \'a\'s increases that exponentially') + is_expected.to run.with_params(0, 'a').and_raise_error(Puppet::ParseError, /cannot interpolate between numeric and non-numeric bounds/) + } + it { + pending('these bounds should not be allowed as ruby will OOM hard. e.g. `(\'host0\'..\'hosta\').to_a` has 3239930 elements on ruby 1.9, adding more \'0\'s and \'a\'s increases that exponentially') + is_expected.to run.with_params('h0', 'ha').and_raise_error(Puppet::ParseError, /cannot interpolate between numeric and non-numeric bounds/) + } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/reject_spec.rb b/modules/dependencies/stdlib/spec/functions/reject_spec.rb new file mode 100755 index 000000000..486305075 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/reject_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'reject' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([], 'pattern', 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + it { + pending("reject does not actually check this, and raises NoMethodError instead") + is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /first argument not an array/) + } + it { + pending("reject does not actually check this, and raises NoMethodError instead") + is_expected.to run.with_params(1, 'two').and_raise_error(Puppet::ParseError, /first argument not an array/) + } + it { is_expected.to run.with_params([], 'two').and_return([]) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'two').and_return(['one', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 't(wo|hree)').and_return(['one']) } +end diff --git a/modules/dependencies/stdlib/spec/functions/reverse_spec.rb b/modules/dependencies/stdlib/spec/functions/reverse_spec.rb new file mode 100755 index 000000000..e00dee92e --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/reverse_spec.rb @@ -0,0 +1,31 @@ +require 'spec_helper' + +describe 'reverse' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['a']).and_return(['a']) } + it { is_expected.to run.with_params(['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three']).and_return(['three', 'two', 'one']) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'four']).and_return(['four', 'three', 'two', 'one']) } + + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + it { is_expected.to run.with_params('abc').and_return('cba') } + it { is_expected.to run.with_params('abcd').and_return('dcba') } + + context 'when using a class extending String' do + it 'should call its reverse method' do + value = AlsoString.new('asdfghjkl') + value.expects(:reverse).returns('foo') + expect(subject).to run.with_params(value).and_return('foo') + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/rstrip_spec.rb b/modules/dependencies/stdlib/spec/functions/rstrip_spec.rb new file mode 100755 index 000000000..d2efac8ea --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/rstrip_spec.rb @@ -0,0 +1,34 @@ +require 'spec_helper' + +describe 'rstrip' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params("\t").and_return('') } + it { is_expected.to run.with_params("\t ").and_return('') } + it { is_expected.to run.with_params('one').and_return('one') } + it { is_expected.to run.with_params(' one').and_return(' one') } + it { is_expected.to run.with_params(' one').and_return(' one') } + it { is_expected.to run.with_params("\tone").and_return("\tone") } + it { is_expected.to run.with_params("\t one").and_return("\t one") } + it { is_expected.to run.with_params('one ').and_return('one') } + it { is_expected.to run.with_params(' one ').and_return(' one') } + it { is_expected.to run.with_params(' one ').and_return(' one') } + it { is_expected.to run.with_params("\tone ").and_return("\tone") } + it { is_expected.to run.with_params("\t one ").and_return("\t one") } + it { is_expected.to run.with_params("one\t").and_return('one') } + it { is_expected.to run.with_params(" one\t").and_return(' one') } + it { is_expected.to run.with_params(" one\t").and_return(' one') } + it { is_expected.to run.with_params("\tone\t").and_return("\tone") } + it { is_expected.to run.with_params("\t one\t").and_return("\t one") } + it { is_expected.to run.with_params(' o n e ').and_return(' o n e') } + it { is_expected.to run.with_params(AlsoString.new(' one ')).and_return(' one') } +end diff --git a/modules/dependencies/stdlib/spec/functions/seeded_rand_spec.rb b/modules/dependencies/stdlib/spec/functions/seeded_rand_spec.rb new file mode 100644 index 000000000..38e134eb8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/seeded_rand_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +describe 'seeded_rand' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_raise_error(ArgumentError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(0, '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(1.5, '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(-10, '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params("-10", '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params("string", '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params([], '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params({}, '').and_raise_error(ArgumentError, /first argument must be a positive integer/) } + it { is_expected.to run.with_params(1, 1).and_raise_error(ArgumentError, /second argument must be a string/) } + it { is_expected.to run.with_params(1, []).and_raise_error(ArgumentError, /second argument must be a string/) } + it { is_expected.to run.with_params(1, {}).and_raise_error(ArgumentError, /second argument must be a string/) } + + it "provides a random number strictly less than the given max" do + expect(seeded_rand(3, 'seed')).to satisfy {|n| n.to_i < 3 } + end + + it "provides a random number greater or equal to zero" do + expect(seeded_rand(3, 'seed')).to satisfy {|n| n.to_i >= 0 } + end + + it "provides the same 'random' value on subsequent calls for the same host" do + expect(seeded_rand(10, 'seed')).to eql(seeded_rand(10, 'seed')) + end + + it "allows seed to control the random value on a single host" do + first_random = seeded_rand(1000, 'seed1') + second_different_random = seeded_rand(1000, 'seed2') + + expect(first_random).not_to eql(second_different_random) + end + + it "should not return different values for different hosts" do + val1 = seeded_rand(1000, 'foo', :host => "first.host.com") + val2 = seeded_rand(1000, 'foo', :host => "second.host.com") + + expect(val1).to eql(val2) + end + + def seeded_rand(max, seed, args = {}) + host = args[:host] || '127.0.0.1' + + # workaround not being able to use let(:facts) because some tests need + # multiple different hostnames in one context + scope.stubs(:lookupvar).with("::fqdn", {}).returns(host) + + scope.function_seeded_rand([max, seed]) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/shuffle_spec.rb b/modules/dependencies/stdlib/spec/functions/shuffle_spec.rb new file mode 100755 index 000000000..ebc3a732d --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/shuffle_spec.rb @@ -0,0 +1,33 @@ +require 'spec_helper' + +describe 'shuffle' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + + context 'when running with a specific seed' do + # make tests deterministic + before(:each) { srand(2) } + + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['a']).and_return(['a']) } + it { is_expected.to run.with_params(['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one', 'two', 'three']).and_return(['two', 'one', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'four']).and_return(['four', 'three', 'two', 'one']) } + + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + it { is_expected.to run.with_params('abc').and_return('bac') } + it { is_expected.to run.with_params('abcd').and_return('dcba') } + + context 'when using a class extending String' do + it { is_expected.to run.with_params(AlsoString.new('asdfghjkl')).and_return('lkhdsfajg') } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/size_spec.rb b/modules/dependencies/stdlib/spec/functions/size_spec.rb new file mode 100755 index 000000000..c0047ee21 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/size_spec.rb @@ -0,0 +1,35 @@ +require 'spec_helper' + +describe 'size' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Unknown type given/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Unknown type given/) } + it { is_expected.to run.with_params('1').and_raise_error(Puppet::ParseError, /Requires either string, array or hash to work/) } + it { is_expected.to run.with_params('1.0').and_raise_error(Puppet::ParseError, /Requires either string, array or hash to work/) } + it { is_expected.to run.with_params([]).and_return(0) } + it { is_expected.to run.with_params(['a']).and_return(1) } + it { is_expected.to run.with_params(['one', 'two', 'three']).and_return(3) } + it { is_expected.to run.with_params(['one', 'two', 'three', 'four']).and_return(4) } + + it { is_expected.to run.with_params({}).and_return(0) } + it { is_expected.to run.with_params({'1' => '2'}).and_return(1) } + it { is_expected.to run.with_params({'1' => '2', '4' => '4'}).and_return(2) } + + it { is_expected.to run.with_params('').and_return(0) } + it { is_expected.to run.with_params('a').and_return(1) } + it { is_expected.to run.with_params('abc').and_return(3) } + it { is_expected.to run.with_params('abcd').and_return(4) } + + context 'when using a class extending String' do + it 'should call its size method' do + value = AlsoString.new('asdfghjkl') + value.expects(:size).returns('foo') + expect(subject).to run.with_params(value).and_return('foo') + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/sort_spec.rb b/modules/dependencies/stdlib/spec/functions/sort_spec.rb new file mode 100755 index 000000000..9abd039c1 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/sort_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'sort' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([], 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { pending('stricter input checking'); is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /requires string or array/) } + it { pending('stricter input checking'); is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /requires string or array/) } + it { pending('stricter input checking'); is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /requires string or array/) } + end + + context 'when called with an array' do + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['a']).and_return(['a']) } + it { is_expected.to run.with_params(['c', 'b', 'a']).and_return(['a', 'b', 'c']) } + end + + context 'when called with a string' do + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + it { is_expected.to run.with_params('cbda').and_return('abcd') } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/squeeze_spec.rb b/modules/dependencies/stdlib/spec/functions/squeeze_spec.rb new file mode 100755 index 000000000..7f09c30ff --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/squeeze_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper' + +describe 'squeeze' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_raise_error(NoMethodError) } + it { is_expected.to run.with_params({}).and_raise_error(NoMethodError) } + it { is_expected.to run.with_params(true).and_raise_error(NoMethodError) } + + context 'when squeezing a single string' do + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + it { is_expected.to run.with_params('aaaaaaaaa').and_return('a') } + it { is_expected.to run.with_params('aaaaaaaaa', 'a').and_return('a') } + it { is_expected.to run.with_params('aaaaaaaaabbbbbbbbbbcccccccccc', 'b-c').and_return('aaaaaaaaabc') } + end + + context 'when squeezing values in an array' do + it { + is_expected.to run \ + .with_params(['', 'a', 'aaaaaaaaa', 'aaaaaaaaabbbbbbbbbbcccccccccc']) \ + .and_return( ['', 'a', 'a', 'abc']) + } + it { + is_expected.to run \ + .with_params(['', 'a', 'aaaaaaaaa', 'aaaaaaaaabbbbbbbbbbcccccccccc'], 'a') \ + .and_return( ['', 'a', 'a', 'abbbbbbbbbbcccccccccc']) + } + it { + is_expected.to run \ + .with_params(['', 'a', 'aaaaaaaaa', 'aaaaaaaaabbbbbbbbbbcccccccccc'], 'b-c') \ + .and_return( ['', 'a', 'aaaaaaaaa', 'aaaaaaaaabc']) + } + end + + context 'when using a class extending String' do + it 'should call its squeeze method' do + value = AlsoString.new('aaaaaaaaa') + value.expects(:squeeze).returns('foo') + expect(subject).to run.with_params(value).and_return('foo') + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/str2bool_spec.rb b/modules/dependencies/stdlib/spec/functions/str2bool_spec.rb new file mode 100755 index 000000000..7d8c47c19 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/str2bool_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper' + +describe 'str2bool' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('true', 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /Unknown type of boolean given/) } + + describe 'when testing values that mean "true"' do + [ 'TRUE','1', 't', 'y', 'true', 'yes', true ].each do |value| + it { is_expected.to run.with_params(value).and_return(true) } + end + end + + describe 'when testing values that mean "false"' do + [ 'FALSE','', '0', 'f', 'n', 'false', 'no', false, 'undef', 'undefined' ].each do |value| + it { is_expected.to run.with_params(value).and_return(false) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/str2saltedsha512_spec.rb b/modules/dependencies/stdlib/spec/functions/str2saltedsha512_spec.rb new file mode 100755 index 000000000..2e1e818b5 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/str2saltedsha512_spec.rb @@ -0,0 +1,17 @@ +require 'spec_helper' + +describe 'str2saltedsha512' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('password', 2).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires a String argument/) } + + context 'when running with a specific seed' do + # make tests deterministic + before(:each) { srand(2) } + + it { is_expected.to run.with_params('').and_return('0f8a612f4eeed08e47b3875d00f33c5688f7926298f2d9b5fe19d1323f910bc78b6f7b5892596d2fabaa65e7a8d99b3768c102610cf0432c4827eee01f09451e3fae4f7a') } + it { is_expected.to run.with_params('password').and_return('0f8a612f43134376566c5707718d600effcfb17581fc9d3fa64d7f447dfda317c174ffdb498d2c5bd5c2075dab41c9d7ada5afbdc6b55354980eb5ba61802371e6b64956') } + it { is_expected.to run.with_params('verylongpassword').and_return('0f8a612f7a448537540e062daa8621f9bae326ca8ccb899e1bdb10e7c218cebfceae2530b856662565fdc4d81e986fc50cfbbc46d50436610ed9429ff5e43f2c45b5d039') } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/strftime_spec.rb b/modules/dependencies/stdlib/spec/functions/strftime_spec.rb new file mode 100755 index 000000000..e76774aa3 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/strftime_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper' + +describe 'strftime' do + it "should exist" do + expect(Puppet::Parser::Functions.function("strftime")).to eq("function_strftime") + end + + it "should raise a ParseError if there is less than 1 arguments" do + expect { scope.function_strftime([]) }.to( raise_error(Puppet::ParseError)) + end + + it "using %s should be higher then when I wrote this test" do + result = scope.function_strftime(["%s"]) + expect(result.to_i).to(be > 1311953157) + end + + it "using %s should be lower then 1.5 trillion" do + result = scope.function_strftime(["%s"]) + expect(result.to_i).to(be < 1500000000) + end + + it "should return a date when given %Y-%m-%d" do + result = scope.function_strftime(["%Y-%m-%d"]) + expect(result).to match(/^\d{4}-\d{2}-\d{2}$/) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/strip_spec.rb b/modules/dependencies/stdlib/spec/functions/strip_spec.rb new file mode 100755 index 000000000..689b6dd0c --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/strip_spec.rb @@ -0,0 +1,34 @@ +require 'spec_helper' + +describe 'strip' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work with/) } + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params(' ').and_return('') } + it { is_expected.to run.with_params("\t").and_return('') } + it { is_expected.to run.with_params("\t ").and_return('') } + it { is_expected.to run.with_params('one').and_return('one') } + it { is_expected.to run.with_params(' one').and_return('one') } + it { is_expected.to run.with_params(' one').and_return('one') } + it { is_expected.to run.with_params("\tone").and_return('one') } + it { is_expected.to run.with_params("\t one").and_return('one') } + it { is_expected.to run.with_params('one ').and_return('one') } + it { is_expected.to run.with_params(' one ').and_return('one') } + it { is_expected.to run.with_params(' one ').and_return('one') } + it { is_expected.to run.with_params("\tone ").and_return('one') } + it { is_expected.to run.with_params("\t one ").and_return('one') } + it { is_expected.to run.with_params("one \t").and_return('one') } + it { is_expected.to run.with_params(" one \t").and_return('one') } + it { is_expected.to run.with_params(" one \t").and_return('one') } + it { is_expected.to run.with_params("\tone \t").and_return('one') } + it { is_expected.to run.with_params("\t one \t").and_return('one') } + it { is_expected.to run.with_params(' o n e ').and_return('o n e') } + it { is_expected.to run.with_params(AlsoString.new(' one ')).and_return('one') } +end diff --git a/modules/dependencies/stdlib/spec/functions/suffix_spec.rb b/modules/dependencies/stdlib/spec/functions/suffix_spec.rb new file mode 100755 index 000000000..b48a4ebf6 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/suffix_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper' + +describe 'suffix' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the second.") + is_expected.to run.with_params([], 'a', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /expected first argument to be an Array/) } + it { is_expected.to run.with_params([], 2).and_raise_error(Puppet::ParseError, /expected second argument to be a String/) } + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['one', 2]).and_return(['one', '2']) } + it { is_expected.to run.with_params([], '').and_return([]) } + it { is_expected.to run.with_params([''], '').and_return(['']) } + it { is_expected.to run.with_params(['one'], 'post').and_return(['onepost']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], 'post').and_return(['onepost', 'twopost', 'threepost']) } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run.with_params({}).and_return({}) + } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run.with_params({ 'key1' => 'value1', 2 => 3}).and_return({ 'key1' => 'value1', '2' => 3 }) + } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run.with_params({}, '').and_return({}) + } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run.with_params({ 'key' => 'value' }, '').and_return({ 'key' => 'value' }) + } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run.with_params({ 'key' => 'value' }, 'post').and_return({ 'keypost' => 'value' }) + } + it { + pending("implementation of Hash functionality matching prefix") + is_expected.to run \ + .with_params({ 'key1' => 'value1', 'key2' => 'value2', 'key3' => 'value3' }, 'pre') \ + .and_return({ 'key1post' => 'value1', 'key2post' => 'value2', 'key3post' => 'value3' }) + } +end diff --git a/modules/dependencies/stdlib/spec/functions/swapcase_spec.rb b/modules/dependencies/stdlib/spec/functions/swapcase_spec.rb new file mode 100755 index 000000000..c175a1588 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/swapcase_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'swapcase' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('a', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + describe 'with strings as inputs' do + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('one').and_return('ONE') } + it { is_expected.to run.with_params('ONE').and_return('one') } + it { is_expected.to run.with_params('oNe').and_return('OnE') } + end + describe 'with arrays as inputs' do + it { is_expected.to run.with_params([]).and_return([]) } + describe 'only containing strings' do + it { is_expected.to run.with_params(['']).and_return(['']) } + it { is_expected.to run.with_params(['one']).and_return(['ONE']) } + it { is_expected.to run.with_params(['ONE']).and_return(['one']) } + it { is_expected.to run.with_params(['oNe']).and_return(['OnE']) } + it { is_expected.to run.with_params(['one', 'ONE']).and_return(['ONE', 'one']) } + it { is_expected.to run.with_params(['ONE', 'OnE']).and_return(['one', 'oNe']) } + it { is_expected.to run.with_params(['oNe', 'one']).and_return(['OnE', 'ONE']) } + end + describe 'containing mixed types' do + it { is_expected.to run.with_params(['OnE', {}]).and_return(['oNe', {}]) } + it { is_expected.to run.with_params(['OnE', 1]).and_return(['oNe', 1]) } + it { is_expected.to run.with_params(['OnE', []]).and_return(['oNe', []]) } + it { is_expected.to run.with_params(['OnE', ['two']]).and_return(['oNe', ['two']]) } + end + end + it "should accept objects which extend String" do + is_expected.to run.with_params(AlsoString.new("OnE")).and_return('oNe') + end +end diff --git a/modules/dependencies/stdlib/spec/functions/time_spec.rb b/modules/dependencies/stdlib/spec/functions/time_spec.rb new file mode 100755 index 000000000..d157939e9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/time_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'time' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params('a', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + context 'when running at a specific time' do + before(:each) { + # get a value before stubbing the function + test_time = Time.utc(2006, 10, 13, 8, 15, 11) + Time.expects(:new).with().returns(test_time).once + } + it { is_expected.to run.with_params().and_return(1160727311) } + it { is_expected.to run.with_params('').and_return(1160727311) } + it { is_expected.to run.with_params([]).and_return(1160727311) } + it { is_expected.to run.with_params({}).and_return(1160727311) } + it { is_expected.to run.with_params('foo').and_return(1160727311) } + it { is_expected.to run.with_params('UTC').and_return(1160727311) } + it { is_expected.to run.with_params('America/New_York').and_return(1160727311) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/to_bytes_spec.rb b/modules/dependencies/stdlib/spec/functions/to_bytes_spec.rb new file mode 100755 index 000000000..2be23ff2d --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/to_bytes_spec.rb @@ -0,0 +1,72 @@ +require 'spec_helper' + +describe 'to_bytes' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('1', 'extras').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([]).and_raise_error(TypeError, /(can't convert|no implicit conversion of) Array (in)?to String/) } + it { is_expected.to run.with_params({}).and_raise_error(TypeError, /(can't convert|no implicit conversion of) Hash (in)?to String/) } + it { is_expected.to run.with_params(true).and_raise_error(TypeError, /(can't convert|no implicit conversion of) (TrueClass|true) (in)?to String/) } + + describe 'when passing numbers' do + it { is_expected.to run.with_params(0).and_return(0) } + it { is_expected.to run.with_params(1).and_return(1) } + it { is_expected.to run.with_params(-1).and_return(-1) } + it { is_expected.to run.with_params(1.1).and_return(1.1) } + it { is_expected.to run.with_params(-1.1).and_return(-1.1) } + end + + describe 'when passing numbers as strings' do + describe 'without a unit' do + it { is_expected.to run.with_params('1').and_return(1) } + it { is_expected.to run.with_params('-1').and_return(-1) } + # these are so wrong + it { is_expected.to run.with_params('1.1').and_return(1) } + it { is_expected.to run.with_params('-1.1').and_return(-1) } + end + + describe 'with a unit' do + it { is_expected.to run.with_params('1k').and_return(1024) } + it { is_expected.to run.with_params('-1kB').and_return(-1024) } + it { is_expected.to run.with_params('1k').and_return(1024) } + it { is_expected.to run.with_params('1M').and_return(1024*1024) } + it { is_expected.to run.with_params('1G').and_return(1024*1024*1024) } + it { is_expected.to run.with_params('1T').and_return(1024*1024*1024*1024) } + it { is_expected.to run.with_params('1P').and_return(1024*1024*1024*1024*1024) } + it { is_expected.to run.with_params('1E').and_return(1024*1024*1024*1024*1024*1024) } + it { is_expected.to run.with_params('1.5e3M').and_return(1572864000) } + + it { is_expected.to run.with_params('4k').and_return(4*1024) } + it { is_expected.to run.with_params('-4kB').and_return(4*-1024) } + it { is_expected.to run.with_params('4k').and_return(4*1024) } + it { is_expected.to run.with_params('4M').and_return(4*1024*1024) } + it { is_expected.to run.with_params('4G').and_return(4*1024*1024*1024) } + it { is_expected.to run.with_params('4T').and_return(4*1024*1024*1024*1024) } + it { is_expected.to run.with_params('4P').and_return(4*1024*1024*1024*1024*1024) } + it { is_expected.to run.with_params('4E').and_return(4*1024*1024*1024*1024*1024*1024) } + + # these are so wrong + it { is_expected.to run.with_params('1.0001 k').and_return(1024) } + it { is_expected.to run.with_params('-1.0001 kB').and_return(-1024) } + end + + describe 'with a unknown unit' do + it { is_expected.to run.with_params('1KB').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + it { is_expected.to run.with_params('1K').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + it { is_expected.to run.with_params('1mb').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + it { is_expected.to run.with_params('1m').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + it { is_expected.to run.with_params('1%').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + it { is_expected.to run.with_params('1 p').and_raise_error(Puppet::ParseError, /Unknown prefix/) } + end + end + + # these are so wrong + describe 'when passing random stuff' do + it { is_expected.to run.with_params('-1....1').and_return(-1) } + it { is_expected.to run.with_params('-1.e.e.e.1').and_return(-1) } + it { is_expected.to run.with_params('-1+1').and_return(-1) } + it { is_expected.to run.with_params('1-1').and_return(1) } + it { is_expected.to run.with_params('1 kaboom').and_return(1024) } + it { is_expected.to run.with_params('kaboom').and_return(0) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/try_get_value_spec.rb b/modules/dependencies/stdlib/spec/functions/try_get_value_spec.rb new file mode 100644 index 000000000..38c0efdd2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/try_get_value_spec.rb @@ -0,0 +1,100 @@ +require 'spec_helper' + +describe 'try_get_value' do + + let(:data) do + { + 'a' => { + 'g' => '2', + 'e' => [ + 'f0', + 'f1', + { + 'x' => { + 'y' => 'z' + } + }, + 'f3', + ] + }, + 'b' => true, + 'c' => false, + 'd' => '1', + } + end + + context 'single values' do + it 'should exist' do + is_expected.not_to eq(nil) + end + + it 'should be able to return a single value' do + is_expected.to run.with_params('test').and_return('test') + end + + it 'should use the default value if data is a single value and path is present' do + is_expected.to run.with_params('test', 'path', 'default').and_return('default') + end + + it 'should return default if there is no data' do + is_expected.to run.with_params(nil, nil, 'default').and_return('default') + end + + it 'should be able to use data structures as default values' do + is_expected.to run.with_params('test', 'path', data).and_return(data) + end + end + + context 'structure values' do + it 'should be able to extracts a single hash value' do + is_expected.to run.with_params(data, 'd', 'default').and_return('1') + end + + it 'should be able to extract a deeply nested hash value' do + is_expected.to run.with_params(data, 'a/g', 'default').and_return('2') + end + + it 'should return the default value if the path is not found' do + is_expected.to run.with_params(data, 'missing', 'default').and_return('default') + end + + it 'should return the default value if the path is too long' do + is_expected.to run.with_params(data, 'a/g/c/d', 'default').and_return('default') + end + + it 'should support an array index in the path' do + is_expected.to run.with_params(data, 'a/e/1', 'default').and_return('f1') + end + + it 'should return the default value if an array index is not a number' do + is_expected.to run.with_params(data, 'a/b/c', 'default').and_return('default') + end + + it 'should return the default value if and index is out of array length' do + is_expected.to run.with_params(data, 'a/e/5', 'default').and_return('default') + end + + it 'should be able to path though both arrays and hashes' do + is_expected.to run.with_params(data, 'a/e/2/x/y', 'default').and_return('z') + end + + it 'should be able to return "true" value' do + is_expected.to run.with_params(data, 'b', 'default').and_return(true) + is_expected.to run.with_params(data, 'm', true).and_return(true) + end + + it 'should be able to return "false" value' do + is_expected.to run.with_params(data, 'c', 'default').and_return(false) + is_expected.to run.with_params(data, 'm', false).and_return(false) + end + + it 'should return "nil" if value is not found and no default value is provided' do + is_expected.to run.with_params(data, 'a/1').and_return(nil) + end + + it 'should be able to use a custom path separator' do + is_expected.to run.with_params(data, 'a::g', 'default', '::').and_return('2') + is_expected.to run.with_params(data, 'a::c', 'default', '::').and_return('default') + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/type3x_spec.rb b/modules/dependencies/stdlib/spec/functions/type3x_spec.rb new file mode 100644 index 000000000..c3eb1deee --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/type3x_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe 'type3x' do + it "should exist" do + expect(Puppet::Parser::Functions.function("type3x")).to eq("function_type3x") + end + + it "should raise a ParseError if there is less than 1 arguments" do + expect { scope.function_type3x([]) }.to( raise_error(Puppet::ParseError)) + end + + it "should return string when given a string" do + result = scope.function_type3x(["aaabbbbcccc"]) + expect(result).to(eq('string')) + end + + it "should return array when given an array" do + result = scope.function_type3x([["aaabbbbcccc","asdf"]]) + expect(result).to(eq('array')) + end + + it "should return hash when given a hash" do + result = scope.function_type3x([{"a"=>1,"b"=>2}]) + expect(result).to(eq('hash')) + end + + it "should return integer when given an integer" do + result = scope.function_type3x(["1"]) + expect(result).to(eq('integer')) + end + + it "should return float when given a float" do + result = scope.function_type3x(["1.34"]) + expect(result).to(eq('float')) + end + + it "should return boolean when given a boolean" do + result = scope.function_type3x([true]) + expect(result).to(eq('boolean')) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/type_of_spec.rb b/modules/dependencies/stdlib/spec/functions/type_of_spec.rb new file mode 100644 index 000000000..cc9ef781c --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/type_of_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' + +if ENV["FUTURE_PARSER"] == 'yes' + describe 'type_of' do + pending 'teach rspec-puppet to load future-only functions under 3.7.5' do + it { is_expected.not_to eq(nil) } + end + end +end + +if Puppet.version.to_f >= 4.0 + describe 'type_of' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(ArgumentError) } + it { is_expected.to run.with_params('', '').and_raise_error(ArgumentError) } + + it 'gives the type of a string' do + expect(subject.call({}, 'hello world')).to be_kind_of(Puppet::Pops::Types::PStringType) + end + + it 'gives the type of an integer' do + expect(subject.call({}, 5)).to be_kind_of(Puppet::Pops::Types::PIntegerType) + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/type_spec.rb b/modules/dependencies/stdlib/spec/functions/type_spec.rb new file mode 100755 index 000000000..4288df09b --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/type_spec.rb @@ -0,0 +1,42 @@ +require 'spec_helper' + +describe 'type' do + it "should exist" do + expect(Puppet::Parser::Functions.function("type")).to eq("function_type") + end + + it "should give a deprecation warning when called" do + scope.expects(:warning).with("type() DEPRECATED: This function will cease to function on Puppet 4; please use type3x() before upgrading to puppet 4 for backwards-compatibility, or migrate to the new parser's typing system.") + scope.function_type(["aoeu"]) + end + + it "should return string when given a string" do + result = scope.function_type(["aaabbbbcccc"]) + expect(result).to(eq('string')) + end + + it "should return array when given an array" do + result = scope.function_type([["aaabbbbcccc","asdf"]]) + expect(result).to(eq('array')) + end + + it "should return hash when given a hash" do + result = scope.function_type([{"a"=>1,"b"=>2}]) + expect(result).to(eq('hash')) + end + + it "should return integer when given an integer" do + result = scope.function_type(["1"]) + expect(result).to(eq('integer')) + end + + it "should return float when given a float" do + result = scope.function_type(["1.34"]) + expect(result).to(eq('float')) + end + + it "should return boolean when given a boolean" do + result = scope.function_type([true]) + expect(result).to(eq('boolean')) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/union_spec.rb b/modules/dependencies/stdlib/spec/functions/union_spec.rb new file mode 100755 index 000000000..cfd38b602 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/union_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'union' do + describe 'argument checking' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one', []).and_raise_error(Puppet::ParseError, /Every parameter must be an array/) } + it { is_expected.to run.with_params([], 'two').and_raise_error(Puppet::ParseError, /Every parameter must be an array/) } + it { is_expected.to run.with_params({}, {}).and_raise_error(Puppet::ParseError, /Every parameter must be an array/) } + end + + it { is_expected.to run.with_params([], []).and_return([]) } + it { is_expected.to run.with_params([], ['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one'], []).and_return(['one']) } + it { is_expected.to run.with_params(['one'], ['one']).and_return(['one']) } + it { is_expected.to run.with_params(['one'], ['two']).and_return(['one', 'two']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'three']).and_return(['one', 'two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'two', 'three'], ['two', 'three']).and_return(['one', 'two', 'three']) } + it { is_expected.to run.with_params(['one', 'two', 'three'], ['two', 'two', 'three']).and_return(['one', 'two', 'three']) } + it { is_expected.to run.with_params(['one', 'two'], ['two', 'three'], ['one', 'three']).and_return(['one', 'two', 'three']) } + it { is_expected.to run.with_params(['one', 'two'], ['three', 'four'], ['one', 'two', 'three'], ['four']).and_return(['one', 'two', 'three', 'four']) } + it 'should not confuse types' do is_expected.to run.with_params(['1', '2', '3'], [1, 2]).and_return(['1', '2', '3', 1, 2]) end +end diff --git a/modules/dependencies/stdlib/spec/functions/unique_spec.rb b/modules/dependencies/stdlib/spec/functions/unique_spec.rb new file mode 100755 index 000000000..24257a018 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/unique_spec.rb @@ -0,0 +1,27 @@ +require 'spec_helper' + +describe 'unique' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params([], 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + end + + context 'when called with an array' do + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(['a']).and_return(['a']) } + it { is_expected.to run.with_params(['a', 'b', 'a']).and_return(['a', 'b']) } + end + + context 'when called with a string' do + it { is_expected.to run.with_params('').and_return('') } + it { is_expected.to run.with_params('a').and_return('a') } + it { is_expected.to run.with_params('aaba').and_return('ab') } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/unix2dos_spec.rb b/modules/dependencies/stdlib/spec/functions/unix2dos_spec.rb new file mode 100644 index 000000000..8537a26fa --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/unix2dos_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'unix2dos' do + context 'Checking parameter validity' do + it { is_expected.not_to eq(nil) } + it do + is_expected.to run.with_params.and_raise_error(ArgumentError, /Wrong number of arguments/) + end + it do + is_expected.to run.with_params('one', 'two').and_raise_error(ArgumentError, /Wrong number of arguments/) + end + it do + is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError) + end + it do + is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError) + end + it do + is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError) + end + end + + context 'Converting from unix to dos format' do + sample_text = "Hello\nWorld\n" + desired_output = "Hello\r\nWorld\r\n" + + it 'should output dos format' do + should run.with_params(sample_text).and_return(desired_output) + end + end + + context 'Converting from dos to dos format' do + sample_text = "Hello\r\nWorld\r\n" + desired_output = "Hello\r\nWorld\r\n" + + it 'should output dos format' do + should run.with_params(sample_text).and_return(desired_output) + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/upcase_spec.rb b/modules/dependencies/stdlib/spec/functions/upcase_spec.rb new file mode 100755 index 000000000..3b7b02d47 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/upcase_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper' + +describe 'upcase' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires an array, hash or object that responds to upcase/) } + it { is_expected.to run.with_params([1]).and_raise_error(Puppet::ParseError, /Requires an array, hash or object that responds to upcase/) } + end + + describe 'normal string handling' do + it { is_expected.to run.with_params("abc").and_return("ABC") } + it { is_expected.to run.with_params("Abc").and_return("ABC") } + it { is_expected.to run.with_params("ABC").and_return("ABC") } + end + + describe 'handling classes derived from String' do + it { is_expected.to run.with_params(AlsoString.new("ABC")).and_return("ABC") } + end + + describe 'strings in arrays handling' do + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(["One", "twO"]).and_return(["ONE", "TWO"]) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/uriescape_spec.rb b/modules/dependencies/stdlib/spec/functions/uriescape_spec.rb new file mode 100755 index 000000000..f05ec088c --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/uriescape_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper' + +describe 'uriescape' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /Requires either array or string to work/) } + end + + describe 'handling normal strings' do + it 'should call ruby\'s URI.escape function' do + URI.expects(:escape).with('uri_string').returns('escaped_uri_string').once + is_expected.to run.with_params('uri_string').and_return('escaped_uri_string') + end + end + + describe 'handling classes derived from String' do + it 'should call ruby\'s URI.escape function' do + uri_string = AlsoString.new('uri_string') + URI.expects(:escape).with(uri_string).returns('escaped_uri_string').once + is_expected.to run.with_params(uri_string).and_return("escaped_uri_string") + end + end + + describe 'strings in arrays handling' do + it { is_expected.to run.with_params([]).and_return([]) } + it { is_expected.to run.with_params(["one}", "two"]).and_return(["one%7D", "two"]) } + it { is_expected.to run.with_params(["one}", 1, true, {}, "two"]).and_return(["one%7D", 1, true, {}, "two"]) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_absolute_path_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_absolute_path_spec.rb new file mode 100755 index 000000000..4a8404d81 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_absolute_path_spec.rb @@ -0,0 +1,62 @@ +require 'spec_helper' + +describe 'validate_absolute_path' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + end + + describe "valid paths handling" do + %w{ + C:/ + C:\\ + C:\\WINDOWS\\System32 + C:/windows/system32 + X:/foo/bar + X:\\foo\\bar + \\\\host\\windows + //host/windows + / + /var/tmp + /var/opt/../lib/puppet + }.each do |path| + it { is_expected.to run.with_params(path) } + it { is_expected.to run.with_params(['/tmp', path]) } + end + end + + describe 'invalid path handling' do + context 'garbage inputs' do + [ + nil, + [ nil ], + [ nil, nil ], + { 'foo' => 'bar' }, + { }, + '', + ].each do |path| + it { is_expected.to run.with_params(path).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + it { is_expected.to run.with_params([path]).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + it { is_expected.to run.with_params(['/tmp', path]).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + end + end + + context 'relative paths' do + %w{ + relative1 + . + .. + ./foo + ../foo + etc/puppetlabs/puppet + opt/puppet/bin + relative\\windows + }.each do |path| + it { is_expected.to run.with_params(path).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + it { is_expected.to run.with_params([path]).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + it { is_expected.to run.with_params(['/tmp', path]).and_raise_error(Puppet::ParseError, /is not an absolute path/) } + end + end + end +end + diff --git a/modules/dependencies/stdlib/spec/functions/validate_array_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_array_spec.rb new file mode 100755 index 000000000..4ee7754f8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_array_spec.rb @@ -0,0 +1,27 @@ +require 'spec_helper' + +describe 'validate_array' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params([]) } + it { is_expected.to run.with_params(['one']) } + it { is_expected.to run.with_params([], ['two']) } + it { is_expected.to run.with_params(['one'], ['two']) } + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params([], {}).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params([], 1).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params([], true).and_raise_error(Puppet::ParseError, /is not an Array/) } + it { is_expected.to run.with_params([], 'one').and_raise_error(Puppet::ParseError, /is not an Array/) } + end + end +end + diff --git a/modules/dependencies/stdlib/spec/functions/validate_augeas_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_augeas_spec.rb new file mode 100755 index 000000000..4236649d6 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_augeas_spec.rb @@ -0,0 +1,75 @@ +require 'spec_helper' + +describe 'validate_augeas' do + unless Puppet.features.augeas? + skip "ruby-augeas not installed" + else + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '', [], '', 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('one', 'one', 'MSG to User', '4th arg').and_raise_error(NoMethodError) } + end + + describe 'valid inputs' do + inputs = [ + [ "root:x:0:0:root:/root:/bin/bash\n", 'Passwd.lns' ], + [ "proc /proc proc nodev,noexec,nosuid 0 0\n", 'Fstab.lns'], + ] + + inputs.each do |input| + it { is_expected.to run.with_params(*input) } + end + end + + describe 'valid inputs which fail augeas validation' do + # The intent here is to make sure valid inputs raise exceptions when they + # don't specify an error message to display. This is the behvior in + # 2.2.x and prior. + inputs = [ + [ "root:x:0:0:root\n", 'Passwd.lns' ], + [ "127.0.1.1\n", 'Hosts.lns' ], + ] + + inputs.each do |input| + it { is_expected.to run.with_params(*input).and_raise_error(Puppet::ParseError, /validate_augeas.*?matched less than it should/) } + end + end + + describe "when specifying nice error messages" do + # The intent here is to make sure the function returns the 4th argument + # in the exception thrown + inputs = [ + [ "root:x:0:0:root\n", 'Passwd.lns', [], 'Failed to validate passwd content' ], + [ "127.0.1.1\n", 'Hosts.lns', [], 'Wrong hosts content' ], + ] + + inputs.each do |input| + it { is_expected.to run.with_params(*input).and_raise_error(Puppet::ParseError, /#{input[3]}/) } + end + end + + describe "matching additional tests" do + inputs = [ + [ "root:x:0:0:root:/root:/bin/bash\n", 'Passwd.lns', ['$file/foobar']], + [ "root:x:0:0:root:/root:/bin/bash\n", 'Passwd.lns', ['$file/root/shell[.="/bin/sh"]', 'foobar']], + ] + + inputs.each do |input| + it { is_expected.to run.with_params(*input) } + end + end + + describe "failing additional tests" do + inputs = [ + [ "foobar:x:0:0:root:/root:/bin/bash\n", 'Passwd.lns', ['$file/foobar']], + [ "root:x:0:0:root:/root:/bin/sh\n", 'Passwd.lns', ['$file/root/shell[.="/bin/sh"]', 'foobar']], + ] + + inputs.each do |input| + it { is_expected.to run.with_params(*input).and_raise_error(Puppet::ParseError, /testing path/) } + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_bool_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_bool_spec.rb new file mode 100755 index 000000000..d9cdf572e --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_bool_spec.rb @@ -0,0 +1,25 @@ +require 'spec_helper' + +describe 'validate_bool' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + end + + describe 'acceptable values' do + it { is_expected.to run.with_params(true) } + it { is_expected.to run.with_params(false) } + it { is_expected.to run.with_params(true, false, false, true) } + end + + describe 'validation failures' do + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params(true, 'one').and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params('one', false).and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params("true").and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params("false").and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params(true, "false").and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params("true", false).and_raise_error(Puppet::ParseError, /is not a boolean/) } + it { is_expected.to run.with_params("true", false, false, false, false, false).and_raise_error(Puppet::ParseError, /is not a boolean/) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_cmd_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_cmd_spec.rb new file mode 100755 index 000000000..ab0cbc9a7 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_cmd_spec.rb @@ -0,0 +1,35 @@ +require 'spec_helper' + +describe 'validate_cmd' do + let(:touch) { File.exists?('/usr/bin/touch') ? '/usr/bin/touch' : '/bin/touch' } + + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '', '', 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params([], '', '').and_raise_error(Puppet::ParseError, /content must be a string/) + } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params('', [], '').and_raise_error(Puppet::ParseError, /checkscript must be a string/) + } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params('', '', []).and_raise_error(Puppet::ParseError, /custom error message must be a string/) + } + end + + context 'when validation fails' do + context 'with % placeholder' do + it { is_expected.to run.with_params('', "#{touch} % /no/such/file").and_raise_error(Puppet::ParseError, /Execution of '#{touch} \S+ \/no\/such\/file' returned 1:.*(cannot touch|o such file or)/) } + it { is_expected.to run.with_params('', "#{touch} % /no/such/file", 'custom error').and_raise_error(Puppet::ParseError, /custom error/) } + end + context 'without % placeholder' do + it { is_expected.to run.with_params('', "#{touch} /no/such/file").and_raise_error(Puppet::ParseError, /Execution of '#{touch} \/no\/such\/file \S+' returned 1:.*(cannot touch|o such file or)/) } + it { is_expected.to run.with_params('', "#{touch} /no/such/file", 'custom error').and_raise_error(Puppet::ParseError, /custom error/) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_hash_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_hash_spec.rb new file mode 100755 index 000000000..2e8e59fb8 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_hash_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper' + +describe 'validate_hash' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params({}) } + it { is_expected.to run.with_params({'key' => 'value'}) } + it { is_expected.to run.with_params({}, {'key' => 'value'}) } + it { is_expected.to run.with_params({'key1' => 'value1'}, {'key2' => 'value2'}) } + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params({}, []).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params({}, 1).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params({}, true).and_raise_error(Puppet::ParseError, /is not a Hash/) } + it { is_expected.to run.with_params({}, 'one').and_raise_error(Puppet::ParseError, /is not a Hash/) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_integer_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_integer_spec.rb new file mode 100755 index 000000000..4c0a9d7d4 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_integer_spec.rb @@ -0,0 +1,90 @@ +require 'spec_helper' + +describe 'validate_integer' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1, 2, 3, 4).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + [ true, 'true', false, 'false', 'iAmAString', '1test', '1 test', 'test 1', 'test 1 test', 7.0, -7.0, {}, { 'key' => 'value' }, { 1=> 2 }, '', :undef , 'x'].each do |invalid| + it { is_expected.to run.with_params(invalid).and_raise_error(Puppet::ParseError, /to be an Integer/) } + it { is_expected.to run.with_params(invalid, 10).and_raise_error(Puppet::ParseError, /to be an Integer/) } + it { is_expected.to run.with_params(invalid, 10, -10).and_raise_error(Puppet::ParseError, /to be an Integer/) } + it { is_expected.to run.with_params([0, 1, 2, invalid, 3, 4], 10, -10).and_raise_error(Puppet::ParseError, /to be an Integer/) } + end + + context 'when running on modern rubies', :unless => RUBY_VERSION == '1.8.7' do + it { is_expected.to run.with_params([0, 1, 2, {1=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError, /to be an Integer/) } + end + + context 'when running on ruby, which munges hashes weirdly', :if => RUBY_VERSION == '1.8.7' do + it { is_expected.to run.with_params([0, 1, 2, {1=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([0, 1, 2, {0=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError) } + end + + it { is_expected.to run.with_params(1, '').and_raise_error(Puppet::ParseError, /to be unset or an Integer/) } + it { is_expected.to run.with_params(1, 2, '').and_raise_error(Puppet::ParseError, /to be unset or an Integer/) } + it { is_expected.to run.with_params(1, 2, 3).and_raise_error(Puppet::ParseError, /second argument to be larger than third argument/) } + end + + context 'with no range constraints' do + it { is_expected.to run.with_params(1) } + it { is_expected.to run.with_params(-1) } + it { is_expected.to run.with_params('1') } + it { is_expected.to run.with_params('-1') } + it { is_expected.to run.with_params([1, 2, 3, 4]) } + it { is_expected.to run.with_params([1, '2', '3', 4]) } + end + + context "with a maximum limit of 10" do + describe 'rejects numbers greater than the limit' do + it { is_expected.to run.with_params(11, 10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(100, 10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(2**65, 10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params([1,2,10,100], 10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + end + + describe 'accepts numbers less or equal to the limit' do + it { is_expected.to run.with_params(10, 10) } + it { is_expected.to run.with_params(1, 10) } + it { is_expected.to run.with_params(-1, 10) } + it { is_expected.to run.with_params('1', 10) } + it { is_expected.to run.with_params('-1', 10) } + it { is_expected.to run.with_params([1, 2, 3, 4], 10) } + it { is_expected.to run.with_params([1, '2', '3', 4], 10) } + end + + context "with a minimum limit of -10" do + describe 'rejects numbers greater than the upper limit' do + it { is_expected.to run.with_params(11, 10, -10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(100, 10, -10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(2**65, 10, -10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params([1,2,10,100], 10, -10).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + end + + describe 'rejects numbers smaller than the lower limit' do + it { is_expected.to run.with_params(-11, 10, -10).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params(-100, 10, -10).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params(-2**65, 10, -10).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params([-10, 1,2,10,-100], 10, -10).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + end + + describe 'accepts numbers between and including the limits' do + it { is_expected.to run.with_params(10, 10, -10) } + it { is_expected.to run.with_params(-10, 10, -10) } + it { is_expected.to run.with_params(1, 10, -10) } + it { is_expected.to run.with_params(-1, 10, -10) } + it { is_expected.to run.with_params('1', 10, -10) } + it { is_expected.to run.with_params('-1', 10, -10) } + it { is_expected.to run.with_params([1, 2, 3, 4], 10, -10) } + it { is_expected.to run.with_params([1, '2', '3', 4], 10, -10) } + end + end + end + + it { is_expected.to run.with_params(10, 10, 10) } + + describe 'empty upper limit is interpreted as infinity' do + it { is_expected.to run.with_params(11, '', 10) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_ip_address_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_ip_address_spec.rb new file mode 100644 index 000000000..b56ce51c2 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_ip_address_spec.rb @@ -0,0 +1,46 @@ +require 'spec_helper' + +describe 'validate_ip_address' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + end + + describe 'valid inputs' do + it { is_expected.to run.with_params('0.0.0.0') } + it { is_expected.to run.with_params('8.8.8.8') } + it { is_expected.to run.with_params('127.0.0.1') } + it { is_expected.to run.with_params('10.10.10.10') } + it { is_expected.to run.with_params('194.232.104.150') } + it { is_expected.to run.with_params('244.24.24.24') } + it { is_expected.to run.with_params('255.255.255.255') } + it { is_expected.to run.with_params('1.2.3.4', '5.6.7.8') } + it { is_expected.to run.with_params('3ffe:0505:0002::') } + it { is_expected.to run.with_params('3ffe:0505:0002::', '3ffe:0505:0002::2') } + it { is_expected.to run.with_params('::1/64') } + it { is_expected.to run.with_params('fe80::a00:27ff:fe94:44d6/64') } + context 'with netmasks' do + it { is_expected.to run.with_params('8.8.8.8/0') } + it { is_expected.to run.with_params('8.8.8.8/16') } + it { is_expected.to run.with_params('8.8.8.8/32') } + it { is_expected.to run.with_params('8.8.8.8/255.255.0.0') } + end + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + it { is_expected.to run.with_params('0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + it { is_expected.to run.with_params('0.0.0.256').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + it { is_expected.to run.with_params('0.0.0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + it { is_expected.to run.with_params('1.2.3.4', {}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', 1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', 'one').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + it { is_expected.to run.with_params('::1', {}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('::1', true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('::1', 'one').and_raise_error(Puppet::ParseError, /is not a valid IP/) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_ipv4_address_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_ipv4_address_spec.rb new file mode 100755 index 000000000..b6170d438 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_ipv4_address_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'validate_ipv4_address' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params('0.0.0.0') } + it { is_expected.to run.with_params('8.8.8.8') } + it { is_expected.to run.with_params('127.0.0.1') } + it { is_expected.to run.with_params('10.10.10.10') } + it { is_expected.to run.with_params('194.232.104.150') } + it { is_expected.to run.with_params('244.24.24.24') } + it { is_expected.to run.with_params('255.255.255.255') } + it { is_expected.to run.with_params('1.2.3.4', '5.6.7.8') } + context 'with netmasks' do + it { is_expected.to run.with_params('8.8.8.8/0') } + it { is_expected.to run.with_params('8.8.8.8/16') } + it { is_expected.to run.with_params('8.8.8.8/32') } + it { is_expected.to run.with_params('8.8.8.8/255.255.0.0') } + end + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + it { is_expected.to run.with_params('0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + it { is_expected.to run.with_params('0.0.0.256').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + it { is_expected.to run.with_params('0.0.0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + it { is_expected.to run.with_params('affe::beef').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + it { is_expected.to run.with_params('1.2.3.4', {}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', 1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('1.2.3.4', 'one').and_raise_error(Puppet::ParseError, /is not a valid IPv4/) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_ipv6_address_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_ipv6_address_spec.rb new file mode 100755 index 000000000..7aaf0060a --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_ipv6_address_spec.rb @@ -0,0 +1,32 @@ +require 'spec_helper' + +describe 'validate_ipv6_address' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params('3ffe:0505:0002::') } + it { is_expected.to run.with_params('3ffe:0505:0002::', '3ffe:0505:0002::2') } + it { is_expected.to run.with_params('::1/64') } + it { is_expected.to run.with_params('fe80::a00:27ff:fe94:44d6/64') } + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('one').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + it { is_expected.to run.with_params('0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + it { is_expected.to run.with_params('0.0.0.256').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + it { is_expected.to run.with_params('0.0.0.0.0').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + it { is_expected.to run.with_params('affe:beef').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + it { is_expected.to run.with_params('::1', {}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('::1', true).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('::1', 'one').and_raise_error(Puppet::ParseError, /is not a valid IPv6/) } + context 'unless running on ruby 1.8.7', :if => RUBY_VERSION != '1.8.7' do + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params('::1', 1).and_raise_error(Puppet::ParseError, /is not a string/) } + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_numeric_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_numeric_spec.rb new file mode 100755 index 000000000..9b8eb0eeb --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_numeric_spec.rb @@ -0,0 +1,89 @@ +require 'spec_helper' + +describe 'validate_numeric' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params(1, 2, 3, 4).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + [ true, 'true', false, 'false', 'iAmAString', '1test', '1 test', 'test 1', 'test 1 test', {}, { 'key' => 'value' }, { 1=> 2 }, '', :undef , 'x'].each do |invalid| + it { is_expected.to run.with_params(invalid).and_raise_error(Puppet::ParseError, /to be a Numeric/) } + it { is_expected.to run.with_params(invalid, 10.0).and_raise_error(Puppet::ParseError, /to be a Numeric/) } + it { is_expected.to run.with_params(invalid, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be a Numeric/) } + end + + context 'when running on modern rubies', :unless => RUBY_VERSION == '1.8.7' do + it { is_expected.to run.with_params([0, 1, 2, {1=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError, /to be a Numeric/) } + end + + context 'when running on ruby, which munges hashes weirdly', :if => RUBY_VERSION == '1.8.7' do + it { is_expected.to run.with_params([0, 1, 2, {1=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError) } + it { is_expected.to run.with_params([0, 1, 2, {0=>2}, 3, 4], 10, -10).and_raise_error(Puppet::ParseError) } + end + + it { is_expected.to run.with_params(1, '').and_raise_error(Puppet::ParseError, /to be unset or a Numeric/) } + it { is_expected.to run.with_params(1, 2, '').and_raise_error(Puppet::ParseError, /to be unset or a Numeric/) } + it { is_expected.to run.with_params(1, 2, 3).and_raise_error(Puppet::ParseError, /second argument to be larger than third argument/) } + end + + context 'with no range constraints' do + it { is_expected.to run.with_params(1) } + it { is_expected.to run.with_params(-1) } + it { is_expected.to run.with_params('1') } + it { is_expected.to run.with_params('-1') } + it { is_expected.to run.with_params([1, 2, 3, 4]) } + it { is_expected.to run.with_params([1, '2', '3', 4]) } + end + + context "with a maximum limit of 10.0" do + describe 'rejects numbers greater than the limit' do + it { is_expected.to run.with_params(11, 10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(100, 10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(2**65, 10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params([1,2,10.0,100], 10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + end + + describe 'accepts numbers less or equal to the limit' do + it { is_expected.to run.with_params(10.0, 10.0) } + it { is_expected.to run.with_params(1, 10.0) } + it { is_expected.to run.with_params(-1, 10.0) } + it { is_expected.to run.with_params('1', 10.0) } + it { is_expected.to run.with_params('-1', 10.0) } + it { is_expected.to run.with_params([1, 2, 3, 4], 10.0) } + it { is_expected.to run.with_params([1, '2', '3', 4], 10.0) } + end + + context "with a minimum limit of -10.0" do + describe 'rejects numbers greater than the upper limit' do + it { is_expected.to run.with_params(11, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(100, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params(2**65, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + it { is_expected.to run.with_params([1,2,10.0,100], 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be smaller or equal/) } + end + + describe 'rejects numbers smaller than the lower limit' do + it { is_expected.to run.with_params(-11, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params(-100, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params(-2**65, 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + it { is_expected.to run.with_params([-10.0, 1,2,10.0,-100], 10.0, -10.0).and_raise_error(Puppet::ParseError, /to be greater or equal/) } + end + + describe 'accepts numbers between and including the limits' do + it { is_expected.to run.with_params(10.0, 10.0, -10.0) } + it { is_expected.to run.with_params(-10.0, 10.0, -10.0) } + it { is_expected.to run.with_params(1, 10.0, -10.0) } + it { is_expected.to run.with_params(-1, 10.0, -10.0) } + it { is_expected.to run.with_params('1', 10.0, -10.0) } + it { is_expected.to run.with_params('-1', 10.0, -10.0) } + it { is_expected.to run.with_params([1, 2, 3, 4], 10.0, -10.0) } + it { is_expected.to run.with_params([1, '2', '3', 4], 10.0, -10.0) } + end + end + end + + it { is_expected.to run.with_params(10.0, 10.0, 10.0) } + + describe 'empty upper limit is interpreted as infinity' do + it { is_expected.to run.with_params(11, '', 10.0) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_re_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_re_spec.rb new file mode 100755 index 000000000..3f9014370 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_re_spec.rb @@ -0,0 +1,61 @@ +require 'spec_helper' + +describe 'validate_re' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '', '', 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params('', '') } + it { is_expected.to run.with_params('', ['']) } + it { is_expected.to run.with_params('', [''], 'custom error') } + it { is_expected.to run.with_params('one', '^one') } + it { is_expected.to run.with_params('one', [ '^one', '^two' ]) } + it { is_expected.to run.with_params('one', [ '^one', '^two' ], 'custom error') } + end + + describe 'invalid inputs' do + it { + pending('should implement stricter type checking') + is_expected.to run.with_params([], '').and_raise_error(Puppet::ParseError, /is not a String/) + } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params('', {}).and_raise_error(Puppet::ParseError, /is not an Array/) + } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params('', '', []).and_raise_error(Puppet::ParseError, /is not a String/) + } + it { + pending('should implement stricter type checking') + is_expected.to run.with_params(nil, nil).and_raise_error(Puppet::ParseError, /is not a String/) + } + it { is_expected.to run.with_params('', []).and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('one', 'two').and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('', 'two').and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('', ['two']).and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('', ['two'], 'custom error').and_raise_error(Puppet::ParseError, /custom error/) } + it { is_expected.to run.with_params('notone', '^one').and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('notone', [ '^one', '^two' ]).and_raise_error(Puppet::ParseError, /does not match/) } + it { is_expected.to run.with_params('notone', [ '^one', '^two' ], 'custom error').and_raise_error(Puppet::ParseError, /custom error/) } + + describe 'non-string inputs' do + [ + 1, # Fixnum + 3.14, # Float + nil, # NilClass + true, # TrueClass + false, # FalseClass + ["10"], # Array + :key, # Symbol + {:key=>"val"}, # Hash + ].each do |input| + it { is_expected.to run.with_params(input, '.*').and_raise_error(Puppet::ParseError, /needs to be a String/) } + end + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_slength_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_slength_spec.rb new file mode 100755 index 000000000..5a8fa6a84 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_slength_spec.rb @@ -0,0 +1,61 @@ +require 'spec_helper' + +describe 'validate_slength' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', 2, 3, 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params('', '').and_raise_error(Puppet::ParseError, /second argument to be a positive Numeric/) } + it { is_expected.to run.with_params('', -1).and_raise_error(Puppet::ParseError, /second argument to be a positive Numeric/) } + it { is_expected.to run.with_params('', 1, '').and_raise_error(Puppet::ParseError, /third argument to be unset or a positive Numeric/) } + it { is_expected.to run.with_params('', 1, -1).and_raise_error(Puppet::ParseError, /third argument to be unset or a positive Numeric/) } + it { is_expected.to run.with_params('', 1, 2).and_raise_error(Puppet::ParseError, /argument to be equal to or larger than third argument/) } + end + + context "with a maximum length of 10" do + describe 'rejects strings longer than the limit' do + it { is_expected.to run.with_params('1234567890a', 10).and_raise_error(Puppet::ParseError, /Expected length/) } + it { is_expected.to run.with_params('1234567890abcdef', 10).and_raise_error(Puppet::ParseError, /Expected length/) } + it { is_expected.to run.with_params([ 'one', '1234567890abcdef' ], 10).and_raise_error(Puppet::ParseError, /Expected length/) } + end + + describe 'accepts strings shorter or equal to the limit' do + it { is_expected.to run.with_params('1234567890', 10) } + it { is_expected.to run.with_params('12345', 10) } + it { is_expected.to run.with_params([ 'one', 'two' ], 10) } + end + + context "with a minimum length of 5" do + describe 'rejects strings longer than the upper limit' do + it { is_expected.to run.with_params('1234567890a', 10, 5).and_raise_error(Puppet::ParseError, /Expected length/) } + it { is_expected.to run.with_params('1234567890abcdef', 10, 5).and_raise_error(Puppet::ParseError, /Expected length/) } + end + + describe 'rejects numbers shorter than the lower limit' do + it { is_expected.to run.with_params('one', 10, 5).and_raise_error(Puppet::ParseError, /Expected length/) } + it { is_expected.to run.with_params(['12345678', 'two'], 10, 5).and_raise_error(Puppet::ParseError, /Expected length/) } + end + + describe 'accepts strings of length between and including the limits' do + it { is_expected.to run.with_params('12345', 10, 5) } + it { is_expected.to run.with_params('123456', 10, 5) } + it { is_expected.to run.with_params('1234567', 10, 5) } + it { is_expected.to run.with_params('12345678', 10, 5) } + it { is_expected.to run.with_params('123456789', 10, 5) } + it { is_expected.to run.with_params('1234567890', 10, 5) } + it { is_expected.to run.with_params(['1233456', '12345678'], 10, 5) } + end + end + end + + describe 'corner cases' do + it { pending('this should work'); is_expected.to run.with_params('', 0, 0) } + it { is_expected.to run.with_params('1234567890', 10, 10) } + end + + describe 'empty upper limit is interpreted as infinity' do + it { pending('not implemented'); is_expected.to run.with_params('1234567890ab', '', 10) } + it { pending('not implemented'); is_expected.to run.with_params('12345678', '', 10).and_raise_error(Puppet::ParseError, /Expected length/) } + end +end diff --git a/modules/dependencies/stdlib/spec/functions/validate_string_spec.rb b/modules/dependencies/stdlib/spec/functions/validate_string_spec.rb new file mode 100755 index 000000000..f0c500eb1 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/validate_string_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'validate_string' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + + describe 'valid inputs' do + it { is_expected.to run.with_params('') } + it { is_expected.to run.with_params('one') } + it { is_expected.to run.with_params('one', 'two') } + end + + describe 'invalid inputs' do + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params({}).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /is not a string/) } + it { is_expected.to run.with_params(true).and_raise_error(Puppet::ParseError, /is not a string/) } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/values_at_spec.rb b/modules/dependencies/stdlib/spec/functions/values_at_spec.rb new file mode 100755 index 000000000..a8348f395 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/values_at_spec.rb @@ -0,0 +1,49 @@ +require 'spec_helper' + +describe 'values_at' do + describe 'signature validation' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first two.") + is_expected.to run.with_params([], 0, 1).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('', 1).and_raise_error(Puppet::ParseError, /Requires array/i) } + it { is_expected.to run.with_params({}, 1).and_raise_error(Puppet::ParseError, /Requires array/i) } + it { is_expected.to run.with_params(true, 1).and_raise_error(Puppet::ParseError, /Requires array/i) } + it { is_expected.to run.with_params(1, 1).and_raise_error(Puppet::ParseError, /Requires array/i) } + it { is_expected.to run.with_params([0,1,2], 'two').and_raise_error(Puppet::ParseError, /Unknown format of given index/) } + it { is_expected.to run.with_params([0,1,2], []).and_raise_error(Puppet::ParseError, /provide at least one positive index/) } + it { is_expected.to run.with_params([0,1,2], '-1-1').and_raise_error(Puppet::ParseError, /Unknown format of given index/) } + it { is_expected.to run.with_params([0,1,2], '2-1').and_raise_error(Puppet::ParseError, /Stop index in given indices range is smaller than the start index/) } + end + + context 'when requesting a single item' do + it { is_expected.to run.with_params([0, 1, 2], -1).and_raise_error(Puppet::ParseError, /Unknown format of given index/) } + it { is_expected.to run.with_params([0, 1, 2], 0).and_return([0]) } + it { is_expected.to run.with_params([0, 1, 2], 1).and_return([1]) } + it { is_expected.to run.with_params([0, 1, 2], [1]).and_return([1]) } + it { is_expected.to run.with_params([0, 1, 2], '1').and_return([1]) } + it { is_expected.to run.with_params([0, 1, 2], '1-1').and_return([1]) } + it { is_expected.to run.with_params([0, 1, 2], 2).and_return([2]) } + it { is_expected.to run.with_params([0, 1, 2], 3).and_raise_error(Puppet::ParseError, /index exceeds array size/) } + end + + context 'when requesting multiple items' do + it { is_expected.to run.with_params([0, 1, 2], [1, -1]).and_raise_error(Puppet::ParseError, /Unknown format of given index/) } + it { is_expected.to run.with_params([0, 1, 2], [0, 2]).and_return([0, 2]) } + it { is_expected.to run.with_params([0, 1, 2], ['0-2', 1, 2]).and_return([0, 1, 2, 1, 2]) } + it { is_expected.to run.with_params([0, 1, 2], [3, 2]).and_raise_error(Puppet::ParseError, /index exceeds array size/) } + + describe 'different range syntaxes' do + it { is_expected.to run.with_params([0, 1, 2], '0-2').and_return([0, 1, 2]) } + it { is_expected.to run.with_params([0, 1, 2], '0..2').and_return([0, 1, 2]) } + it { is_expected.to run.with_params([0, 1, 2], '0...2').and_return([0, 1]) } + it { + pending('fix this bounds check') + is_expected.to run.with_params([0, 1, 2], '0...3').and_return([0, 1, 2]) + } + end + end +end diff --git a/modules/dependencies/stdlib/spec/functions/values_spec.rb b/modules/dependencies/stdlib/spec/functions/values_spec.rb new file mode 100755 index 000000000..4abf0bd74 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/values_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'values' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the first.") + is_expected.to run.with_params({}, 'extra').and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params('').and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params(1).and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /Requires hash to work with/) } + it { is_expected.to run.with_params({}).and_return([]) } + it { is_expected.to run.with_params({ 'key' => 'value' }).and_return(['value']) } + it 'should return the array of values' do + result = subject.call([{ 'key1' => 'value1', 'key2' => 'value2', 'duplicate_value_key' => 'value2' }]) + expect(result).to match_array(['value1', 'value2', 'value2']) + end +end diff --git a/modules/dependencies/stdlib/spec/functions/zip_spec.rb b/modules/dependencies/stdlib/spec/functions/zip_spec.rb new file mode 100755 index 000000000..abca7ee86 --- /dev/null +++ b/modules/dependencies/stdlib/spec/functions/zip_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'zip' do + it { is_expected.not_to eq(nil) } + it { is_expected.to run.with_params().and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { is_expected.to run.with_params([]).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) } + it { + pending("Current implementation ignores parameters after the third.") + is_expected.to run.with_params([], [], true, []).and_raise_error(Puppet::ParseError, /wrong number of arguments/i) + } + it { is_expected.to run.with_params([], []).and_return([]) } + it { is_expected.to run.with_params([1,2,3], [4,5,6]).and_return([[1,4], [2,5], [3,6]]) } + it { is_expected.to run.with_params([1,2,3], [4,5,6], false).and_return([[1,4], [2,5], [3,6]]) } + it { is_expected.to run.with_params([1,2,3], [4,5,6], true).and_return([1, 4, 2, 5, 3, 6]) } +end diff --git a/modules/dependencies/stdlib/spec/monkey_patches/alias_should_to_must.rb b/modules/dependencies/stdlib/spec/monkey_patches/alias_should_to_must.rb new file mode 100755 index 000000000..505e24092 --- /dev/null +++ b/modules/dependencies/stdlib/spec/monkey_patches/alias_should_to_must.rb @@ -0,0 +1,9 @@ +#! /usr/bin/env ruby -S rspec +require 'rspec' + +class Object + # This is necessary because the RAL has a 'should' + # method. + alias :must :should + alias :must_not :should_not +end diff --git a/modules/dependencies/stdlib/spec/monkey_patches/publicize_methods.rb b/modules/dependencies/stdlib/spec/monkey_patches/publicize_methods.rb new file mode 100755 index 000000000..3ae59f978 --- /dev/null +++ b/modules/dependencies/stdlib/spec/monkey_patches/publicize_methods.rb @@ -0,0 +1,11 @@ +#! /usr/bin/env ruby -S rspec +# Some monkey-patching to allow us to test private methods. +class Class + def publicize_methods(*methods) + saved_private_instance_methods = methods.empty? ? self.private_instance_methods : methods + + self.class_eval { public(*saved_private_instance_methods) } + yield + self.class_eval { private(*saved_private_instance_methods) } + end +end diff --git a/modules/dependencies/stdlib/spec/puppetlabs_spec_helper_clone.rb b/modules/dependencies/stdlib/spec/puppetlabs_spec_helper_clone.rb new file mode 100644 index 000000000..6a94a3b47 --- /dev/null +++ b/modules/dependencies/stdlib/spec/puppetlabs_spec_helper_clone.rb @@ -0,0 +1,34 @@ +#This file pulls in only the minimum necessary to let unmigrated specs still work + +# Define the main module namespace for use by the helper modules +module PuppetlabsSpec + # FIXTURE_DIR represents the standard locations of all fixture data. Normally + # this represents /spec/fixtures. This will be used by the fixtures + # library to find relative fixture data. + FIXTURE_DIR = File.join("spec", "fixtures") unless defined?(FIXTURE_DIR) +end + +# Require all necessary helper libraries so they can be used later +require 'puppetlabs_spec_helper/puppetlabs_spec/files' +require 'puppetlabs_spec_helper/puppetlabs_spec/fixtures' +#require 'puppetlabs_spec_helper/puppetlabs_spec/puppet_internals' +require 'puppetlabs_spec_helper/puppetlabs_spec/matchers' + +RSpec.configure do |config| + # Include PuppetlabsSpec helpers so they can be called at convenience + config.extend PuppetlabsSpec::Files + config.extend PuppetlabsSpec::Fixtures + config.include PuppetlabsSpec::Fixtures + + config.parser = 'future' if ENV['FUTURE_PARSER'] == 'yes' + config.strict_variables = true if ENV['STRICT_VARIABLES'] == 'yes' + config.stringify_facts = false if ENV['STRINGIFY_FACTS'] == 'no' + config.trusted_node_data = true if ENV['TRUSTED_NODE_DATA'] == 'yes' + config.ordering = ENV['ORDERING'] if ENV['ORDERING'] + + # This will cleanup any files that were created with tmpdir or tmpfile + config.after :each do + PuppetlabsSpec::Files.cleanup + end +end + diff --git a/modules/dependencies/stdlib/spec/spec.opts b/modules/dependencies/stdlib/spec/spec.opts new file mode 100644 index 000000000..91cd6427e --- /dev/null +++ b/modules/dependencies/stdlib/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/modules/dependencies/stdlib/spec/spec_helper.rb b/modules/dependencies/stdlib/spec/spec_helper.rb new file mode 100755 index 000000000..416036b5a --- /dev/null +++ b/modules/dependencies/stdlib/spec/spec_helper.rb @@ -0,0 +1,49 @@ +#! /usr/bin/env ruby -S rspec +dir = File.expand_path(File.dirname(__FILE__)) +$LOAD_PATH.unshift File.join(dir, 'lib') + +# So everyone else doesn't have to include this base constant. +module PuppetSpec + FIXTURE_DIR = File.join(dir = File.expand_path(File.dirname(__FILE__)), "fixtures") unless defined?(FIXTURE_DIR) +end + +require 'puppet' +require 'rspec-puppet' +require 'puppetlabs_spec_helper/module_spec_helper' +require 'monkey_patches/alias_should_to_must' +require 'mocha/api' +#require 'puppetlabs_spec_helper/module_spec_helper' +require 'puppetlabs_spec_helper_clone' + +# hack to enable all the expect syntax (like allow_any_instance_of) in rspec-puppet examples +RSpec::Mocks::Syntax.enable_expect(RSpec::Puppet::ManifestMatchers) + +RSpec.configure do |config| + config.module_path = File.join(File.dirname(File.expand_path(__FILE__)), 'fixtures', 'modules') + config.manifest_dir = File.join(File.dirname(File.expand_path(__FILE__)), 'fixtures', 'manifests') + config.environmentpath = spec_path = File.expand_path(File.join(Dir.pwd, 'spec')) + + config.add_setting :puppet_future + #config.puppet_future = (ENV['FUTURE_PARSER'] == 'yes' or Puppet.version.to_f >= 4.0) + config.puppet_future = Puppet.version.to_f >= 4.0 + + config.before :each do + # Ensure that we don't accidentally cache facts and environment between + # test cases. This requires each example group to explicitly load the + # facts being exercised with something like + # Facter.collection.loader.load(:ipaddress) + Facter.clear + Facter.clear_messages + + RSpec::Mocks.setup + end + + config.after :each do + RSpec::Mocks.verify + RSpec::Mocks.teardown + end +end + +# Helper class to test handling of arguments which are derived from string +class AlsoString < String +end diff --git a/modules/dependencies/stdlib/spec/spec_helper_acceptance.rb b/modules/dependencies/stdlib/spec/spec_helper_acceptance.rb new file mode 100755 index 000000000..eda0d1a14 --- /dev/null +++ b/modules/dependencies/stdlib/spec/spec_helper_acceptance.rb @@ -0,0 +1,70 @@ +#! /usr/bin/env ruby -S rspec +require 'beaker-rspec' +require 'beaker/puppet_install_helper' + +UNSUPPORTED_PLATFORMS = [] + +run_puppet_install_helper + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + if ENV['FUTURE_PARSER'] == 'yes' + default[:default_apply_opts] ||= {} + default[:default_apply_opts].merge!({:parser => 'future'}) + end + + copy_root_module_to(default, :source => proj_root, :module_name => 'stdlib') + end +end + +def is_future_parser_enabled? + if default[:type] == 'aio' + return true + elsif default[:default_apply_opts] + return default[:default_apply_opts][:parser] == 'future' + end + return false +end + +def get_puppet_version + (on default, puppet('--version')).output.chomp +end + +RSpec.shared_context "with faked facts" do + let(:facts_d) do + puppet_version = get_puppet_version + if fact('osfamily') =~ /windows/i + if fact('kernelmajversion').to_f < 6.0 + 'C:/Documents and Settings/All Users/Application Data/PuppetLabs/facter/facts.d' + else + 'C:/ProgramData/PuppetLabs/facter/facts.d' + end + elsif Puppet::Util::Package.versioncmp(puppet_version, '4.0.0') < 0 and fact('is_pe', '--puppet') == "true" + '/etc/puppetlabs/facter/facts.d' + else + '/etc/facter/facts.d' + end + end + + before :each do + #No need to create on windows, PE creates by default + if fact('osfamily') !~ /windows/i + shell("mkdir -p '#{facts_d}'") + end + end + + after :each do + shell("rm -f '#{facts_d}/fqdn.txt'", :acceptable_exit_codes => [0,1]) + end + + def fake_fact(name, value) + shell("echo #{name}=#{value} > '#{facts_d}/#{name}.txt'") + end +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/facter_dot_d_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/facter_dot_d_spec.rb new file mode 100755 index 000000000..0afadb25f --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/facter_dot_d_spec.rb @@ -0,0 +1,32 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'facter/facter_dot_d' + +describe Facter::Util::DotD do + + context 'returns a simple fact' do + before :each do + Facter.stubs(:version).returns('1.6.1') + subject.stubs(:entries).returns(['/etc/facter/facts.d/fake_fact.txt']) + File.stubs(:readlines).with('/etc/facter/facts.d/fake_fact.txt').returns(['fake_fact=fake fact']) + subject.create + end + + it 'should return successfully' do + expect(Facter.fact(:fake_fact).value).to eq('fake fact') + end + end + + context 'returns a fact with equals signs' do + before :each do + Facter.stubs(:version).returns('1.6.1') + subject.stubs(:entries).returns(['/etc/facter/facts.d/foo.txt']) + File.stubs(:readlines).with('/etc/facter/facts.d/foo.txt').returns(['foo=1+1=2']) + subject.create + end + + it 'should return successfully' do + expect(Facter.fact(:foo).value).to eq('1+1=2') + end + end +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/package_provider_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/package_provider_spec.rb new file mode 100644 index 000000000..3954faf02 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/package_provider_spec.rb @@ -0,0 +1,44 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'puppet/type' +require 'puppet/type/package' + +describe 'package_provider', :type => :fact do + before { Facter.clear } + after { Facter.clear } + + ['4.2.2', '3.7.1 (Puppet Enterprise 3.2.1)'].each do |puppetversion| + describe "on puppet ''#{puppetversion}''" do + before :each do + Facter.stubs(:value).returns puppetversion + end + + context "darwin" do + it "should return pkgdmg" do + provider = Puppet::Type.type(:package).provider(:pkgdmg) + Puppet::Type.type(:package).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:package_provider).value).to eq('pkgdmg') + end + end + + context "centos 7" do + it "should return yum" do + provider = Puppet::Type.type(:package).provider(:yum) + Puppet::Type.type(:package).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:package_provider).value).to eq('yum') + end + end + + context "ubuntu" do + it "should return apt" do + provider = Puppet::Type.type(:package).provider(:apt) + Puppet::Type.type(:package).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:package_provider).value).to eq('apt') + end + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/pe_version_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/pe_version_spec.rb new file mode 100755 index 000000000..c11a1cd09 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/pe_version_spec.rb @@ -0,0 +1,88 @@ +#!/usr/bin/env rspec + +require 'spec_helper' + +describe "PE Version specs" do + before :each do + # Explicitly load the pe_version.rb file which contains generated facts + # that cannot be automatically loaded. Puppet 2.x implements + # Facter.collection.load while Facter 1.x markes Facter.collection.load as + # a private method. + if Facter.collection.respond_to? :load + Facter.collection.load(:pe_version) + else + Facter.collection.loader.load(:pe_version) + end + end + + context "When puppetversion is nil" do + before :each do + Facter.fact(:puppetversion).stubs(:value).returns(nil) + end + + it "pe_version is nil" do + expect(Facter.fact(:puppetversion).value).to be_nil + expect(Facter.fact(:pe_version).value).to be_nil + end + end + + context "If PE is installed" do + %w{ 2.6.1 2.10.300 }.each do |version| + puppetversion = "2.7.19 (Puppet Enterprise #{version})" + context "puppetversion => #{puppetversion}" do + before :each do + Facter.fact(:puppetversion).stubs(:value).returns(puppetversion) + end + + (major,minor,patch) = version.split(".") + + it "Should return true" do + expect(Facter.fact(:is_pe).value).to eq(true) + end + + it "Should have a version of #{version}" do + expect(Facter.fact(:pe_version).value).to eq(version) + end + + it "Should have a major version of #{major}" do + expect(Facter.fact(:pe_major_version).value).to eq(major) + end + + it "Should have a minor version of #{minor}" do + expect(Facter.fact(:pe_minor_version).value).to eq(minor) + end + + it "Should have a patch version of #{patch}" do + expect(Facter.fact(:pe_patch_version).value).to eq(patch) + end + end + end + end + + context "When PE is not installed" do + before :each do + Facter.fact(:puppetversion).stubs(:value).returns("2.7.19") + end + + it "is_pe is false" do + expect(Facter.fact(:is_pe).value).to eq(false) + end + + it "pe_version is nil" do + expect(Facter.fact(:pe_version).value).to be_nil + end + + it "pe_major_version is nil" do + expect(Facter.fact(:pe_major_version).value).to be_nil + end + + it "pe_minor_version is nil" do + expect(Facter.fact(:pe_minor_version).value).to be_nil + end + + it "Should have a patch version" do + expect(Facter.fact(:pe_patch_version).value).to be_nil + end + end + +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/root_home_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/root_home_spec.rb new file mode 100755 index 000000000..a5c2846ec --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/root_home_spec.rb @@ -0,0 +1,65 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'facter/root_home' + +describe Facter::Util::RootHome do + context "solaris" do + let(:root_ent) { "root:x:0:0:Super-User:/:/sbin/sh" } + let(:expected_root_home) { "/" } + + it "should return /" do + Facter::Util::Resolution.expects(:exec).with("getent passwd root").returns(root_ent) + expect(Facter::Util::RootHome.get_root_home).to eq(expected_root_home) + end + end + context "linux" do + let(:root_ent) { "root:x:0:0:root:/root:/bin/bash" } + let(:expected_root_home) { "/root" } + + it "should return /root" do + Facter::Util::Resolution.expects(:exec).with("getent passwd root").returns(root_ent) + expect(Facter::Util::RootHome.get_root_home).to eq(expected_root_home) + end + end + context "windows" do + before :each do + Facter::Util::Resolution.expects(:exec).with("getent passwd root").returns(nil) + end + it "should be nil on windows" do + expect(Facter::Util::RootHome.get_root_home).to be_nil + end + end +end + +describe 'root_home', :type => :fact do + before { Facter.clear } + after { Facter.clear } + + context "macosx" do + before do + Facter.fact(:kernel).stubs(:value).returns("Darwin") + Facter.fact(:osfamily).stubs(:value).returns("Darwin") + end + let(:expected_root_home) { "/var/root" } + sample_dscacheutil = File.read(fixtures('dscacheutil','root')) + + it "should return /var/root" do + Facter::Util::Resolution.stubs(:exec).with("dscacheutil -q user -a name root").returns(sample_dscacheutil) + expect(Facter.fact(:root_home).value).to eq(expected_root_home) + end + end + + context "aix" do + before do + Facter.fact(:kernel).stubs(:value).returns("AIX") + Facter.fact(:osfamily).stubs(:value).returns("AIX") + end + let(:expected_root_home) { "/root" } + sample_lsuser = File.read(fixtures('lsuser','root')) + + it "should return /root" do + Facter::Util::Resolution.stubs(:exec).with("lsuser -c -a home root").returns(sample_lsuser) + expect(Facter.fact(:root_home).value).to eq(expected_root_home) + end + end +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/service_provider_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/service_provider_spec.rb new file mode 100644 index 000000000..ad8a5fc53 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/service_provider_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'puppet/type' +require 'puppet/type/service' + +describe 'service_provider', :type => :fact do + before { Facter.clear } + after { Facter.clear } + + context "macosx" do + it "should return launchd" do + provider = Puppet::Type.type(:service).provider(:launchd) + Puppet::Type.type(:service).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:service_provider).value).to eq('launchd') + end + end + + context "systemd" do + it "should return systemd" do + provider = Puppet::Type.type(:service).provider(:systemd) + Puppet::Type.type(:service).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:service_provider).value).to eq('systemd') + end + end + + context "redhat" do + it "should return redhat" do + provider = Puppet::Type.type(:service).provider(:redhat) + Puppet::Type.type(:service).stubs(:defaultprovider).returns provider + + expect(Facter.fact(:service_provider).value).to eq('redhat') + end + end + +end diff --git a/modules/dependencies/stdlib/spec/unit/facter/util/puppet_settings_spec.rb b/modules/dependencies/stdlib/spec/unit/facter/util/puppet_settings_spec.rb new file mode 100755 index 000000000..c278b7984 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/facter/util/puppet_settings_spec.rb @@ -0,0 +1,37 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'facter/util/puppet_settings' + +describe Facter::Util::PuppetSettings do + + describe "#with_puppet" do + context "Without Puppet loaded" do + before(:each) do + Module.expects(:const_get).with("Puppet").raises(NameError) + end + + it 'should be nil' do + expect(subject.with_puppet { Puppet[:vardir] }).to be_nil + end + it 'should not yield to the block' do + Puppet.expects(:[]).never + expect(subject.with_puppet { Puppet[:vardir] }).to be_nil + end + end + context "With Puppet loaded" do + module Puppet; end + let(:vardir) { "/var/lib/puppet" } + + before :each do + Puppet.expects(:[]).with(:vardir).returns vardir + end + + it 'should yield to the block' do + subject.with_puppet { Puppet[:vardir] } + end + it 'should return the nodes vardir' do + expect(subject.with_puppet { Puppet[:vardir] }).to eq vardir + end + end + end +end diff --git a/modules/dependencies/stdlib/spec/unit/puppet/parser/functions/is_absolute_path_spec.rb b/modules/dependencies/stdlib/spec/unit/puppet/parser/functions/is_absolute_path_spec.rb new file mode 100644 index 000000000..89312081a --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/puppet/parser/functions/is_absolute_path_spec.rb @@ -0,0 +1,86 @@ +require 'spec_helper' + +describe :is_absolute_path do + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + let(:function_args) do + [] + end + + let(:function) do + scope.function_is_absolute_path(function_args) + end + + + describe 'validate arity' do + let(:function_args) do + [1,2] + end + it "should raise a ParseError if there is more than 1 arguments" do + lambda { function }.should( raise_error(ArgumentError)) + end + + end + + it "should exist" do + Puppet::Parser::Functions.function(subject).should == "function_#{subject}" + end + + # help enforce good function defination + it 'should contain arity' do + + end + + it "should raise a ParseError if there is less than 1 arguments" do + lambda { function }.should( raise_error(ArgumentError)) + end + + + describe 'should retrun true' do + let(:return_value) do + true + end + + describe 'windows' do + let(:function_args) do + ['c:\temp\test.txt'] + end + it 'should return data' do + function.should eq(return_value) + end + end + + describe 'non-windows' do + let(:function_args) do + ['/temp/test.txt'] + end + + it 'should return data' do + function.should eq(return_value) + end + end + end + + describe 'should return false' do + let(:return_value) do + false + end + describe 'windows' do + let(:function_args) do + ['..\temp\test.txt'] + end + it 'should return data' do + function.should eq(return_value) + end + end + + describe 'non-windows' do + let(:function_args) do + ['../var/lib/puppet'] + end + it 'should return data' do + function.should eq(return_value) + end + end + end +end \ No newline at end of file diff --git a/modules/dependencies/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb b/modules/dependencies/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb new file mode 100755 index 000000000..23e649cc9 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/puppet/provider/file_line/ruby_spec.rb @@ -0,0 +1,440 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'tempfile' +provider_class = Puppet::Type.type(:file_line).provider(:ruby) +describe provider_class do + context "when adding" do + let :tmpfile do + tmp = Tempfile.new('tmp') + path = tmp.path + tmp.close! + path + end + let :resource do + Puppet::Type::File_line.new( + {:name => 'foo', :path => tmpfile, :line => 'foo'} + ) + end + let :provider do + provider_class.new(resource) + end + + it 'should detect if the line exists in the file' do + File.open(tmpfile, 'w') do |fh| + fh.write('foo') + end + expect(provider.exists?).to be_truthy + end + it 'should detect if the line does not exist in the file' do + File.open(tmpfile, 'w') do |fh| + fh.write('foo1') + end + expect(provider.exists?).to be_nil + end + it 'should append to an existing file when creating' do + provider.create + expect(File.read(tmpfile).chomp).to eq('foo') + end + end + context 'when using replace' do + before :each do + # TODO: these should be ported over to use the PuppetLabs spec_helper + # file fixtures once the following pull request has been merged: + # https://github.com/puppetlabs/puppetlabs-stdlib/pull/73/files + tmp = Tempfile.new('tmp') + @tmpfile = tmp.path + tmp.close! + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo = bar', + :match => '^foo\s*=.*$', + :replace => false, + } + ) + @provider = provider_class.new(@resource) + end + + it 'should not replace the matching line' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo=blah\nfoo2\nfoo3") + end + expect(@provider.exists?).to be_truthy + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\nfoo=blah\nfoo2\nfoo3") + end + + it 'should append the line if no matches are found' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo2") + end + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\nfoo2\nfoo = bar") + end + + it 'should raise an error with invalid values' do + expect { + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo = bar', + :match => '^foo\s*=.*$', + :replace => 'asgadga', + } + ) + }.to raise_error(Puppet::Error, /Invalid value "asgadga"\. Valid values are true, false\./) + end + end + context "when matching" do + before :each do + # TODO: these should be ported over to use the PuppetLabs spec_helper + # file fixtures once the following pull request has been merged: + # https://github.com/puppetlabs/puppetlabs-stdlib/pull/73/files + tmp = Tempfile.new('tmp') + @tmpfile = tmp.path + tmp.close! + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo = bar', + :match => '^foo\s*=.*$', + } + ) + @provider = provider_class.new(@resource) + end + + describe 'using match' do + it 'should raise an error if more than one line matches, and should not have modified the file' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo=blah\nfoo2\nfoo=baz") + end + expect(@provider.exists?).to be_nil + expect { @provider.create }.to raise_error(Puppet::Error, /More than one line.*matches/) + expect(File.read(@tmpfile)).to eql("foo1\nfoo=blah\nfoo2\nfoo=baz") + end + + it 'should replace all lines that matches' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo = bar', + :match => '^foo\s*=.*$', + :multiple => true, + } + ) + @provider = provider_class.new(@resource) + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo=blah\nfoo2\nfoo=baz") + end + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\nfoo = bar\nfoo2\nfoo = bar") + end + + it 'should raise an error with invalid values' do + expect { + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo = bar', + :match => '^foo\s*=.*$', + :multiple => 'asgadga', + } + ) + }.to raise_error(Puppet::Error, /Invalid value "asgadga"\. Valid values are true, false\./) + end + + it 'should replace a line that matches' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo=blah\nfoo2") + end + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\nfoo = bar\nfoo2") + end + it 'should add a new line if no lines match' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo2") + end + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile)).to eql("foo1\nfoo2\nfoo = bar\n") + end + it 'should do nothing if the exact line already exists' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo = bar\nfoo2") + end + expect(@provider.exists?).to be_truthy + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\nfoo = bar\nfoo2") + end + end + + describe 'using after' do + let :resource do + Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'inserted = line', + :after => '^foo1', + } + ) + end + + let :provider do + provider_class.new(resource) + end + context 'match and after set' do + shared_context 'resource_create' do + let(:match) { '^foo2$' } + let(:after) { '^foo1$' } + let(:resource) { + Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'inserted = line', + :after => after, + :match => match, + } + ) + } + end + before :each do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo2\nfoo = baz") + end + end + describe 'inserts at match' do + include_context 'resource_create' + it { + provider.create + expect(File.read(@tmpfile).chomp).to eq("foo1\ninserted = line\nfoo = baz") + } + end + describe 'inserts a new line after when no match' do + include_context 'resource_create' do + let(:match) { '^nevergoingtomatch$' } + end + it { + provider.create + expect(File.read(@tmpfile).chomp).to eq("foo1\ninserted = line\nfoo2\nfoo = baz") + } + end + describe 'append to end of file if no match for both after and match' do + include_context 'resource_create' do + let(:match) { '^nevergoingtomatch$' } + let(:after) { '^stillneverafter' } + end + it { + provider.create + expect(File.read(@tmpfile).chomp).to eq("foo1\nfoo2\nfoo = baz\ninserted = line") + } + end + end + context 'with one line matching the after expression' do + before :each do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo = blah\nfoo2\nfoo = baz") + end + end + + it 'inserts the specified line after the line matching the "after" expression' do + provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\ninserted = line\nfoo = blah\nfoo2\nfoo = baz") + end + end + + context 'with multiple lines matching the after expression' do + before :each do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo = blah\nfoo2\nfoo1\nfoo = baz") + end + end + + it 'errors out stating "One or no line must match the pattern"' do + expect { provider.create }.to raise_error(Puppet::Error, /One or no line must match the pattern/) + end + + it 'adds the line after all lines matching the after expression' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'inserted = line', + :after => '^foo1$', + :multiple => true, + } + ) + @provider = provider_class.new(@resource) + expect(@provider.exists?).to be_nil + @provider.create + expect(File.read(@tmpfile).chomp).to eql("foo1\ninserted = line\nfoo = blah\nfoo2\nfoo1\ninserted = line\nfoo = baz") + end + end + + context 'with no lines matching the after expression' do + let :content do + "foo3\nfoo = blah\nfoo2\nfoo = baz\n" + end + + before :each do + File.open(@tmpfile, 'w') do |fh| + fh.write(content) + end + end + + it 'appends the specified line to the file' do + provider.create + expect(File.read(@tmpfile)).to eq(content << resource[:line] << "\n") + end + end + end + end + + context "when removing" do + before :each do + # TODO: these should be ported over to use the PuppetLabs spec_helper + # file fixtures once the following pull request has been merged: + # https://github.com/puppetlabs/puppetlabs-stdlib/pull/73/files + tmp = Tempfile.new('tmp') + @tmpfile = tmp.path + tmp.close! + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo', + :ensure => 'absent', + } + ) + @provider = provider_class.new(@resource) + end + it 'should remove the line if it exists' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo2") + end + + it 'should remove the line without touching the last new line' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2\n") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo2\n") + end + + it 'should remove any occurence of the line' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2\nfoo\nfoo") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo2\n") + end + end + + context "when removing with a match" do + before :each do + # TODO: these should be ported over to use the PuppetLabs spec_helper + # file fixtures once the following pull request has been merged: + # https://github.com/puppetlabs/puppetlabs-stdlib/pull/73/files + tmp = Tempfile.new('tmp') + @tmpfile = tmp.path + tmp.close! + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo2', + :ensure => 'absent', + :match => 'o$', + :match_for_absence => true, + } + ) + @provider = provider_class.new(@resource) + end + + it 'should remove one line if it matches' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo2") + end + + it 'should raise an error if more than one line matches' do + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2\nfoo\nfoo") + end + expect { @provider.destroy }.to raise_error(Puppet::Error, /More than one line/) + end + + it 'should remove multiple lines if :multiple is true' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo2', + :ensure => 'absent', + :match => 'o$', + :multiple => true, + :match_for_absence => true, + } + ) + @provider = provider_class.new(@resource) + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2\nfoo\nfoo") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo2\n") + end + + it 'should ignore the match if match_for_absense is not specified' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo2', + :ensure => 'absent', + :match => 'o$', + } + ) + @provider = provider_class.new(@resource) + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo\n") + end + + it 'should ignore the match if match_for_absense is false' do + @resource = Puppet::Type::File_line.new( + { + :name => 'foo', + :path => @tmpfile, + :line => 'foo2', + :ensure => 'absent', + :match => 'o$', + :match_for_absence => false, + } + ) + @provider = provider_class.new(@resource) + File.open(@tmpfile, 'w') do |fh| + fh.write("foo1\nfoo\nfoo2") + end + @provider.destroy + expect(File.read(@tmpfile)).to eql("foo1\nfoo\n") + end + + end + +end diff --git a/modules/dependencies/stdlib/spec/unit/puppet/type/anchor_spec.rb b/modules/dependencies/stdlib/spec/unit/puppet/type/anchor_spec.rb new file mode 100755 index 000000000..c738a272b --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/puppet/type/anchor_spec.rb @@ -0,0 +1,11 @@ +#!/usr/bin/env ruby + +require 'spec_helper' + +anchor = Puppet::Type.type(:anchor).new(:name => "ntp::begin") + +describe anchor do + it "should stringify normally" do + expect(anchor.to_s).to eq("Anchor[ntp::begin]") + end +end diff --git a/modules/dependencies/stdlib/spec/unit/puppet/type/file_line_spec.rb b/modules/dependencies/stdlib/spec/unit/puppet/type/file_line_spec.rb new file mode 100755 index 000000000..f1430f263 --- /dev/null +++ b/modules/dependencies/stdlib/spec/unit/puppet/type/file_line_spec.rb @@ -0,0 +1,73 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'tempfile' +describe Puppet::Type.type(:file_line) do + let :file_line do + Puppet::Type.type(:file_line).new(:name => 'foo', :line => 'line', :path => '/tmp/path') + end + it 'should accept a line and path' do + file_line[:line] = 'my_line' + expect(file_line[:line]).to eq('my_line') + file_line[:path] = '/my/path' + expect(file_line[:path]).to eq('/my/path') + end + it 'should accept a match regex' do + file_line[:match] = '^foo.*$' + expect(file_line[:match]).to eq('^foo.*$') + end + it 'should accept a match regex that does not match the specified line' do + expect { + Puppet::Type.type(:file_line).new( + :name => 'foo', + :path => '/my/path', + :line => 'foo=bar', + :match => '^bar=blah$' + )}.not_to raise_error + end + it 'should accept a match regex that does match the specified line' do + expect { + Puppet::Type.type(:file_line).new( + :name => 'foo', + :path => '/my/path', + :line => 'foo=bar', + :match => '^\s*foo=.*$' + )}.not_to raise_error + end + it 'should accept posix filenames' do + file_line[:path] = '/tmp/path' + expect(file_line[:path]).to eq('/tmp/path') + end + it 'should not accept unqualified path' do + expect { file_line[:path] = 'file' }.to raise_error(Puppet::Error, /File paths must be fully qualified/) + end + it 'should require that a line is specified' do + expect { Puppet::Type.type(:file_line).new(:name => 'foo', :path => '/tmp/file') }.to raise_error(Puppet::Error, /Both line and path are required attributes/) + end + it 'should require that a file is specified' do + expect { Puppet::Type.type(:file_line).new(:name => 'foo', :line => 'path') }.to raise_error(Puppet::Error, /Both line and path are required attributes/) + end + it 'should default to ensure => present' do + expect(file_line[:ensure]).to eq :present + end + it 'should default to replace => true' do + expect(file_line[:replace]).to eq :true + end + + it "should autorequire the file it manages" do + catalog = Puppet::Resource::Catalog.new + file = Puppet::Type.type(:file).new(:name => "/tmp/path") + catalog.add_resource file + catalog.add_resource file_line + + relationship = file_line.autorequire.find do |rel| + (rel.source.to_s == "File[/tmp/path]") and (rel.target.to_s == file_line.to_s) + end + expect(relationship).to be_a Puppet::Relationship + end + + it "should not autorequire the file it manages if it is not managed" do + catalog = Puppet::Resource::Catalog.new + catalog.add_resource file_line + expect(file_line.autorequire).to be_empty + end +end diff --git a/modules/services/unix/http/apache/module/apache/CHANGELOG.md b/modules/services/unix/http/apache/module/apache/CHANGELOG.md new file mode 100644 index 000000000..58cd91ae6 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/CHANGELOG.md @@ -0,0 +1,645 @@ +## Supported Release 1.8.1 +### Summary +This release includes bug fixes and a documentation update. + +#### Bugfixes +- Fixes a bug that occurs when using the module in combination with puppetlabs-concat 2.x. +- Fixes a bug where passenger.conf was vulnerable to purging. +- Removes the pin of the concat module dependency. + +## 2016-01-26 - Supported Release 1.8.0 +### Summary +This release includes a lot of bug fixes and feature updates, including support for Debian 8, as well as many test improvements. + +#### Features +- Debian 8 Support. +- Added the 'file_mode' property to allow a custom permission setting for config files. +- Enable 'PassengerMaxRequestQueueSize' to be set for mod_passenger. +- MODULES-2956: Enable options within location block on proxy_match. +- Support itk on redhat. +- Support the mod_ssl SSLProxyVerify directive. +- Support ProxPassReverseCookieDomain directive (mod_proxy). +- Support proxy provider for vhost directories. +- Added new 'apache::vhost::custom' resource. + +#### Bugfixes +- Fixed ProxyPassReverse configuration. +- Fixed error in Amazon operatingsystem detection. +- Fixed mod_security catalog ordering issues for RedHat 7. +- Fixed paths and packages for the shib2 apache module on Debian pre Jessie. +- Fixed EL7 directory path for apache modules. +- Fixed validation error when empty array is passed for the rewrites parameter. +- Idempotency fixes with regards to '::apache::mod_enable_dir'. +- ITK fixes. +- (MODULES-2865) fix $mpm_module logic for 'false'. +- Set SSLProxy directives even if ssl is false, due to issue with RewriteRules and ProxyPass directives. +- Enable setting LimitRequestFieldSize globally, and remove it from vhost. + +#### Improvements +- apache::mod::php now uses FilesMatch to configure the php handler. This is following the recommended upstream configuration guidelines (http://php.net/manual/en/install.unix.apache2.php#example-20) and distribution's default config (e.g.: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/vivid/php5/vivid/view/head:/debian/php5.conf). It avoids inadvertently exposing the PHP handler to executing uploads with names like 'file.php.jpg', but might impact setups with unusual requirements. +- Improved compatibility for Gentoo. +- Vhosts can now be supplied with a wildcard listen value. +- Numerous test improvements. +- Removed workarounds for https://bz.apache.org/bugzilla/show_bug.cgi?id=38864 as the issues have been fixed in Apache. +- Documentation updates. +- Ensureed order of ProxyPass and ProxyPassMatch parameters. +- Ensure that ProxyPreserveHost is set to off mode explicitly if not set in manifest. +- Put headers and request headers before proxy with regards to template generation. +- Added X-Forwarded-For into log_formats defaults. +- (MODULES-2703) Allow mod pagespeed to take an array of lines as additional_configuration. + +## Supported Release 1.7.1 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + +## 2015-11-17 - Supported Release 1.7.0 +### Summary +This release includes many new features and bugfixes. There are test, documentation and misc improvements. + +#### Features +- allow groups with - like vhost-users +- ability to enable/disable the secruleengine through a parameter +- add mod_auth_kerb parameters to vhost +- client auth for reverse proxy +- support for mod_auth_mellon +- change SSLProtocol in apache::vhost to be space separated +- RewriteLock support + +#### Bugfixes +- fix apache::mod::cgid so it can be used with the event MPM +- load unixd before fcgid on all operating systems +- fixes conditional in vhost aliases +- corrects mod_cgid worker/event defaults +- ProxyPassMatch parameters were ending up on a newline +- catch that mod_authz_default has been removed in Apache 2.4 +- mod::ssl fails on SLES +- fix typo of MPM_PREFORK for FreeBSD package install +- install all modules before adding custom configs +- fix acceptance testing for SSLProtocol behaviour for real +- fix ordering issue with conf_file and ports_file + +#### Known Issues +- mod_passenger is having issues installing on Redhat/Centos 6, This is due to package dependency issues. + +#### Improvements +- added docs for forcetype directive +- removes ruby 1.8.7 from the travisci test matrix +- readme reorganisation, minor fixups +- support the mod_proxy ProxyPassReverseCookiePath directive +- the purge_vhost_configs parameter is actually called purge_vhost_dir +- add ListenBacklog for mod worker +- deflate application/json by default +- install mod_authn_alias as default mod in debian for apache < 2.4 +- optionally set LimitRequestFieldSize on an apache::vhost +- add SecUploadDir parameter to support file uploads with mod_security +- optionally set parameters for mod_ext_filter module +- allow SetOutputFilter to be set on a directory +- RC4 is deprecated +- allow empty docroot +- add option to configure the include pattern for the vhost_enable dir +- allow multiple IP addresses per vhost +- default document root update for Ubuntu 14.04 and Debian 8 + +## 2015-07-28 - Supported Release 1.6.0 +### Summary +This release includes a couple of new features, along with test and documentation updates, and support for the latest AIO puppet builds. + +#### Features +- Add `scan_proxy_header_field` parameter to `apache::mod::geoip` +- Add `ssl_openssl_conf_cmd` parameter to `apache::vhost` and `apache::mod::ssl` +- Add `filters` parameter to `apache::vhost` + +#### Bugfixes +- Test updates +- Do not use systemd on Amazon Linux +- Add missing docs for `timeout` parameter (MODULES-2148) + +## 2015-06-11 - Supported Release 1.5.0 +### Summary +This release primarily adds Suse compatibility. It also adds a handful of other +parameters for greater configuration control. + +#### Features +- Add `apache::lib_path` parameter +- Add `apache::service_restart` parameter +- Add `apache::vhost::geoip_enable` parameter +- Add `apache::mod::geoip` class +- Add `apache::mod::remoteip` class +- Add parameters to `apache::mod::expires` class +- Add `index_style_sheet` handling to `apache::vhost::directories` +- Add some compatibility for SLES 11 +- Add `apache::mod::ssl::ssl_sessioncachetimeout` parameter +- Add `apache::mod::ssl::ssl_cryptodevice` parameter +- Add `apache::mod::ssl::ssl_honorcipherorder` parameter +- Add `apache::mod::userdir::options` parameter + +#### Bugfixes +- Document `apache::user` parameter +- Document `apache::group` parameter +- Fix apache::dev on FreeBSD +- Fix proxy\_connect on apache >= 2.2 +- Validate log levels better +- Fix `apache::apache_name` for package and vhost +- Fix Debian Jessie mod\_prefork package name +- Fix alias module being declared even when vhost is absent +- Fix proxy\_pass\_match handling in vhost's proxy template +- Fix userdir access permissions +- Fix issue where the module was trying to use systemd on Amazon Linux. + +## 2015-04-28 - Supported Release 1.4.1 + +This release corrects a metadata issue that has been present since release 1.2.0. The refactoring of `apache::vhost` to use `puppetlabs-concat` requires a version of concat newer than the version required in PE. If you are using PE 3.3.0 or earlier you will need to use version 1.1.1 or earlier of the `puppetlabs-apache` module. + +## 2015-03-17 - Supported Release 1.4.0 +###Summary + +This release fixes the issue where the docroot was still managed even if the default vhosts were disabled and has many other features and bugfixes including improved support for 'deny' and 'require' as arrays in the 'directories' parameter under `apache::vhost` + +#### Features +- New parameters to `apache` + - `default_charset` + - `default_type` +- New parameters to `apache::vhost` + - `proxy_error_override` + - `passenger_app_env` (MODULES-1776) + - `proxy_dest_match` + - `proxy_dest_reverse_match` + - `proxy_pass_match` + - `no_proxy_uris_match` +- New parameters to `apache::mod::passenger` + - `passenger_app_env` + - `passenger_min_instances` +- New parameter to `apache::mod::alias` + - `icons_options` +- New classes added under `apache::mod::*` + - `authn_file` + - `authz_default` + - `authz_user` +- Added support for 'deny' as an array in 'directories' under `apache::vhost` +- Added support for RewriteMap +- Improved support for FreeBSD. (Note: If using apache < 2.4.12, see the discussion [here](https://github.com/puppetlabs/puppetlabs-apache/pull/1030)) +- Added check for deprecated options in directories and fail when they are unsupported +- Added gentoo compatibility +- Added proper array support for `require` in the `directories` parameter in `apache::vhost` +- Added support for `setenv` inside proxy locations + +### Bugfixes +- Fix issue in `apache::vhost` that was preventing the scriptalias fragment from being included (MODULES-1784) +- Install required `mod_ldap` package for EL7 (MODULES-1779) +- Change default value of `maxrequestworkers` in `apache::mod::event` to be a multiple of the default `ThreadsPerChild` of 25. +- Use the correct `mod_prefork` package name for trusty and jessie +- Don't manage docroot when default vhosts are disabled +- Ensure resources notify `Class['Apache::Service']` instead of `Service['httpd']` (MODULES-1829) +- Change the loadfile name for `mod_passenger` so `mod_proxy` will load by default before `mod_passenger` +- Remove old Debian work-around that removed `passenger_extra.conf` + +## 2015-02-17 - Supported Release 1.3.0 +### Summary + +This release has many new features and bugfixes, including the ability to optionally not trigger service restarts on config changes. + +#### Features +- New parameters - `apache` + - `service_manage` + - `use_optional_includes` +- New parameters - `apache::service` + - `service_manage` +- New parameters - `apache::vhost` + - `access_logs` + - `php_flags` + - `php_values` + - `modsec_disable_vhost` + - `modsec_disable_ids` + - `modsec_disable_ips` + - `modsec_body_limit` +- Improved FreeBSD support +- Add ability to omit priority prefix if `$priority` is set to false +- Add `apache::security::rule_link` define +- Improvements to `apache::mod::*` + - Add `apache::mod::auth_cas` class + - Add `threadlimit`, `listenbacklog`, `maxrequestworkers`, `maxconnectionsperchild` parameters to `apache::mod::event` + - Add `apache::mod::filter` class + - Add `root_group` to `apache::mod::php` + - Add `apache::mod::proxy_connect` class + - Add `apache::mod::security` class + - Add `ssl_pass_phrase_dialog` and `ssl_random_seed_bytes parameters to `apache::mod::ssl` (MODULES-1719) + - Add `status_path` parameter to `apache::mod::status` + - Add `apache_version` parameter to `apache::mod::version` + - Add `package_name` and `mod_path` parameters to `apache::mod::wsgi` (MODULES-1458) +- Improved SCL support + - Add support for specifying the docroot +- Updated `_directories.erb` to add support for SetEnv +- Support multiple access log directives (MODULES-1382) +- Add passenger support for Debian Jessie +- Add support for not having puppet restart the apache service (MODULES-1559) + +#### Bugfixes +- For apache 2.4 `mod_itk` requires `mod_prefork` (MODULES-825) +- Allow SSLCACertificatePath to be unset in `apache::vhost` (MODULES-1457) +- Load fcgid after unixd on RHEL7 +- Allow disabling default vhost for Apache 2.4 +- Test fixes +- `mod_version` is now built-in (MODULES-1446) +- Sort LogFormats for idempotency +- `allow_encoded_slashes` was omitted from `apache::vhost` +- Fix documentation bug (MODULES-1403, MODULES-1510) +- Sort `wsgi_script_aliases` for idempotency (MODULES-1384) +- lint fixes +- Fix automatic version detection for Debian Jessie +- Fix error docs and icons path for RHEL7-based systems (MODULES-1554) +- Sort php_* hashes for idempotency (MODULES-1680) +- Ensure `mod::setenvif` is included if needed (MODULES-1696) +- Fix indentation in `vhost/_directories.erb` template (MODULES-1688) +- Create symlinks on all distros if `vhost_enable_dir` is specified + +## 2014-09-30 - Supported Release 1.2.0 +### Summary + +This release features many improvements and bugfixes, including several new defines, a reworking of apache::vhost for more extensibility, and many new parameters for more customization. This release also includes improved support for strict variables and the future parser. + +#### Features +- Convert apache::vhost to use concat for easier extensions +- Test improvements +- Synchronize files with modulesync +- Strict variable and future parser support +- Added apache::custom_config defined type to allow validation of configs before they are created +- Added bool2httpd function to convert true/false to apache 'On' and 'Off'. Intended for internal use in the module. +- Improved SCL support + - allow overriding of the mod_ssl package name +- Add support for reverse_urls/ProxyPassReverse in apache::vhost +- Add satisfy directive in apache::vhost::directories +- Add apache::fastcgi::server defined type +- New parameters - apache + - allow_encoded_slashes + - apache_name + - conf_dir + - default_ssl_crl_check + - docroot + - logroot_mode + - purge_vhost_dir +- New parameters - apache::vhost + - add_default_charset + - allow_encoded_slashes + - logroot_ensure + - logroot_mode + - manage_docroot + - passenger_app_root + - passenger_min_instances + - passenger_pre_start + - passenger_ruby + - passenger_start_timeout + - proxy_preserve_host + - redirectmatch_dest + - ssl_crl_check + - wsgi_chunked_request + - wsgi_pass_authorization +- Add support for ScriptAlias and ScriptAliasMatch in the apache::vhost::aliases parameter +- Add support for rewrites in the apache::vhost::directories parameter +- If the service_ensure parameter in apache::service is set to anything other than true, false, running, or stopped, ensure will not be passed to the service resource, allowing for the service to not be managed by puppet +- Turn of SSLv3 by default +- Improvements to apache::mod* + - Add restrict_access parameter to apache::mod::info + - Add force_language_priority and language_priority parameters to apache::mod::negotiation + - Add threadlimit parameter to apache::mod::worker + - Add content, template, and source parameters to apache::mod::php + - Add mod_authz_svn support via the authz_svn_enabled parameter in apache::mod::dav_svn + - Add loadfile_name parameter to apache::mod + - Add apache::mod::deflate class + - Add options parameter to apache::mod::fcgid + - Add timeouts parameter to apache::mod::reqtimeout + - Add apache::mod::shib + - Add apache_version parameter to apache::mod::ldap + - Add magic_file parameter to apache::mod::mime_magic + - Add apache_version parameter to apache::mod::pagespeed + - Add passenger_default_ruby parameter to apache::mod::passenger + - Add content, template, and source parameters to apache::mod::php + - Add apache_version parameter to apache::mod::proxy + - Add loadfiles parameter to apache::mod::proxy_html + - Add ssl_protocol and package_name parameters to apache::mod::ssl + - Add apache_version parameter to apache::mod::status + - Add apache_version parameter to apache::mod::userdir + - Add apache::mod::version class + +#### Bugfixes +- Set osfamily defaults for wsgi_socket_prefix +- Support multiple balancermembers with the same url +- Validate apache::vhost::custom_fragment +- Add support for itk with mod_php +- Allow apache::vhost::ssl_certs_dir to not be set +- Improved passenger support for Debian +- Improved 2.4 support without mod_access_compat +- Support for more than one 'Allow from'-directive in _directories.erb +- Don't load systemd on Amazon linux based on CentOS6 with apache 2.4 +- Fix missing newline in ModPagespeed filter and memcached servers directive +- Use interpolated strings instead of numbers where required by future parser +- Make auth_require take precedence over default with apache 2.4 +- Lint fixes +- Set default for php_admin_flags and php_admin_values to be empty hash instead of empty array +- Correct typo in mod::pagespeed +- spec_helper fixes +- Install mod packages before dealing with the configuration +- Use absolute scope to check class definition in apache::mod::php +- Fix dependency loop in apache::vhost +- Properly scope variables in the inline template in apache::balancer +- Documentation clarification, typos, and formatting +- Set apache::mod::ssl::ssl_mutex to default for debian on apache >= 2.4 +- Strict variables fixes +- Add authn_core mode to Ubuntu trusty defaults +- Keep default loadfile for authz_svn on Debian +- Remove '.conf' from the site-include regexp for better Ubuntu/Debian support +- Load unixd before fcgid for EL7 +- Fix RedirectMatch rules +- Fix misleading error message in apache::version + +#### Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + +## 2014-07-15 - Supported Release 1.1.1 +### Summary + +This release merely updates metadata.json so the module can be uninstalled and +upgraded via the puppet module command. + +## 2014-04-14 Supported Release 1.1.0 + +### Summary + +This release primarily focuses on extending the httpd 2.4 support, tested +through adding RHEL7 and Ubuntu 14.04 support. It also includes Passenger +4 support, as well as several new modules and important bugfixes. + +#### Features + +- Add support for RHEL7 and Ubuntu 14.04 +- More complete apache24 support +- Passenger 4 support +- Add support for max_keepalive_requests and log_formats parameters +- Add mod_pagespeed support +- Add mod_speling support +- Added several parameters for mod_passenger +- Added ssl_cipher parameter to apache::mod::ssl +- Improved examples in documentation +- Added docroot_mode, action, and suexec_user_group parameters to apache::vhost +- Add support for custom extensions for mod_php +- Improve proxy_html support for Debian + +#### Bugfixes + +- Remove NameVirtualHost directive for apache >= 2.4 +- Order proxy_set option so it doesn't change between runs +- Fix inverted SSL compression +- Fix missing ensure on concat::fragment resources +- Fix bad dependencies in apache::mod and apache::mod::mime + +#### Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + +## 2014-03-04 Supported Release 1.0.1 +### Summary + +This is a supported release. This release removes a testing symlink that can +cause trouble on systems where /var is on a seperate filesystem from the +modulepath. + +#### Features +#### Bugfixes +#### Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + +## 2014-03-04 Supported Release 1.0.0 +### Summary + +This is a supported release. This release introduces Apache 2.4 support for +Debian and RHEL based osfamilies. + +#### Features + +- Add apache24 support +- Add rewrite_base functionality to rewrites +- Updated README documentation +- Add WSGIApplicationGroup and WSGIImportScript directives + +#### Bugfixes + +- Replace mutating hashes with merge() for Puppet 3.5 +- Fix WSGI import_script and mod_ssl issues on Lucid + +#### Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + +--- + +## 2014-01-31 Release 0.11.0 +### Summary: + +This release adds preliminary support for Windows compatibility and multiple rewrite support. + +#### Backwards-incompatible Changes: + +- The rewrite_rule parameter is deprecated in favor of the new rewrite parameter + and will be removed in a future release. + +#### Features: + +- add Match directive +- quote paths for windows compatibility +- add auth_group_file option to README.md +- allow AuthGroupFile directive for vhosts +- Support Header directives in vhost context +- Don't purge mods-available dir when separate enable dir is used +- Fix the servername used in log file name +- Added support for mod_include +- Remove index parameters. +- Support environment variable control for CustomLog +- added redirectmatch support +- Setting up the ability to do multiple rewrites and conditions. +- Convert spec tests to beaker. +- Support php_admin_(flag|value)s + +#### Bugfixes: + +- directories are either a Hash or an Array of Hashes +- Configure Passenger in separate .conf file on RH so PassengerRoot isn't lost +- (docs) Update list of `apache::mod::[name]` classes +- (docs) Fix apache::namevirtualhost example call style +- Fix $ports_file reference in apache::listen. +- Fix $ports_file reference in Namevirtualhost. + + +## 2013-12-05 Release 0.10.0 +### Summary: + +This release adds FreeBSD osfamily support and various other improvements to some mods. + +#### Features: + +- Add suPHP_UserGroup directive to directory context +- Add support for ScriptAliasMatch directives +- Set SSLOptions StdEnvVars in server context +- No implicit entry for ScriptAlias path +- Add support for overriding ErrorDocument +- Add support for AliasMatch directives +- Disable default "allow from all" in vhost-directories +- Add WSGIPythonPath as an optional parameter to mod_wsgi. +- Add mod_rpaf support +- Add directives: IndexOptions, IndexOrderDefault +- Add ability to include additional external configurations in vhost +- need to use the provider variable not the provider key value from the directory hash for matches +- Support for FreeBSD and few other features +- Add new params to apache::mod::mime class +- Allow apache::mod to specify module id and path +- added $server_root parameter +- Add Allow and ExtendedStatus support to mod_status +- Expand vhost/_directories.pp directive support +- Add initial support for nss module (no directives in vhost template yet) +- added peruser and event mpms +- added $service_name parameter +- add parameter for TraceEnable +- Make LogLevel configurable for server and vhost +- Add documentation about $ip +- Add ability to pass ip (instead of wildcard) in default vhost files + +#### Bugfixes: + +- Don't listen on port or set NameVirtualHost for non-existent vhost +- only apply Directory defaults when provider is a directory +- Working mod_authnz_ldap support on Debian/Ubuntu + +## 2013-09-06 Release 0.9.0 +### Summary: +This release adds more parameters to the base apache class and apache defined +resource to make the module more flexible. It also adds or enhances SuPHP, +WSGI, and Passenger mod support, and support for the ITK mpm module. + +#### Backwards-incompatible Changes: +- Remove many default mods that are not normally needed. +- Remove `rewrite_base` `apache::vhost` parameter; did not work anyway. +- Specify dependencies on stdlib >=2.4.0 (this was already the case, but +making explicit) +- Deprecate `a2mod` in favor of the `apache::mod::*` classes and `apache::mod` +defined resource. + +#### Features: +- `apache` class + - Add `httpd_dir` parameter to change the location of the configuration + files. + - Add `logroot` parameter to change the logroot + - Add `ports_file` parameter to changes the `ports.conf` file location + - Add `keepalive` parameter to enable persistent connections + - Add `keepalive_timeout` parameter to change the timeout + - Update `default_mods` to be able to take an array of mods to enable. +- `apache::vhost` + - Add `wsgi_daemon_process`, `wsgi_daemon_process_options`, + `wsgi_process_group`, and `wsgi_script_aliases` parameters for per-vhost + WSGI configuration. + - Add `access_log_syslog` parameter to enable syslogging. + - Add `error_log_syslog` parameter to enable syslogging of errors. + - Add `directories` hash parameter. Please see README for documentation. + - Add `sslproxyengine` parameter to enable SSLProxyEngine + - Add `suphp_addhandler`, `suphp_engine`, and `suphp_configpath` for + configuring SuPHP. + - Add `custom_fragment` parameter to allow for arbitrary apache + configuration injection. (Feature pull requests are prefered over using + this, but it is available in a pinch.) +- Add `apache::mod::suphp` class for configuring SuPHP. +- Add `apache::mod::itk` class for configuring ITK mpm module. +- Update `apache::mod::wsgi` class for global WSGI configuration with +`wsgi_socket_prefix` and `wsgi_python_home` parameters. +- Add README.passenger.md to document the `apache::mod::passenger` usage. +Added `passenger_high_performance`, `passenger_pool_idle_time`, +`passenger_max_requests`, `passenger_stat_throttle_rate`, `rack_autodetect`, +and `rails_autodetect` parameters. +- Separate the httpd service resource into a new `apache::service` class for +dependency chaining of `Class['apache'] -> ~> +Class['apache::service']` +- Added `apache::mod::proxy_balancer` class for `apache::balancer` + +#### Bugfixes: +- Change dependency to puppetlabs-concat +- Fix ruby 1.9 bug for `a2mod` +- Change servername to be `$::hostname` if there is no `$::fqdn` +- Make `/etc/ssl/certs` the default ssl certs directory for RedHat non-5. +- Make `php` the default php package for RedHat non-5. +- Made `aliases` able to take a single alias hash instead of requiring an +array. + +## 2013-07-26 Release 0.8.1 +#### Bugfixes: +- Update `apache::mpm_module` detection for worker/prefork +- Update `apache::mod::cgi` and `apache::mod::cgid` detection for +worker/prefork + +## 2013-07-16 Release 0.8.0 +#### Features: +- Add `servername` parameter to `apache` class +- Add `proxy_set` parameter to `apache::balancer` define + +#### Bugfixes: +- Fix ordering for multiple `apache::balancer` clusters +- Fix symlinking for sites-available on Debian-based OSs +- Fix dependency ordering for recursive confdir management +- Fix `apache::mod::*` to notify the service on config change +- Documentation updates + +## 2013-07-09 Release 0.7.0 +#### Changes: +- Essentially rewrite the module -- too many to list +- `apache::vhost` has many abilities -- see README.md for details +- `apache::mod::*` classes provide httpd mod-loading capabilities +- `apache` base class is much more configurable + +#### Bugfixes: +- Many. And many more to come + +## 2013-03-2 Release 0.6.0 +- update travis tests (add more supported versions) +- add access log_parameter +- make purging of vhost dir configurable + +## 2012-08-24 Release 0.4.0 +#### Changes: +- `include apache` is now required when using `apache::mod::*` + +#### Bugfixes: +- Fix syntax for validate_re +- Fix formatting in vhost template +- Fix spec tests such that they pass + +## 2012-05-08 Puppet Labs - 0.0.4 +* e62e362 Fix broken tests for ssl, vhost, vhost::* +* 42c6363 Changes to match style guide and pass puppet-lint without error +* 42bc8ba changed name => path for file resources in order to name namevar by it's name +* 72e13de One end too much +* 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. +* 273f94d fix tests +* a35ede5 (#13860) Make a2enmod/a2dismo commands optional +* 98d774e (#13860) Autorequire Package['httpd'] +* 05fcec5 (#13073) Add missing puppet spec tests +* 541afda (#6899) Remove virtual a2mod definition +* 976cb69 (#13072) Move mod python and wsgi package names to params +* 323915a (#13060) Add .gitignore to repo +* fdf40af (#13060) Remove pkg directory from source tree +* fd90015 Add LICENSE file and update the ModuleFile +* d3d0d23 Re-enable local php class +* d7516c7 Make management of firewalls configurable for vhosts +* 60f83ba Explicitly lookup scope of apache_name in templates. +* f4d287f (#12581) Add explicit ordering for vdir directory +* 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall +* a776a8b (#11071) Fix to work with latest firewall module +* 2b79e8b (#11070) Add support for Scientific Linux +* 405b3e9 Fix for a2mod +* 57b9048 Commit apache::vhost::redirect Manifest +* 8862d01 Commit apache::vhost::proxy Manifest +* d5c1fd0 Commit apache::mod::wsgi Manifest +* a825ac7 Commit apache::mod::python Manifest +* b77062f Commit Templates +* 9a51b4a Vhost File Declarations +* 6cf7312 Defaults for Parameters +* 6a5b11a Ensure installed +* f672e46 a2mod fix +* 8a56ee9 add pthon support to apache diff --git a/modules/services/unix/http/apache/module/apache/CONTRIBUTING.md b/modules/services/unix/http/apache/module/apache/CONTRIBUTING.md new file mode 100644 index 000000000..f1cbde4bb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/CONTRIBUTING.md @@ -0,0 +1,220 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 3. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% rake spec_clean +% rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://puppetlabs.com/community/get-help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/modules/services/unix/http/apache/module/apache/examples/apache.pp b/modules/services/unix/http/apache/module/apache/examples/apache.pp new file mode 100644 index 000000000..cb69b3609 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/apache.pp @@ -0,0 +1,7 @@ +include apache +include apache::mod::php +include apache::mod::cgi +include apache::mod::userdir +include apache::mod::disk_cache +include apache::mod::proxy_http + diff --git a/modules/services/unix/http/apache/module/apache/examples/dev.pp b/modules/services/unix/http/apache/module/apache/examples/dev.pp new file mode 100644 index 000000000..6c4f95571 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/dev.pp @@ -0,0 +1 @@ +include apache::mod::dev diff --git a/modules/services/unix/http/apache/module/apache/examples/init.pp b/modules/services/unix/http/apache/module/apache/examples/init.pp new file mode 100644 index 000000000..b3f9f13aa --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/init.pp @@ -0,0 +1 @@ +include apache diff --git a/modules/services/unix/http/apache/module/apache/examples/mod_load_params.pp b/modules/services/unix/http/apache/module/apache/examples/mod_load_params.pp new file mode 100644 index 000000000..0e84c5efb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/mod_load_params.pp @@ -0,0 +1,11 @@ +# Tests the path and identifier parameters for the apache::mod class + +# Base class for clarity: +class { 'apache': } + + +# Exaple parameter usage: +apache::mod { 'testmod': + path => '/usr/some/path/mod_testmod.so', + id => 'testmod_custom_name', +} diff --git a/modules/services/unix/http/apache/module/apache/examples/mods.pp b/modules/services/unix/http/apache/module/apache/examples/mods.pp new file mode 100644 index 000000000..59362bd9a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/mods.pp @@ -0,0 +1,9 @@ +## Default mods + +# Base class. Declares default vhost on port 80 and default ssl +# vhost on port 443 listening on all interfaces and serving +# $apache::docroot, and declaring our default set of modules. +class { 'apache': + default_mods => true, +} + diff --git a/modules/services/unix/http/apache/module/apache/examples/mods_custom.pp b/modules/services/unix/http/apache/module/apache/examples/mods_custom.pp new file mode 100644 index 000000000..0ae699c73 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/mods_custom.pp @@ -0,0 +1,16 @@ +## custom mods + +# Base class. Declares default vhost on port 80 and default ssl +# vhost on port 443 listening on all interfaces and serving +# $apache::docroot, and declaring a custom set of modules. +class { 'apache': + default_mods => [ + 'info', + 'alias', + 'mime', + 'env', + 'setenv', + 'expires', + ], +} + diff --git a/modules/services/unix/http/apache/module/apache/examples/php.pp b/modules/services/unix/http/apache/module/apache/examples/php.pp new file mode 100644 index 000000000..1d926bfb4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/php.pp @@ -0,0 +1,4 @@ +class { 'apache': + mpm_module => 'prefork', +} +include apache::mod::php diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost.pp b/modules/services/unix/http/apache/module/apache/examples/vhost.pp new file mode 100644 index 000000000..0cf8da75c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost.pp @@ -0,0 +1,261 @@ +## Default vhosts, and custom vhosts +# NB: Please see the other vhost_*.pp example files for further +# examples. + +# Base class. Declares default vhost on port 80 and default ssl +# vhost on port 443 listening on all interfaces and serving +# $apache::docroot +class { 'apache': } + +# Most basic vhost +apache::vhost { 'first.example.com': + port => '80', + docroot => '/var/www/first', +} + +# Vhost with different docroot owner/group/mode +apache::vhost { 'second.example.com': + port => '80', + docroot => '/var/www/second', + docroot_owner => 'third', + docroot_group => 'third', + docroot_mode => '0770', +} + +# Vhost with serveradmin +apache::vhost { 'third.example.com': + port => '80', + docroot => '/var/www/third', + serveradmin => 'admin@example.com', +} + +# Vhost with ssl (uses default ssl certs) +apache::vhost { 'ssl.example.com': + port => '443', + docroot => '/var/www/ssl', + ssl => true, +} + +# Vhost with ssl and specific ssl certs +apache::vhost { 'fourth.example.com': + port => '443', + docroot => '/var/www/fourth', + ssl => true, + ssl_cert => '/etc/ssl/fourth.example.com.cert', + ssl_key => '/etc/ssl/fourth.example.com.key', +} + +# Vhost with english title and servername parameter +apache::vhost { 'The fifth vhost': + servername => 'fifth.example.com', + port => '80', + docroot => '/var/www/fifth', +} + +# Vhost with server aliases +apache::vhost { 'sixth.example.com': + serveraliases => [ + 'sixth.example.org', + 'sixth.example.net', + ], + port => '80', + docroot => '/var/www/fifth', +} + +# Vhost with alternate options +apache::vhost { 'seventh.example.com': + port => '80', + docroot => '/var/www/seventh', + options => [ + 'Indexes', + 'MultiViews', + ], +} + +# Vhost with AllowOverride for .htaccess +apache::vhost { 'eighth.example.com': + port => '80', + docroot => '/var/www/eighth', + override => 'All', +} + +# Vhost with access and error logs disabled +apache::vhost { 'ninth.example.com': + port => '80', + docroot => '/var/www/ninth', + access_log => false, + error_log => false, +} + +# Vhost with custom access and error logs and logroot +apache::vhost { 'tenth.example.com': + port => '80', + docroot => '/var/www/tenth', + access_log_file => 'tenth_vhost.log', + error_log_file => 'tenth_vhost_error.log', + logroot => '/var/log', +} + +# Vhost with a cgi-bin +apache::vhost { 'eleventh.example.com': + port => '80', + docroot => '/var/www/eleventh', + scriptalias => '/usr/lib/cgi-bin', +} + +# Vhost with a proxypass configuration +apache::vhost { 'twelfth.example.com': + port => '80', + docroot => '/var/www/twelfth', + proxy_dest => 'http://internal.example.com:8080/twelfth', + no_proxy_uris => ['/login','/logout'], +} + +# Vhost to redirect /login and /logout +apache::vhost { 'thirteenth.example.com': + port => '80', + docroot => '/var/www/thirteenth', + redirect_source => [ + '/login', + '/logout', + ], + redirect_dest => [ + 'http://10.0.0.10/login', + 'http://10.0.0.10/logout', + ], +} + +# Vhost to permamently redirect +apache::vhost { 'fourteenth.example.com': + port => '80', + docroot => '/var/www/fourteenth', + redirect_source => '/blog', + redirect_dest => 'http://blog.example.com', + redirect_status => 'permanent', +} + +# Vhost with a rack configuration +apache::vhost { 'fifteenth.example.com': + port => '80', + docroot => '/var/www/fifteenth', + rack_base_uris => ['/rackapp1', '/rackapp2'], +} + + +# Vhost to redirect non-ssl to ssl +apache::vhost { 'sixteenth.example.com non-ssl': + servername => 'sixteenth.example.com', + port => '80', + docroot => '/var/www/sixteenth', + rewrites => [ + { + comment => 'redirect non-SSL traffic to SSL site', + rewrite_cond => ['%{HTTPS} off'], + rewrite_rule => ['(.*) https://%{HTTPS_HOST}%{REQUEST_URI}'], + } + ] +} + +# Rewrite a URL to lower case +apache::vhost { 'sixteenth.example.com non-ssl': + servername => 'sixteenth.example.com', + port => '80', + docroot => '/var/www/sixteenth', + rewrites => [ + { comment => 'Rewrite to lower case', + rewrite_cond => ['%{REQUEST_URI} [A-Z]'], + rewrite_map => ['lc int:tolower'], + rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'], + } + ] +} + +apache::vhost { 'sixteenth.example.com ssl': + servername => 'sixteenth.example.com', + port => '443', + docroot => '/var/www/sixteenth', + ssl => true, +} + +# Vhost to redirect non-ssl to ssl using old rewrite method +apache::vhost { 'sixteenth.example.com non-ssl old rewrite': + servername => 'sixteenth.example.com', + port => '80', + docroot => '/var/www/sixteenth', + rewrite_cond => '%{HTTPS} off', + rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}', +} +apache::vhost { 'sixteenth.example.com ssl old rewrite': + servername => 'sixteenth.example.com', + port => '443', + docroot => '/var/www/sixteenth', + ssl => true, +} + +# Vhost to block repository files +apache::vhost { 'seventeenth.example.com': + port => '80', + docroot => '/var/www/seventeenth', + block => 'scm', +} + +# Vhost with special environment variables +apache::vhost { 'eighteenth.example.com': + port => '80', + docroot => '/var/www/eighteenth', + setenv => ['SPECIAL_PATH /foo/bin','KILROY was_here'], +} + +apache::vhost { 'nineteenth.example.com': + port => '80', + docroot => '/var/www/nineteenth', + setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1', +} + +# Vhost with additional include files +apache::vhost { 'twentyieth.example.com': + port => '80', + docroot => '/var/www/twelfth', + additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'], +} + +# Vhost with alias for subdomain mapped to same named directory +# http://example.com.loc => /var/www/example.com +apache::vhost { 'subdomain.loc': + vhost_name => '*', + port => '80', + virtual_docroot => '/var/www/%-2+', + docroot => '/var/www', + serveraliases => ['*.loc',], +} + +# Vhost with SSLProtocol,SSLCipherSuite, SSLHonorCipherOrder +apache::vhost { 'securedomain.com': + priority => '10', + vhost_name => 'www.securedomain.com', + port => '443', + docroot => '/var/www/secure', + ssl => true, + ssl_cert => '/etc/ssl/securedomain.cert', + ssl_key => '/etc/ssl/securedomain.key', + ssl_chain => '/etc/ssl/securedomain.crt', + ssl_protocol => '-ALL +SSLv3 +TLSv1', + ssl_cipher => 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM', + ssl_honorcipherorder => 'On', + add_listen => false, +} + +# Vhost with access log environment variables writing control +apache::vhost { 'twentyfirst.example.com': + port => '80', + docroot => '/var/www/twentyfirst', + access_log_env_var => 'admin', +} + +# Vhost with a passenger_base configuration +apache::vhost { 'twentysecond.example.com': + port => '80', + docroot => '/var/www/twentysecond', + rack_base_uris => ['/passengerapp1', '/passengerapp2'], +} + diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost_directories.pp b/modules/services/unix/http/apache/module/apache/examples/vhost_directories.pp new file mode 100644 index 000000000..b8953ee32 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost_directories.pp @@ -0,0 +1,44 @@ +# Base class. Declares default vhost on port 80 and default ssl +# vhost on port 443 listening on all interfaces and serving +# $apache::docroot +class { 'apache': } + +# Example from README adapted. +apache::vhost { 'readme.example.net': + docroot => '/var/www/readme', + directories => [ + { + 'path' => '/var/www/readme', + 'ServerTokens' => 'prod' , + }, + { + 'path' => '/usr/share/empty', + 'allow' => 'from all', + }, + ], +} + +# location test +apache::vhost { 'location.example.net': + docroot => '/var/www/location', + directories => [ + { + 'path' => '/location', + 'provider' => 'location', + 'ServerTokens' => 'prod' + }, + ], +} + +# files test, curedly disable access to accidental backup files. +apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { + 'path' => '(\.swp|\.bak|~)$', + 'provider' => 'filesmatch', + 'deny' => 'from all' + }, + ], +} + diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost_filter.pp b/modules/services/unix/http/apache/module/apache/examples/vhost_filter.pp new file mode 100644 index 000000000..ca1a8bbe0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost_filter.pp @@ -0,0 +1,17 @@ +# Base class. Declares default vhost on port 80 with filters. +class { 'apache': } + +# Example from README adapted. +apache::vhost { 'readme.example.net': + docroot => '/var/www/html', + filters => [ + 'FilterDeclare COMPRESS', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml', + 'FilterChain COMPRESS', + 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', + ], +} + diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost_ip_based.pp b/modules/services/unix/http/apache/module/apache/examples/vhost_ip_based.pp new file mode 100644 index 000000000..dc0fa4f33 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost_ip_based.pp @@ -0,0 +1,25 @@ +## IP-based vhosts on any listen port +# IP-based vhosts respond to requests on specific IP addresses. + +# Base class. Turn off the default vhosts; we will be declaring +# all vhosts below. +class { 'apache': + default_vhost => false, +} + +# Listen on port 80 and 81; required because the following vhosts +# are not declared with a port parameter. +apache::listen { '80': } +apache::listen { '81': } + +# IP-based vhosts +apache::vhost { 'first.example.com': + ip => '10.0.0.10', + docroot => '/var/www/first', + ip_based => true, +} +apache::vhost { 'second.example.com': + ip => '10.0.0.11', + docroot => '/var/www/second', + ip_based => true, +} diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost_proxypass.pp b/modules/services/unix/http/apache/module/apache/examples/vhost_proxypass.pp new file mode 100644 index 000000000..e911f85f9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost_proxypass.pp @@ -0,0 +1,66 @@ +## vhost with proxyPass directive +# NB: Please see the other vhost_*.pp example files for further +# examples. + +# Base class. Declares default vhost on port 80 and default ssl +# vhost on port 443 listening on all interfaces and serving +# $apache::docroot +class { 'apache': } + +# Most basic vhost with proxy_pass +apache::vhost { 'first.example.com': + port => 80, + docroot => '/var/www/first', + proxy_pass => [ + { + 'path' => '/first', + 'url' => 'http://localhost:8080/first' + }, + ], +} + +# vhost with proxy_pass and parameters +apache::vhost { 'second.example.com': + port => 80, + docroot => '/var/www/second', + proxy_pass => [ + { + 'path' => '/second', + 'url' => 'http://localhost:8080/second', + 'params' => { + 'retry' => '0', + 'timeout' => '5' + } + }, + ], +} + +# vhost with proxy_pass and keywords +apache::vhost { 'third.example.com': + port => 80, + docroot => '/var/www/third', + proxy_pass => [ + { + 'path' => '/third', + 'url' => 'http://localhost:8080/third', + 'keywords' => ['noquery', 'interpolate'] + }, + ], +} + +# vhost with proxy_pass, parameters and keywords +apache::vhost { 'fourth.example.com': + port => 80, + docroot => '/var/www/fourth', + proxy_pass => [ + { + 'path' => '/fourth', + 'url' => 'http://localhost:8080/fourth', + 'params' => { + 'retry' => '0', + 'timeout' => '5' + }, + 'keywords' => ['noquery', 'interpolate'] + }, + ], +} diff --git a/modules/services/unix/http/apache/module/apache/examples/vhost_ssl.pp b/modules/services/unix/http/apache/module/apache/examples/vhost_ssl.pp new file mode 100644 index 000000000..8e7a2b279 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhost_ssl.pp @@ -0,0 +1,23 @@ +## SSL-enabled vhosts +# SSL-enabled vhosts respond only to HTTPS queries. + +# Base class. Turn off the default vhosts; we will be declaring +# all vhosts below. +class { 'apache': + default_vhost => false, +} + +# Non-ssl vhost +apache::vhost { 'first.example.com non-ssl': + servername => 'first.example.com', + port => '80', + docroot => '/var/www/first', +} + +# SSL vhost at the same domain +apache::vhost { 'first.example.com ssl': + servername => 'first.example.com', + port => '443', + docroot => '/var/www/first', + ssl => true, +} diff --git a/modules/services/unix/http/apache/module/apache/examples/vhosts_without_listen.pp b/modules/services/unix/http/apache/module/apache/examples/vhosts_without_listen.pp new file mode 100644 index 000000000..e7d6cc036 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/examples/vhosts_without_listen.pp @@ -0,0 +1,53 @@ +## Declare ip-based and name-based vhosts +# Mixing Name-based vhost with IP-specific vhosts requires `add_listen => +# 'false'` on the non-IP vhosts + +# Base class. Turn off the default vhosts; we will be declaring +# all vhosts below. +class { 'apache': + default_vhost => false, +} + + +# Add two an IP-based vhost on 10.0.0.10, ssl and non-ssl +apache::vhost { 'The first IP-based vhost, non-ssl': + servername => 'first.example.com', + ip => '10.0.0.10', + port => '80', + ip_based => true, + docroot => '/var/www/first', +} +apache::vhost { 'The first IP-based vhost, ssl': + servername => 'first.example.com', + ip => '10.0.0.10', + port => '443', + ip_based => true, + docroot => '/var/www/first-ssl', + ssl => true, +} + +# Two name-based vhost listening on 10.0.0.20 +apache::vhost { 'second.example.com': + ip => '10.0.0.20', + port => '80', + docroot => '/var/www/second', +} +apache::vhost { 'third.example.com': + ip => '10.0.0.20', + port => '80', + docroot => '/var/www/third', +} + +# Two name-based vhosts without IPs specified, so that they will answer on either 10.0.0.10 or 10.0.0.20 . It is requried to declare +# `add_listen => 'false'` to disable declaring "Listen 80" which will conflict +# with the IP-based preceeding vhosts. +apache::vhost { 'fourth.example.com': + port => '80', + docroot => '/var/www/fourth', + add_listen => false, +} +apache::vhost { 'fifth.example.com': + port => '80', + docroot => '/var/www/fifth', + add_listen => false, +} diff --git a/modules/services/unix/http/apache/module/apache/files/httpd b/modules/services/unix/http/apache/module/apache/files/httpd new file mode 100644 index 000000000..d65a8d445 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/files/httpd @@ -0,0 +1,24 @@ +# Configuration file for the httpd service. + +# +# The default processing model (MPM) is the process-based +# 'prefork' model. A thread-based model, 'worker', is also +# available, but does not work with some modules (such as PHP). +# The service must be stopped before changing this variable. +# +#HTTPD=/usr/sbin/httpd.worker + +# +# To pass additional options (for instance, -D definitions) to the +# httpd binary at startup, set OPTIONS here. +# +#OPTIONS= +#OPTIONS=-DDOWN + +# +# By default, the httpd process is started in the C locale; to +# change the locale in which the server runs, the HTTPD_LANG +# variable can be set. +# +#HTTPD_LANG=C +export SHORTHOST=`hostname -s` diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/bool2httpd.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/bool2httpd.rb new file mode 100644 index 000000000..5fb79f6f5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/bool2httpd.rb @@ -0,0 +1,30 @@ +Puppet::Parser::Functions::newfunction(:bool2httpd, :type => :rvalue, :doc => <<-EOS +Transform a supposed boolean to On or Off. Pass all other values through. +Given a nil value (undef), bool2httpd will return 'Off' + +Example: + + $trace_enable = false + $server_signature = 'mail' + + bool2httpd($trace_enable) + # => 'Off' + bool2httpd($server_signature) + # => 'mail' + bool2httpd(undef) + # => 'Off' + +EOS +) do |args| + raise(Puppet::ParseError, "bool2httpd() wrong number of arguments. Given: #{args.size} for 1)") if args.size != 1 + + arg = args[0] + + if arg.nil? or arg == false or arg =~ /false/i or arg == :undef + return 'Off' + elsif arg == true or arg =~ /true/i + return 'On' + end + + return arg.to_s +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/enclose_ipv6.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/enclose_ipv6.rb new file mode 100644 index 000000000..80ffc3aca --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/enclose_ipv6.rb @@ -0,0 +1,45 @@ +# +# enclose_ipv6.rb +# + +module Puppet::Parser::Functions + newfunction(:enclose_ipv6, :type => :rvalue, :doc => <<-EOS +Takes an array of ip addresses and encloses the ipv6 addresses with square brackets. + EOS + ) do |arguments| + + require 'ipaddr' + + rescuable_exceptions = [ ArgumentError ] + if defined?(IPAddr::InvalidAddressError) + rescuable_exceptions << IPAddr::InvalidAddressError + end + + if (arguments.size != 1) then + raise(Puppet::ParseError, "enclose_ipv6(): Wrong number of arguments "+ + "given #{arguments.size} for 1") + end + unless arguments[0].is_a?(String) or arguments[0].is_a?(Array) then + raise(Puppet::ParseError, "enclose_ipv6(): Wrong argument type "+ + "given #{arguments[0].class} expected String or Array") + end + + input = [arguments[0]].flatten.compact + result = [] + + input.each do |val| + unless val == '*' + begin + ip = IPAddr.new(val) + rescue *rescuable_exceptions + raise(Puppet::ParseError, "enclose_ipv6(): Wrong argument "+ + "given #{val} is not an ip address.") + end + val = "[#{ip.to_s}]" if ip.ipv6? + end + result << val + end + + return result.uniq + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/validate_apache_log_level.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/validate_apache_log_level.rb new file mode 100644 index 000000000..8a1ade0be --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/parser/functions/validate_apache_log_level.rb @@ -0,0 +1,27 @@ +module Puppet::Parser::Functions + newfunction(:validate_apache_log_level, :doc => <<-'ENDHEREDOC') do |args| + Perform simple validation of a string against the list of known log + levels as per http://httpd.apache.org/docs/current/mod/core.html#loglevel + validate_apache_loglevel('info') + + Modules maybe specified with their own levels like these: + validate_apache_loglevel('warn ssl:info') + validate_apache_loglevel('warn mod_ssl.c:info') + validate_apache_loglevel('warn ssl_module:info') + + Expected to be used from the main or vhost. + + Might be used from directory too later as apaceh supports that + + ENDHEREDOC + if (args.size != 1) then + raise Puppet::ParseError, ("validate_apache_loglevel(): wrong number of arguments (#{args.length}; must be 1)") + end + + log_level = args[0] + msg = "Log level '${log_level}' is not one of the supported Apache HTTP Server log levels." + + raise Puppet::ParseError, (msg) unless log_level =~ Regexp.compile('(emerg|alert|crit|error|warn|notice|info|debug|trace[1-8])') + + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod.rb new file mode 100644 index 000000000..670aca3d0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod.rb @@ -0,0 +1,34 @@ +class Puppet::Provider::A2mod < Puppet::Provider + def self.prefetch(mods) + instances.each do |prov| + if mod = mods[prov.name] + mod.provider = prov + end + end + end + + def flush + @property_hash.clear + end + + def properties + if @property_hash.empty? + @property_hash = query || {:ensure => :absent} + @property_hash[:ensure] = :absent if @property_hash.empty? + end + @property_hash.dup + end + + def query + self.class.instances.each do |mod| + if mod.name == self.name or mod.name.downcase == self.name + return mod.properties + end + end + nil + end + + def exists? + properties[:ensure] != :absent + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/a2mod.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/a2mod.rb new file mode 100644 index 000000000..e257a579e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/a2mod.rb @@ -0,0 +1,35 @@ +require 'puppet/provider/a2mod' + +Puppet::Type.type(:a2mod).provide(:a2mod, :parent => Puppet::Provider::A2mod) do + desc "Manage Apache 2 modules on Debian and Ubuntu" + + optional_commands :encmd => "a2enmod" + optional_commands :discmd => "a2dismod" + commands :apache2ctl => "apache2ctl" + + confine :osfamily => :debian + defaultfor :operatingsystem => [:debian, :ubuntu] + + def self.instances + modules = apache2ctl("-M").lines.collect { |line| + m = line.match(/(\w+)_module \(shared\)$/) + m[1] if m + }.compact + + modules.map do |mod| + new( + :name => mod, + :ensure => :present, + :provider => :a2mod + ) + end + end + + def create + encmd resource[:name] + end + + def destroy + discmd resource[:name] + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/gentoo.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/gentoo.rb new file mode 100644 index 000000000..07319dfdc --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/gentoo.rb @@ -0,0 +1,116 @@ +require 'puppet/util/filetype' +Puppet::Type.type(:a2mod).provide(:gentoo, :parent => Puppet::Provider) do + desc "Manage Apache 2 modules on Gentoo" + + confine :operatingsystem => :gentoo + defaultfor :operatingsystem => :gentoo + + attr_accessor :property_hash + + def create + @property_hash[:ensure] = :present + end + + def exists? + (!(@property_hash[:ensure].nil?) and @property_hash[:ensure] == :present) + end + + def destroy + @property_hash[:ensure] = :absent + end + + def flush + self.class.flush + end + + class << self + attr_reader :conf_file + end + + def self.clear + @mod_resources = [] + @modules = [] + @other_args = "" + end + + def self.initvars + @conf_file = "/etc/conf.d/apache2" + @filetype = Puppet::Util::FileType.filetype(:flat).new(conf_file) + @mod_resources = [] + @modules = [] + @other_args = "" + end + + self.initvars + + # Retrieve an array of all existing modules + def self.modules + if @modules.length <= 0 + # Locate the APACHE_OPTS variable + records = filetype.read.split(/\n/) + apache2_opts = records.grep(/^\s*APACHE2_OPTS=/).first + + # Extract all defines + while apache2_opts.sub!(/-D\s+(\w+)/, '') + @modules << $1.downcase + end + + # Hang on to any remaining options. + if apache2_opts.match(/APACHE2_OPTS="(.+)"/) + @other_args = $1.strip + end + + @modules.sort!.uniq! + end + + @modules + end + + def self.prefetch(resources={}) + # Match resources with existing providers + instances.each do |provider| + if resource = resources[provider.name] + resource.provider = provider + end + end + + # Store all resources using this provider for flushing + resources.each do |name, resource| + @mod_resources << resource + end + end + + def self.instances + modules.map {|mod| new(:name => mod, :provider => :gentoo, :ensure => :present)} + end + + def self.flush + + mod_list = modules + mods_to_remove = @mod_resources.select {|mod| mod.should(:ensure) == :absent}.map {|mod| mod[:name]} + mods_to_add = @mod_resources.select {|mod| mod.should(:ensure) == :present}.map {|mod| mod[:name]} + + mod_list -= mods_to_remove + mod_list += mods_to_add + mod_list.sort!.uniq! + + if modules != mod_list + opts = @other_args + " " + opts << mod_list.map {|mod| "-D #{mod.upcase}"}.join(" ") + opts.strip! + opts.gsub!(/\s+/, ' ') + + apache2_opts = %Q{APACHE2_OPTS="#{opts}"} + Puppet.debug("Writing back \"#{apache2_opts}\" to #{conf_file}") + + records = filetype.read.split(/\n/) + + opts_index = records.find_index {|i| i.match(/^\s*APACHE2_OPTS/)} + records[opts_index] = apache2_opts + + filetype.backup + filetype.write(records.join("\n")) + @modules = mod_list + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/modfix.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/modfix.rb new file mode 100644 index 000000000..8f35b2e4a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/modfix.rb @@ -0,0 +1,12 @@ +Puppet::Type.type(:a2mod).provide :modfix do + desc "Dummy provider for A2mod. + + Fake nil resources when there is no crontab binary available. Allows + puppetd to run on a bootstrapped machine before a Cron package has been + installed. Workaround for: http://projects.puppetlabs.com/issues/2384 + " + + def self.instances + [] + end +end \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/redhat.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/redhat.rb new file mode 100644 index 000000000..ea5494cb4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/provider/a2mod/redhat.rb @@ -0,0 +1,60 @@ +require 'puppet/provider/a2mod' + +Puppet::Type.type(:a2mod).provide(:redhat, :parent => Puppet::Provider::A2mod) do + desc "Manage Apache 2 modules on RedHat family OSs" + + commands :apachectl => "apachectl" + + confine :osfamily => :redhat + defaultfor :osfamily => :redhat + + require 'pathname' + + # modpath: Path to default apache modules directory /etc/httpd/mod.d + # modfile: Path to module load configuration file; Default: resides under modpath directory + # libfile: Path to actual apache module library. Added in modfile LoadModule + + attr_accessor :modfile, :libfile + class << self + attr_accessor :modpath + def preinit + @modpath = "/etc/httpd/mod.d" + end + end + + self.preinit + + def create + File.open(modfile,'w') do |f| + f.puts "LoadModule #{resource[:identifier]} #{libfile}" + end + end + + def destroy + File.delete(modfile) + end + + def self.instances + modules = apachectl("-M").lines.collect { |line| + m = line.match(/(\w+)_module \(shared\)$/) + m[1] if m + }.compact + + modules.map do |mod| + new( + :name => mod, + :ensure => :present, + :provider => :redhat + ) + end + end + + def modfile + modfile ||= "#{self.class.modpath}/#{resource[:name]}.load" + end + + # Set libfile path: If absolute path is passed, then maintain it. Else, make it default from 'modules' dir. + def libfile + libfile = Pathname.new(resource[:lib]).absolute? ? resource[:lib] : "modules/#{resource[:lib]}" + end +end diff --git a/modules/services/unix/http/apache/module/apache/lib/puppet/type/a2mod.rb b/modules/services/unix/http/apache/module/apache/lib/puppet/type/a2mod.rb new file mode 100644 index 000000000..07a911e5e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/lib/puppet/type/a2mod.rb @@ -0,0 +1,30 @@ +Puppet::Type.newtype(:a2mod) do + @doc = "Manage Apache 2 modules" + + ensurable + + newparam(:name) do + Puppet.warning "The a2mod provider is deprecated, please use apache::mod instead" + desc "The name of the module to be managed" + + isnamevar + + end + + newparam(:lib) do + desc "The name of the .so library to be loaded" + + defaultto { "mod_#{@resource[:name]}.so" } + end + + newparam(:identifier) do + desc "Module identifier string used by LoadModule. Default: module-name_module" + + # http://httpd.apache.org/docs/2.2/mod/module-dict.html#ModuleIdentifier + + defaultto { "#{resource[:name]}_module" } + end + + autorequire(:package) { catalog.resource(:package, 'httpd')} + +end diff --git a/modules/services/unix/http/apache/module/apache/manifests/balancer.pp b/modules/services/unix/http/apache/module/apache/manifests/balancer.pp new file mode 100644 index 000000000..9b7511a03 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/balancer.pp @@ -0,0 +1,82 @@ +# == Define Resource Type: apache::balancer +# +# This type will create an apache balancer cluster file inside the conf.d +# directory. Each balancer cluster needs one or more balancer members (that can +# be declared with the apache::balancermember defined resource type). Using +# storeconfigs, you can export the apache::balancermember resources on all +# balancer members, and then collect them on a single apache load balancer +# server. +# +# === Requirement/Dependencies: +# +# Currently requires the puppetlabs/concat module on the Puppet Forge and uses +# storeconfigs on the Puppet Master to export/collect resources from all +# balancer members. +# +# === Parameters +# +# [*name*] +# The namevar of the defined resource type is the balancer clusters name. +# This name is also used in the name of the conf.d file +# +# [*proxy_set*] +# Hash, default empty. If given, each key-value pair will be used as a ProxySet +# line in the configuration. +# +# [*collect_exported*] +# Boolean, default 'true'. True means 'collect exported @@balancermember +# resources' (for the case when every balancermember node exports itself), +# false means 'rely on the existing declared balancermember resources' (for the +# case when you know the full set of balancermembers in advance and use +# apache::balancermember with array arguments, which allows you to deploy +# everything in 1 run) +# +# +# === Examples +# +# Exporting the resource for a balancer member: +# +# apache::balancer { 'puppet00': } +# +define apache::balancer ( + $proxy_set = {}, + $collect_exported = true, +) { + include ::apache::mod::proxy_balancer + + $target = "${::apache::params::confd_dir}/balancer_${name}.conf" + + concat { $target: + owner => '0', + group => '0', + mode => $::apache::file_mode, + notify => Class['Apache::Service'], + } + + concat::fragment { "00-${name}-header": + ensure => present, + target => $target, + order => '01', + content => "\n", + } + + if $collect_exported { + Apache::Balancermember <<| balancer_cluster == $name |>> + } + # else: the resources have been created and they introduced their + # concat fragments. We don't have to do anything about them. + + concat::fragment { "01-${name}-proxyset": + ensure => present, + target => $target, + order => '19', + content => inline_template("<% @proxy_set.keys.sort.each do |key| %> Proxyset <%= key %>=<%= @proxy_set[key] %>\n<% end %>"), + } + + concat::fragment { "01-${name}-footer": + ensure => present, + target => $target, + order => '20', + content => "\n", + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/balancermember.pp b/modules/services/unix/http/apache/module/apache/manifests/balancermember.pp new file mode 100644 index 000000000..459081a71 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/balancermember.pp @@ -0,0 +1,53 @@ +# == Define Resource Type: apache::balancermember +# +# This type will setup a balancer member inside a listening service +# configuration block in /etc/apache/apache.cfg on the load balancer. +# currently it only has the ability to specify the instance name, url and an +# array of options. More features can be added as needed. The best way to +# implement this is to export this resource for all apache balancer member +# servers, and then collect them on the main apache load balancer. +# +# === Requirement/Dependencies: +# +# Currently requires the puppetlabs/concat module on the Puppet Forge and +# uses storeconfigs on the Puppet Master to export/collect resources +# from all balancer members. +# +# === Parameters +# +# [*name*] +# The title of the resource is arbitrary and only utilized in the concat +# fragment name. +# +# [*balancer_cluster*] +# The apache service's instance name (or, the title of the apache::balancer +# resource). This must match up with a declared apache::balancer resource. +# +# [*url*] +# The url used to contact the balancer member server. +# +# [*options*] +# An array of options to be specified after the url. +# +# === Examples +# +# Exporting the resource for a balancer member: +# +# @@apache::balancermember { 'apache': +# balancer_cluster => 'puppet00', +# url => "ajp://${::fqdn}:8009" +# options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], +# } +# +define apache::balancermember( + $balancer_cluster, + $url = "http://${::fqdn}/", + $options = [], +) { + + concat::fragment { "BalancerMember ${name}": + ensure => present, + target => "${::apache::params::confd_dir}/balancer_${balancer_cluster}.conf", + content => inline_template(" BalancerMember ${url} <%= @options.join ' ' %>\n"), + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/confd/no_accf.pp b/modules/services/unix/http/apache/module/apache/manifests/confd/no_accf.pp new file mode 100644 index 000000000..f35c0c8b9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/confd/no_accf.pp @@ -0,0 +1,10 @@ +class apache::confd::no_accf { + # Template uses no variables + file { 'no-accf.conf': + ensure => 'file', + path => "${::apache::confd_dir}/no-accf.conf", + content => template('apache/confd/no-accf.conf.erb'), + require => Exec["mkdir ${::apache::confd_dir}"], + before => File[$::apache::confd_dir], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/custom_config.pp b/modules/services/unix/http/apache/module/apache/manifests/custom_config.pp new file mode 100644 index 000000000..d93c46892 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/custom_config.pp @@ -0,0 +1,73 @@ +# See README.md for usage information +define apache::custom_config ( + $ensure = 'present', + $confdir = $::apache::confd_dir, + $content = undef, + $priority = '25', + $source = undef, + $verify_command = $::apache::params::verify_command, + $verify_config = true, + $filename = undef, +) { + + if $content and $source { + fail('Only one of $content and $source can be specified.') + } + + if $ensure == 'present' and ! $content and ! $source { + fail('One of $content and $source must be specified.') + } + + validate_re($ensure, '^(present|absent)$', + "${ensure} is not supported for ensure. + Allowed values are 'present' and 'absent'.") + + validate_bool($verify_config) + + if $filename { + $_filename = $filename + } else { + if $priority { + $priority_prefix = "${priority}-" + } else { + $priority_prefix = '' + } + + ## Apache include does not always work with spaces in the filename + $filename_middle = regsubst($name, ' ', '_', 'G') + $_filename = "${priority_prefix}${filename_middle}.conf" + } + + if ! $verify_config or $ensure == 'absent' { + $notifies = Class['Apache::Service'] + } else { + $notifies = undef + } + + file { "apache_${name}": + ensure => $ensure, + path => "${confdir}/${_filename}", + content => $content, + source => $source, + require => Package['httpd'], + notify => $notifies, + } + + if $ensure == 'present' and $verify_config { + exec { "syntax verification for ${name}": + command => $verify_command, + subscribe => File["apache_${name}"], + refreshonly => true, + notify => Class['Apache::Service'], + before => Exec["remove ${name} if invalid"], + require => Anchor['::apache::modules_set_up'] + } + + exec { "remove ${name} if invalid": + command => "/bin/rm ${confdir}/${_filename}", + unless => $verify_command, + subscribe => File["apache_${name}"], + refreshonly => true, + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/default_confd_files.pp b/modules/services/unix/http/apache/module/apache/manifests/default_confd_files.pp new file mode 100644 index 000000000..c06b30c83 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/default_confd_files.pp @@ -0,0 +1,15 @@ +class apache::default_confd_files ( + $all = true, +) { + # The rest of the conf.d/* files only get loaded if we want them + if $all { + case $::osfamily { + 'freebsd': { + include ::apache::confd::no_accf + } + default: { + # do nothing + } + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/default_mods.pp b/modules/services/unix/http/apache/module/apache/manifests/default_mods.pp new file mode 100644 index 000000000..fd057d113 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/default_mods.pp @@ -0,0 +1,179 @@ +class apache::default_mods ( + $all = true, + $mods = undef, + $apache_version = $::apache::apache_version, + $use_systemd = $::apache::use_systemd, +) { + # These are modules required to run the default configuration. + # They are not configurable at this time, so we just include + # them to make sure it works. + case $::osfamily { + 'redhat': { + ::apache::mod { 'log_config': } + if versioncmp($apache_version, '2.4') >= 0 { + # Lets fork it + # Do not try to load mod_systemd on RHEL/CentOS 6 SCL. + if ( !($::osfamily == 'redhat' and versioncmp($::operatingsystemrelease, '7.0') == -1) and !($::operatingsystem == 'Amazon') ) { + if ($use_systemd) { + ::apache::mod { 'systemd': } + } + } + ::apache::mod { 'unixd': } + } + } + 'freebsd': { + ::apache::mod { 'log_config': } + ::apache::mod { 'unixd': } + } + 'Suse': { + ::apache::mod { 'log_config': } + } + default: {} + } + case $::osfamily { + 'gentoo': {} + default: { + ::apache::mod { 'authz_host': } + } + } + # The rest of the modules only get loaded if we want all modules enabled + if $all { + case $::osfamily { + 'debian': { + include ::apache::mod::authn_core + include ::apache::mod::reqtimeout + if versioncmp($apache_version, '2.4') < 0 { + ::apache::mod { 'authn_alias': } + } + } + 'redhat': { + include ::apache::mod::actions + include ::apache::mod::authn_core + include ::apache::mod::cache + include ::apache::mod::ext_filter + include ::apache::mod::mime + include ::apache::mod::mime_magic + include ::apache::mod::rewrite + include ::apache::mod::speling + include ::apache::mod::suexec + include ::apache::mod::version + include ::apache::mod::vhost_alias + ::apache::mod { 'auth_digest': } + ::apache::mod { 'authn_anon': } + ::apache::mod { 'authn_dbm': } + ::apache::mod { 'authz_dbm': } + ::apache::mod { 'authz_owner': } + ::apache::mod { 'expires': } + ::apache::mod { 'include': } + ::apache::mod { 'logio': } + ::apache::mod { 'substitute': } + ::apache::mod { 'usertrack': } + + if versioncmp($apache_version, '2.4') < 0 { + ::apache::mod { 'authn_alias': } + ::apache::mod { 'authn_default': } + } + } + 'freebsd': { + include ::apache::mod::actions + include ::apache::mod::authn_core + include ::apache::mod::cache + include ::apache::mod::disk_cache + include ::apache::mod::headers + include ::apache::mod::info + include ::apache::mod::mime_magic + include ::apache::mod::reqtimeout + include ::apache::mod::rewrite + include ::apache::mod::userdir + include ::apache::mod::version + include ::apache::mod::vhost_alias + include ::apache::mod::speling + include ::apache::mod::filter + + ::apache::mod { 'asis': } + ::apache::mod { 'auth_digest': } + ::apache::mod { 'auth_form': } + ::apache::mod { 'authn_anon': } + ::apache::mod { 'authn_dbm': } + ::apache::mod { 'authn_socache': } + ::apache::mod { 'authz_dbd': } + ::apache::mod { 'authz_dbm': } + ::apache::mod { 'authz_owner': } + ::apache::mod { 'dumpio': } + ::apache::mod { 'expires': } + ::apache::mod { 'file_cache': } + ::apache::mod { 'imagemap':} + ::apache::mod { 'include': } + ::apache::mod { 'logio': } + ::apache::mod { 'request': } + ::apache::mod { 'session': } + ::apache::mod { 'unique_id': } + } + default: {} + } + case $::apache::mpm_module { + 'prefork': { + include ::apache::mod::cgi + } + 'worker': { + include ::apache::mod::cgid + } + default: { + # do nothing + } + } + include ::apache::mod::alias + include ::apache::mod::authn_file + include ::apache::mod::autoindex + include ::apache::mod::dav + include ::apache::mod::dav_fs + include ::apache::mod::deflate + include ::apache::mod::dir + include ::apache::mod::mime + include ::apache::mod::negotiation + include ::apache::mod::setenvif + ::apache::mod { 'auth_basic': } + + if versioncmp($apache_version, '2.4') >= 0 { + # filter is needed by mod_deflate + include ::apache::mod::filter + + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # lots of stuff seems to break without access_compat + ::apache::mod { 'access_compat': } + } else { + include ::apache::mod::authz_default + } + + include ::apache::mod::authz_user + + ::apache::mod { 'authz_groupfile': } + ::apache::mod { 'env': } + } elsif $mods { + ::apache::default_mods::load { $mods: } + + if versioncmp($apache_version, '2.4') >= 0 { + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # filter is needed by mod_deflate + include ::apache::mod::filter + } + } else { + if versioncmp($apache_version, '2.4') >= 0 { + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # filter is needed by mod_deflate + include ::apache::mod::filter + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/default_mods/load.pp b/modules/services/unix/http/apache/module/apache/manifests/default_mods/load.pp new file mode 100644 index 000000000..356e9fa00 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/default_mods/load.pp @@ -0,0 +1,8 @@ +# private define +define apache::default_mods::load ($module = $title) { + if defined("apache::mod::${module}") { + include "::apache::mod::${module}" + } else { + ::apache::mod { $module: } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/dev.pp b/modules/services/unix/http/apache/module/apache/manifests/dev.pp new file mode 100644 index 000000000..fdebf59f5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/dev.pp @@ -0,0 +1,10 @@ +class apache::dev { + include ::apache::params + $packages = $::apache::dev_packages + if $packages { # FreeBSD doesn't have dev packages to install + package { $packages: + ensure => present, + require => Package['httpd'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/fastcgi/server.pp b/modules/services/unix/http/apache/module/apache/manifests/fastcgi/server.pp new file mode 100644 index 000000000..ec89bf778 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/fastcgi/server.pp @@ -0,0 +1,24 @@ +define apache::fastcgi::server ( + $host = '127.0.0.1:9000', + $timeout = 15, + $flush = false, + $faux_path = "/var/www/${name}.fcgi", + $fcgi_alias = "/${name}.fcgi", + $file_type = 'application/x-httpd-php' +) { + include apache::mod::fastcgi + + Apache::Mod['fastcgi'] -> Apache::Fastcgi::Server[$title] + + file { "fastcgi-pool-${name}.conf": + ensure => present, + path => "${::apache::confd_dir}/fastcgi-pool-${name}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + content => template('apache/fastcgi/server.erb'), + require => Exec["mkdir ${::apache::confd_dir}"], + before => File[$::apache::confd_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod.pp b/modules/services/unix/http/apache/module/apache/manifests/mod.pp new file mode 100644 index 000000000..33b4de1ab --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod.pp @@ -0,0 +1,167 @@ +define apache::mod ( + $package = undef, + $package_ensure = 'present', + $lib = undef, + $lib_path = $::apache::lib_path, + $id = undef, + $path = undef, + $loadfile_name = undef, + $loadfiles = undef, +) { + if ! defined(Class['apache']) { + fail('You must include the apache base class before using any apache defined resources') + } + + $mod = $name + #include apache #This creates duplicate resources in rspec-puppet + $mod_dir = $::apache::mod_dir + + # Determine if we have special lib + $mod_libs = $::apache::params::mod_libs + if $lib { + $_lib = $lib + } elsif has_key($mod_libs, $mod) { # 2.6 compatibility hack + $_lib = $mod_libs[$mod] + } else { + $_lib = "mod_${mod}.so" + } + + # Determine if declaration specified a path to the module + if $path { + $_path = $path + } else { + $_path = "${lib_path}/${_lib}" + } + + if $id { + $_id = $id + } else { + $_id = "${mod}_module" + } + + if $loadfile_name { + $_loadfile_name = $loadfile_name + } else { + $_loadfile_name = "${mod}.load" + } + + # Determine if we have a package + $mod_packages = $::apache::params::mod_packages + if $package { + $_package = $package + } elsif has_key($mod_packages, $mod) { # 2.6 compatibility hack + $_package = $mod_packages[$mod] + } else { + $_package = undef + } + if $_package and ! defined(Package[$_package]) { + # note: FreeBSD/ports uses apxs tool to activate modules; apxs clutters + # httpd.conf with 'LoadModule' directives; here, by proper resource + # ordering, we ensure that our version of httpd.conf is reverted after + # the module gets installed. + $package_before = $::osfamily ? { + 'freebsd' => [ + File[$_loadfile_name], + File["${::apache::conf_dir}/${::apache::params::conf_file}"] + ], + default => File[$_loadfile_name], + } + # if there are any packages, they should be installed before the associated conf file + Package[$_package] -> File<| title == "${mod}.conf" |> + # $_package may be an array + package { $_package: + ensure => $package_ensure, + require => Package['httpd'], + before => $package_before, + } + } + + file { $_loadfile_name: + ensure => file, + path => "${mod_dir}/${_loadfile_name}", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + content => template('apache/mod/load.erb'), + require => [ + Package['httpd'], + Exec["mkdir ${mod_dir}"], + ], + before => File[$mod_dir], + notify => Class['apache::service'], + } + + if $::osfamily == 'Debian' { + $enable_dir = $::apache::mod_enable_dir + file{ "${_loadfile_name} symlink": + ensure => link, + path => "${enable_dir}/${_loadfile_name}", + target => "${mod_dir}/${_loadfile_name}", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => [ + File[$_loadfile_name], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + # Each module may have a .conf file as well, which should be + # defined in the class apache::mod::module + # Some modules do not require this file. + if defined(File["${mod}.conf"]) { + file{ "${mod}.conf symlink": + ensure => link, + path => "${enable_dir}/${mod}.conf", + target => "${mod_dir}/${mod}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => [ + File["${mod}.conf"], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + } + } elsif $::osfamily == 'Suse' { + $enable_dir = $::apache::mod_enable_dir + file{ "${_loadfile_name} symlink": + ensure => link, + path => "${enable_dir}/${_loadfile_name}", + target => "${mod_dir}/${_loadfile_name}", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => [ + File[$_loadfile_name], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + # Each module may have a .conf file as well, which should be + # defined in the class apache::mod::module + # Some modules do not require this file. + if defined(File["${mod}.conf"]) { + file{ "${mod}.conf symlink": + ensure => link, + path => "${enable_dir}/${mod}.conf", + target => "${mod_dir}/${mod}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => [ + File["${mod}.conf"], + Exec["mkdir ${enable_dir}"], + ], + before => File[$enable_dir], + notify => Class['apache::service'], + } + } + } + + Apache::Mod[$name] -> Anchor['::apache::modules_set_up'] +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/actions.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/actions.pp new file mode 100644 index 000000000..3b60f297f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/actions.pp @@ -0,0 +1,3 @@ +class apache::mod::actions { + apache::mod { 'actions': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/alias.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/alias.pp new file mode 100644 index 000000000..5b59baa01 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/alias.pp @@ -0,0 +1,20 @@ +class apache::mod::alias( + $apache_version = $apache::apache_version, + $icons_options = 'Indexes MultiViews', + # set icons_path to false to disable the alias + $icons_path = $::apache::params::alias_icons_path, + +) { + apache::mod { 'alias': } + # Template uses $icons_path + if $icons_path { + file { 'alias.conf': + ensure => file, + path => "${::apache::mod_dir}/alias.conf", + content => template('apache/mod/alias.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/auth_basic.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_basic.pp new file mode 100644 index 000000000..cacfafa4d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_basic.pp @@ -0,0 +1,3 @@ +class apache::mod::auth_basic { + ::apache::mod { 'auth_basic': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/auth_cas.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_cas.pp new file mode 100644 index 000000000..5b13af66a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_cas.pp @@ -0,0 +1,48 @@ +class apache::mod::auth_cas ( + $cas_login_url, + $cas_validate_url, + $cas_cookie_path = $::apache::params::cas_cookie_path, + $cas_version = 2, + $cas_debug = 'Off', + $cas_validate_depth = undef, + $cas_certificate_path = undef, + $cas_proxy_validate_url = undef, + $cas_root_proxied_as = undef, + $cas_cookie_entropy = undef, + $cas_timeout = undef, + $cas_idle_timeout = undef, + $cas_cache_clean_interval = undef, + $cas_cookie_domain = undef, + $cas_cookie_http_only = undef, + $cas_authoritative = undef, + $suppress_warning = false, +) { + + validate_string($cas_login_url, $cas_validate_url, $cas_cookie_path) + + if $::osfamily == 'RedHat' and ! $suppress_warning { + warning('RedHat distributions do not have Apache mod_auth_cas in their default package repositories.') + } + + ::apache::mod { 'auth_cas': } + + file { $cas_cookie_path: + ensure => directory, + before => File['auth_cas.conf'], + mode => '0750', + owner => $apache::user, + group => $apache::group, + } + + # Template uses + # - All variables beginning with cas_ + file { 'auth_cas.conf': + ensure => file, + path => "${::apache::mod_dir}/auth_cas.conf", + content => template('apache/mod/auth_cas.conf.erb'), + require => [ Exec["mkdir ${::apache::mod_dir}"], ], + before => File[$::apache::mod_dir], + notify => Class['Apache::Service'], + } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/auth_kerb.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_kerb.pp new file mode 100644 index 000000000..6b53262a1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_kerb.pp @@ -0,0 +1,5 @@ +class apache::mod::auth_kerb { + ::apache::mod { 'auth_kerb': } +} + + diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/auth_mellon.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_mellon.pp new file mode 100644 index 000000000..79f6ffebb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/auth_mellon.pp @@ -0,0 +1,24 @@ +class apache::mod::auth_mellon ( + $mellon_cache_size = $::apache::params::mellon_cache_size, + $mellon_lock_file = $::apache::params::mellon_lock_file, + $mellon_post_directory = $::apache::params::mellon_post_directory, + $mellon_cache_entry_size = undef, + $mellon_post_ttl = undef, + $mellon_post_size = undef, + $mellon_post_count = undef +) { + + ::apache::mod { 'auth_mellon': } + + # Template uses + # - All variables beginning with mellon_ + file { 'auth_mellon.conf': + ensure => file, + path => "${::apache::mod_dir}/auth_mellon.conf", + content => template('apache/mod/auth_mellon.conf.erb'), + require => [ Exec["mkdir ${::apache::mod_dir}"], ], + before => File[$::apache::mod_dir], + notify => Class['Apache::Service'], + } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/authn_core.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/authn_core.pp new file mode 100644 index 000000000..c5ce5b107 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/authn_core.pp @@ -0,0 +1,7 @@ +class apache::mod::authn_core( + $apache_version = $::apache::apache_version +) { + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mod { 'authn_core': } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/authn_file.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/authn_file.pp new file mode 100644 index 000000000..bc787244a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/authn_file.pp @@ -0,0 +1,3 @@ +class apache::mod::authn_file { + ::apache::mod { 'authn_file': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/authnz_ldap.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/authnz_ldap.pp new file mode 100644 index 000000000..b75369ffc --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/authnz_ldap.pp @@ -0,0 +1,19 @@ +class apache::mod::authnz_ldap ( + $verifyServerCert = true, +) { + include '::apache::mod::ldap' + ::apache::mod { 'authnz_ldap': } + + validate_bool($verifyServerCert) + + # Template uses: + # - $verifyServerCert + file { 'authnz_ldap.conf': + ensure => file, + path => "${::apache::mod_dir}/authnz_ldap.conf", + content => template('apache/mod/authnz_ldap.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/authz_default.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/authz_default.pp new file mode 100644 index 000000000..e457774ae --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/authz_default.pp @@ -0,0 +1,9 @@ +class apache::mod::authz_default( + $apache_version = $::apache::apache_version +) { + if versioncmp($apache_version, '2.4') >= 0 { + warning('apache::mod::authz_default has been removed in Apache 2.4') + } else { + ::apache::mod { 'authz_default': } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/authz_user.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/authz_user.pp new file mode 100644 index 000000000..948a3e2c9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/authz_user.pp @@ -0,0 +1,3 @@ +class apache::mod::authz_user { + ::apache::mod { 'authz_user': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/autoindex.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/autoindex.pp new file mode 100644 index 000000000..c0969a814 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/autoindex.pp @@ -0,0 +1,12 @@ +class apache::mod::autoindex { + ::apache::mod { 'autoindex': } + # Template uses no variables + file { 'autoindex.conf': + ensure => file, + path => "${::apache::mod_dir}/autoindex.conf", + content => template('apache/mod/autoindex.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/cache.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/cache.pp new file mode 100644 index 000000000..4ab9f44ba --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/cache.pp @@ -0,0 +1,3 @@ +class apache::mod::cache { + ::apache::mod { 'cache': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/cgi.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/cgi.pp new file mode 100644 index 000000000..91352e8c8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/cgi.pp @@ -0,0 +1,10 @@ +class apache::mod::cgi { + case $::osfamily { + 'FreeBSD': {} + default: { + Class['::apache::mod::prefork'] -> Class['::apache::mod::cgi'] + } + } + + ::apache::mod { 'cgi': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/cgid.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/cgid.pp new file mode 100644 index 000000000..4094c3281 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/cgid.pp @@ -0,0 +1,32 @@ +class apache::mod::cgid { + case $::osfamily { + 'FreeBSD': {} + default: { + if defined(Class['::apache::mod::event']) { + Class['::apache::mod::event'] -> Class['::apache::mod::cgid'] + } else { + Class['::apache::mod::worker'] -> Class['::apache::mod::cgid'] + } + } + } + + # Debian specifies it's cgid sock path, but RedHat uses the default value + # with no config file + $cgisock_path = $::osfamily ? { + 'debian' => "\${APACHE_RUN_DIR}/cgisock", + 'freebsd' => 'cgisock', + default => undef, + } + ::apache::mod { 'cgid': } + if $cgisock_path { + # Template uses $cgisock_path + file { 'cgid.conf': + ensure => file, + path => "${::apache::mod_dir}/cgid.conf", + content => template('apache/mod/cgid.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/dav.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/dav.pp new file mode 100644 index 000000000..ade9c0809 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/dav.pp @@ -0,0 +1,3 @@ +class apache::mod::dav { + ::apache::mod { 'dav': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/dav_fs.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/dav_fs.pp new file mode 100644 index 000000000..af037e32d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/dav_fs.pp @@ -0,0 +1,20 @@ +class apache::mod::dav_fs { + $dav_lock = $::osfamily ? { + 'debian' => "\${APACHE_LOCK_DIR}/DAVLock", + 'freebsd' => '/usr/local/var/DavLock', + default => '/var/lib/dav/lockdb', + } + + Class['::apache::mod::dav'] -> Class['::apache::mod::dav_fs'] + ::apache::mod { 'dav_fs': } + + # Template uses: $dav_lock + file { 'dav_fs.conf': + ensure => file, + path => "${::apache::mod_dir}/dav_fs.conf", + content => template('apache/mod/dav_fs.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/dav_svn.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/dav_svn.pp new file mode 100644 index 000000000..6e70598d0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/dav_svn.pp @@ -0,0 +1,20 @@ +class apache::mod::dav_svn ( + $authz_svn_enabled = false, +) { + Class['::apache::mod::dav'] -> Class['::apache::mod::dav_svn'] + include ::apache::mod::dav + ::apache::mod { 'dav_svn': } + + if $::osfamily == 'Debian' and ($::operatingsystemmajrelease != '6' and $::operatingsystemmajrelease != '10.04' and $::operatingsystemrelease != '10.04') { + $loadfile_name = undef + } else { + $loadfile_name = 'dav_svn_authz_svn.load' + } + + if $authz_svn_enabled { + ::apache::mod { 'authz_svn': + loadfile_name => $loadfile_name, + require => Apache::Mod['dav_svn'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/deflate.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/deflate.pp new file mode 100644 index 000000000..0748a54e5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/deflate.pp @@ -0,0 +1,25 @@ +class apache::mod::deflate ( + $types = [ + 'text/html text/plain text/xml', + 'text/css', + 'application/x-javascript application/javascript application/ecmascript', + 'application/rss+xml', + 'application/json' + ], + $notes = { + 'Input' => 'instream', + 'Output' => 'outstream', + 'Ratio' => 'ratio' + } +) { + ::apache::mod { 'deflate': } + + file { 'deflate.conf': + ensure => file, + path => "${::apache::mod_dir}/deflate.conf", + content => template('apache/mod/deflate.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/dev.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/dev.pp new file mode 100644 index 000000000..5abdedd36 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/dev.pp @@ -0,0 +1,5 @@ +class apache::mod::dev { + # Development packages are not apache modules + warning('apache::mod::dev is deprecated; please use apache::dev') + include ::apache::dev +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/dir.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/dir.pp new file mode 100644 index 000000000..6243a1bb7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/dir.pp @@ -0,0 +1,21 @@ +# Note: this sets the global DirectoryIndex directive, it may be necessary to consider being able to modify the apache::vhost to declare DirectoryIndex statements in a vhost configuration +# Parameters: +# - $indexes provides a string for the DirectoryIndex directive http://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex +class apache::mod::dir ( + $dir = 'public_html', + $indexes = ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml'], +) { + validate_array($indexes) + ::apache::mod { 'dir': } + + # Template uses + # - $indexes + file { 'dir.conf': + ensure => file, + path => "${::apache::mod_dir}/dir.conf", + content => template('apache/mod/dir.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/disk_cache.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/disk_cache.pp new file mode 100644 index 000000000..2f0a476fa --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/disk_cache.pp @@ -0,0 +1,40 @@ +class apache::mod::disk_cache ( + $cache_root = undef, +) { + if $cache_root { + $_cache_root = $cache_root + } + elsif versioncmp($::apache::apache_version, '2.4') >= 0 { + $_cache_root = $::osfamily ? { + 'debian' => '/var/cache/apache2/mod_cache_disk', + 'redhat' => '/var/cache/httpd/proxy', + 'freebsd' => '/var/cache/mod_cache_disk', + } + } + else { + $_cache_root = $::osfamily ? { + 'debian' => '/var/cache/apache2/mod_disk_cache', + 'redhat' => '/var/cache/mod_proxy', + 'freebsd' => '/var/cache/mod_disk_cache', + } + } + + if versioncmp($::apache::apache_version, '2.4') >= 0 { + apache::mod { 'cache_disk': } + } + else { + apache::mod { 'disk_cache': } + } + + Class['::apache::mod::cache'] -> Class['::apache::mod::disk_cache'] + + # Template uses $_cache_root + file { 'disk_cache.conf': + ensure => file, + path => "${::apache::mod_dir}/disk_cache.conf", + content => template('apache/mod/disk_cache.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/event.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/event.pp new file mode 100644 index 000000000..0ca201e56 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/event.pp @@ -0,0 +1,71 @@ +class apache::mod::event ( + $startservers = '2', + $maxclients = '150', + $minsparethreads = '25', + $maxsparethreads = '75', + $threadsperchild = '25', + $maxrequestsperchild = '0', + $serverlimit = '25', + $apache_version = $::apache::apache_version, + $threadlimit = '64', + $listenbacklog = '511', + $maxrequestworkers = '250', + $maxconnectionsperchild = '0', +) { + if defined(Class['apache::mod::itk']) { + fail('May not include both apache::mod::event and apache::mod::itk on the same node') + } + if defined(Class['apache::mod::peruser']) { + fail('May not include both apache::mod::event and apache::mod::peruser on the same node') + } + if defined(Class['apache::mod::prefork']) { + fail('May not include both apache::mod::event and apache::mod::prefork on the same node') + } + if defined(Class['apache::mod::worker']) { + fail('May not include both apache::mod::event and apache::mod::worker on the same node') + } + File { + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + } + + # Template uses: + # - $startservers + # - $maxclients + # - $minsparethreads + # - $maxsparethreads + # - $threadsperchild + # - $maxrequestsperchild + # - $serverlimit + file { "${::apache::mod_dir}/event.conf": + ensure => file, + content => template('apache/mod/event.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + + case $::osfamily { + 'redhat': { + if versioncmp($apache_version, '2.4') >= 0 { + apache::mpm{ 'event': + apache_version => $apache_version, + } + } + } + 'debian','freebsd' : { + apache::mpm{ 'event': + apache_version => $apache_version, + } + } + 'gentoo': { + ::portage::makeconf { 'apache2_mpms': + content => 'event', + } + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/expires.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/expires.pp new file mode 100644 index 000000000..10542916a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/expires.pp @@ -0,0 +1,20 @@ +class apache::mod::expires ( + $expires_active = true, + $expires_default = undef, + $expires_by_type = undef, +) { + ::apache::mod { 'expires': } + + # Template uses + # $expires_active + # $expires_default + # $expires_by_type + file { 'expires.conf': + ensure => file, + path => "${::apache::mod_dir}/expires.conf", + content => template('apache/mod/expires.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/ext_filter.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/ext_filter.pp new file mode 100644 index 000000000..b78abb607 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/ext_filter.pp @@ -0,0 +1,24 @@ +class apache::mod::ext_filter( + $ext_filter_define = undef +) { + + if $ext_filter_define { + validate_hash($ext_filter_define) + } + + ::apache::mod { 'ext_filter': } + + # Template uses + # -$ext_filter_define + + if $ext_filter_define { + file { 'ext_filter.conf': + ensure => file, + path => "${::apache::mod_dir}/ext_filter.conf", + content => template('apache/mod/ext_filter.conf.erb'), + require => [ Exec["mkdir ${::apache::mod_dir}"], ], + before => File[$::apache::mod_dir], + notify => Class['Apache::Service'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/fastcgi.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/fastcgi.pp new file mode 100644 index 000000000..1f7e5df4f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/fastcgi.pp @@ -0,0 +1,24 @@ +class apache::mod::fastcgi { + + # Debian specifies it's fastcgi lib path, but RedHat uses the default value + # with no config file + $fastcgi_lib_path = $::apache::params::fastcgi_lib_path + + ::apache::mod { 'fastcgi': } + + if $fastcgi_lib_path { + # Template uses: + # - $fastcgi_server + # - $fastcgi_socket + # - $fastcgi_dir + file { 'fastcgi.conf': + ensure => file, + path => "${::apache::mod_dir}/fastcgi.conf", + content => template('apache/mod/fastcgi.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/fcgid.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/fcgid.pp new file mode 100644 index 000000000..978667033 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/fcgid.pp @@ -0,0 +1,19 @@ +class apache::mod::fcgid( + $options = {}, +) { + + ::apache::mod { 'fcgid': + loadfile_name => 'unixd_fcgid.load', + } + + # Template uses: + # - $options + file { 'unixd_fcgid.conf': + ensure => file, + path => "${::apache::mod_dir}/unixd_fcgid.conf", + content => template('apache/mod/unixd_fcgid.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/filter.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/filter.pp new file mode 100644 index 000000000..26dc488b3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/filter.pp @@ -0,0 +1,3 @@ +class apache::mod::filter { + ::apache::mod { 'filter': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/geoip.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/geoip.pp new file mode 100644 index 000000000..1f8fb08ee --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/geoip.pp @@ -0,0 +1,31 @@ +class apache::mod::geoip ( + $enable = false, + $db_file = '/usr/share/GeoIP/GeoIP.dat', + $flag = 'Standard', + $output = 'All', + $enable_utf8 = undef, + $scan_proxy_headers = undef, + $scan_proxy_header_field = undef, + $use_last_xforwarededfor_ip = undef, +) { + ::apache::mod { 'geoip': } + + # Template uses: + # - enable + # - db_file + # - flag + # - output + # - enable_utf8 + # - scan_proxy_headers + # - scan_proxy_header_field + # - use_last_xforwarededfor_ip + file { 'geoip.conf': + ensure => file, + path => "${::apache::mod_dir}/geoip.conf", + content => template('apache/mod/geoip.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/headers.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/headers.pp new file mode 100644 index 000000000..d18c5e279 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/headers.pp @@ -0,0 +1,3 @@ +class apache::mod::headers { + ::apache::mod { 'headers': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/include.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/include.pp new file mode 100644 index 000000000..edbe81f32 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/include.pp @@ -0,0 +1,3 @@ +class apache::mod::include { + ::apache::mod { 'include': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/info.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/info.pp new file mode 100644 index 000000000..f0d03eb0f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/info.pp @@ -0,0 +1,18 @@ +class apache::mod::info ( + $allow_from = ['127.0.0.1','::1'], + $apache_version = $::apache::apache_version, + $restrict_access = true, +){ + apache::mod { 'info': } + # Template uses + # $allow_from + # $apache_version + file { 'info.conf': + ensure => file, + path => "${::apache::mod_dir}/info.conf", + content => template('apache/mod/info.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/itk.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/itk.pp new file mode 100644 index 000000000..dd8a9e3a2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/itk.pp @@ -0,0 +1,91 @@ +class apache::mod::itk ( + $startservers = '8', + $minspareservers = '5', + $maxspareservers = '20', + $serverlimit = '256', + $maxclients = '256', + $maxrequestsperchild = '4000', + $apache_version = $::apache::apache_version, +) { + if defined(Class['apache::mod::event']) { + fail('May not include both apache::mod::itk and apache::mod::event on the same node') + } + if defined(Class['apache::mod::peruser']) { + fail('May not include both apache::mod::itk and apache::mod::peruser on the same node') + } + if versioncmp($apache_version, '2.4') < 0 { + if defined(Class['apache::mod::prefork']) { + fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') + } + } else { + # prefork is a requirement for itk in 2.4; except on FreeBSD and Gentoo, which are special + if $::osfamily =~ /^(FreeBSD|Gentoo)/ { + if defined(Class['apache::mod::prefork']) { + fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') + } + } else { + if ! defined(Class['apache::mod::prefork']) { + fail('apache::mod::prefork is a prerequisite for apache::mod::itk, please arrange for it to be included.') + } + } + } + if defined(Class['apache::mod::worker']) { + fail('May not include both apache::mod::itk and apache::mod::worker on the same node') + } + File { + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + } + + # Template uses: + # - $startservers + # - $minspareservers + # - $maxspareservers + # - $serverlimit + # - $maxclients + # - $maxrequestsperchild + file { "${::apache::mod_dir}/itk.conf": + ensure => file, + content => template('apache/mod/itk.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + + case $::osfamily { + 'redhat': { + package { 'httpd-itk': + ensure => present, + } + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mpm{ 'itk': + apache_version => $apache_version, + } + } + else { + file_line { '/etc/sysconfig/httpd itk enable': + ensure => present, + path => '/etc/sysconfig/httpd', + line => 'HTTPD=/usr/sbin/httpd.itk', + match => '#?HTTPD=/usr/sbin/httpd.itk', + require => Package['httpd'], + notify => Class['apache::service'], + } + } + } + 'debian', 'freebsd': { + apache::mpm{ 'itk': + apache_version => $apache_version, + } + } + 'gentoo': { + ::portage::makeconf { 'apache2_mpms': + content => 'itk', + } + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/ldap.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/ldap.pp new file mode 100644 index 000000000..d08418671 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/ldap.pp @@ -0,0 +1,19 @@ +class apache::mod::ldap ( + $apache_version = $::apache::apache_version, + $ldap_trusted_global_cert_file = undef, + $ldap_trusted_global_cert_type = 'CA_BASE64', +){ + if ($ldap_trusted_global_cert_file) { + validate_string($ldap_trusted_global_cert_type) + } + ::apache::mod { 'ldap': } + # Template uses $apache_version + file { 'ldap.conf': + ensure => file, + path => "${::apache::mod_dir}/ldap.conf", + content => template('apache/mod/ldap.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/mime.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/mime.pp new file mode 100644 index 000000000..ace7663df --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/mime.pp @@ -0,0 +1,22 @@ +class apache::mod::mime ( + $mime_support_package = $::apache::params::mime_support_package, + $mime_types_config = $::apache::params::mime_types_config, + $mime_types_additional = $::apache::mime_types_additional, +) { + apache::mod { 'mime': } + # Template uses $mime_types_config + file { 'mime.conf': + ensure => file, + path => "${::apache::mod_dir}/mime.conf", + content => template('apache/mod/mime.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + if $mime_support_package { + package { $mime_support_package: + ensure => 'installed', + before => File['mime.conf'], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/mime_magic.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/mime_magic.pp new file mode 100644 index 000000000..c057b01f5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/mime_magic.pp @@ -0,0 +1,14 @@ +class apache::mod::mime_magic ( + $magic_file = "${::apache::conf_dir}/magic" +) { + apache::mod { 'mime_magic': } + # Template uses $magic_file + file { 'mime_magic.conf': + ensure => file, + path => "${::apache::mod_dir}/mime_magic.conf", + content => template('apache/mod/mime_magic.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/negotiation.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/negotiation.pp new file mode 100644 index 000000000..02a3a0e64 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/negotiation.pp @@ -0,0 +1,25 @@ +class apache::mod::negotiation ( + $force_language_priority = 'Prefer Fallback', + $language_priority = [ 'en', 'ca', 'cs', 'da', 'de', 'el', 'eo', 'es', 'et', + 'fr', 'he', 'hr', 'it', 'ja', 'ko', 'ltz', 'nl', 'nn', + 'no', 'pl', 'pt', 'pt-BR', 'ru', 'sv', 'zh-CN', + 'zh-TW' ], +) { + if !is_array($force_language_priority) and !is_string($force_language_priority) { + fail('force_languague_priority must be a string or array of strings') + } + if !is_array($language_priority) and !is_string($language_priority) { + fail('force_languague_priority must be a string or array of strings') + } + + ::apache::mod { 'negotiation': } + # Template uses no variables + file { 'negotiation.conf': + ensure => file, + path => "${::apache::mod_dir}/negotiation.conf", + content => template('apache/mod/negotiation.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/nss.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/nss.pp new file mode 100644 index 000000000..d275cc493 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/nss.pp @@ -0,0 +1,26 @@ +class apache::mod::nss ( + $transfer_log = "${::apache::params::logroot}/access.log", + $error_log = "${::apache::params::logroot}/error.log", + $passwd_file = undef, + $port = 8443, +) { + include ::apache::mod::mime + + apache::mod { 'nss': } + + $httpd_dir = $::apache::httpd_dir + + # Template uses: + # $transfer_log + # $error_log + # $http_dir + # passwd_file + file { 'nss.conf': + ensure => file, + path => "${::apache::mod_dir}/nss.conf", + content => template('apache/mod/nss.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/pagespeed.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/pagespeed.pp new file mode 100644 index 000000000..588849c47 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/pagespeed.pp @@ -0,0 +1,55 @@ +class apache::mod::pagespeed ( + $inherit_vhost_config = 'on', + $filter_xhtml = false, + $cache_path = '/var/cache/mod_pagespeed/', + $log_dir = '/var/log/pagespeed', + $memcache_servers = [], + $rewrite_level = 'CoreFilters', + $disable_filters = [], + $enable_filters = [], + $forbid_filters = [], + $rewrite_deadline_per_flush_ms = 10, + $additional_domains = undef, + $file_cache_size_kb = 102400, + $file_cache_clean_interval_ms = 3600000, + $lru_cache_per_process = 1024, + $lru_cache_byte_limit = 16384, + $css_flatten_max_bytes = 2048, + $css_inline_max_bytes = 2048, + $css_image_inline_max_bytes = 2048, + $image_inline_max_bytes = 2048, + $js_inline_max_bytes = 2048, + $css_outline_min_bytes = 3000, + $js_outline_min_bytes = 3000, + $inode_limit = 500000, + $image_max_rewrites_at_once = 8, + $num_rewrite_threads = 4, + $num_expensive_rewrite_threads = 4, + $collect_statistics = 'on', + $statistics_logging = 'on', + $allow_view_stats = [], + $allow_pagespeed_console = [], + $allow_pagespeed_message = [], + $message_buffer_size = 100000, + $additional_configuration = {}, + $apache_version = $::apache::apache_version, +){ + + $_lib = $::apache::apache_version ? { + '2.4' => 'mod_pagespeed_ap24.so', + default => undef + } + + apache::mod { 'pagespeed': + lib => $_lib, + } + + file { 'pagespeed.conf': + ensure => file, + path => "${::apache::mod_dir}/pagespeed.conf", + content => template('apache/mod/pagespeed.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/passenger.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/passenger.pp new file mode 100644 index 000000000..fa67f01cb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/passenger.pp @@ -0,0 +1,90 @@ +class apache::mod::passenger ( + $passenger_conf_file = $::apache::params::passenger_conf_file, + $passenger_conf_package_file = $::apache::params::passenger_conf_package_file, + $passenger_high_performance = undef, + $passenger_pool_idle_time = undef, + $passenger_max_request_queue_size = undef, + $passenger_max_requests = undef, + $passenger_spawn_method = undef, + $passenger_stat_throttle_rate = undef, + $rack_autodetect = undef, + $rails_autodetect = undef, + $passenger_root = $::apache::params::passenger_root, + $passenger_ruby = $::apache::params::passenger_ruby, + $passenger_default_ruby = $::apache::params::passenger_default_ruby, + $passenger_max_pool_size = undef, + $passenger_min_instances = undef, + $passenger_use_global_queue = undef, + $passenger_app_env = undef, + $passenger_log_file = undef, + $mod_package = undef, + $mod_package_ensure = undef, + $mod_lib = undef, + $mod_lib_path = undef, + $mod_id = undef, + $mod_path = undef, +) { + + if $passenger_spawn_method { + validate_re($passenger_spawn_method, '(^smart$|^direct$|^smart-lv2$|^conservative$)', "${passenger_spawn_method} is not permitted for passenger_spawn_method. Allowed values are 'smart', 'direct', 'smart-lv2', or 'conservative'.") + } + if $passenger_log_file { + validate_absolute_path($passenger_log_file) + } + + # Managed by the package, but declare it to avoid purging + if $passenger_conf_package_file { + file { 'passenger_package.conf': + path => "${::apache::confd_dir}/${passenger_conf_package_file}", + } + } + + $_package = $mod_package + $_package_ensure = $mod_package_ensure + $_lib = $mod_lib + if $::osfamily == 'FreeBSD' { + if $mod_lib_path { + $_lib_path = $mod_lib_path + } else { + $_lib_path = "${passenger_root}/buildout/apache2" + } + } else { + $_lib_path = $mod_lib_path + } + + $_id = $mod_id + $_path = $mod_path + ::apache::mod { 'passenger': + package => $_package, + package_ensure => $_package_ensure, + lib => $_lib, + lib_path => $_lib_path, + id => $_id, + path => $_path, + loadfile_name => 'zpassenger.load', + } + + # Template uses: + # - $passenger_root + # - $passenger_ruby + # - $passenger_default_ruby + # - $passenger_max_pool_size + # - $passenger_min_instances + # - $passenger_high_performance + # - $passenger_max_requests + # - $passenger_spawn_method + # - $passenger_stat_throttle_rate + # - $passenger_use_global_queue + # - $passenger_log_file + # - $passenger_app_env + # - $rack_autodetect + # - $rails_autodetect + file { 'passenger.conf': + ensure => file, + path => "${::apache::mod_dir}/${passenger_conf_file}", + content => template('apache/mod/passenger.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/perl.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/perl.pp new file mode 100644 index 000000000..b57f25fd5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/perl.pp @@ -0,0 +1,3 @@ +class apache::mod::perl { + ::apache::mod { 'perl': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/peruser.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/peruser.pp new file mode 100644 index 000000000..4eb5669d8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/peruser.pp @@ -0,0 +1,76 @@ +class apache::mod::peruser ( + $minspareprocessors = '2', + $minprocessors = '2', + $maxprocessors = '10', + $maxclients = '150', + $maxrequestsperchild = '1000', + $idletimeout = '120', + $expiretimeout = '120', + $keepalive = 'Off', +) { + + case $::osfamily { + 'freebsd' : { + fail("Unsupported osfamily ${::osfamily}") + } + default: { + if $::osfamily == 'gentoo' { + ::portage::makeconf { 'apache2_mpms': + content => 'peruser', + } + } + + if defined(Class['apache::mod::event']) { + fail('May not include both apache::mod::peruser and apache::mod::event on the same node') + } + if defined(Class['apache::mod::itk']) { + fail('May not include both apache::mod::peruser and apache::mod::itk on the same node') + } + if defined(Class['apache::mod::prefork']) { + fail('May not include both apache::mod::peruser and apache::mod::prefork on the same node') + } + if defined(Class['apache::mod::worker']) { + fail('May not include both apache::mod::peruser and apache::mod::worker on the same node') + } + File { + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + } + + $mod_dir = $::apache::mod_dir + + # Template uses: + # - $minspareprocessors + # - $minprocessors + # - $maxprocessors + # - $maxclients + # - $maxrequestsperchild + # - $idletimeout + # - $expiretimeout + # - $keepalive + # - $mod_dir + file { "${::apache::mod_dir}/peruser.conf": + ensure => file, + content => template('apache/mod/peruser.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + file { "${::apache::mod_dir}/peruser": + ensure => directory, + require => File[$::apache::mod_dir], + } + file { "${::apache::mod_dir}/peruser/multiplexers": + ensure => directory, + require => File["${::apache::mod_dir}/peruser"], + } + file { "${::apache::mod_dir}/peruser/processors": + ensure => directory, + require => File["${::apache::mod_dir}/peruser"], + } + + ::apache::peruser::multiplexer { '01-default': } + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/php.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/php.pp new file mode 100644 index 000000000..3d45f87a8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/php.pp @@ -0,0 +1,62 @@ +class apache::mod::php ( + $package_name = undef, + $package_ensure = 'present', + $path = undef, + $extensions = ['.php'], + $content = undef, + $template = 'apache/mod/php5.conf.erb', + $source = undef, + $root_group = $::apache::params::root_group, +) inherits apache::params { + + if defined(Class['::apache::mod::prefork']) { + Class['::apache::mod::prefork']->File['php5.conf'] + } + elsif defined(Class['::apache::mod::itk']) { + Class['::apache::mod::itk']->File['php5.conf'] + } + else { + fail('apache::mod::php requires apache::mod::prefork or apache::mod::itk; please enable mpm_module => \'prefork\' or mpm_module => \'itk\' on Class[\'apache\']') + } + validate_array($extensions) + + if $source and ($content or $template != 'apache/mod/php5.conf.erb') { + warning('source and content or template parameters are provided. source parameter will be used') + } elsif $content and $template != 'apache/mod/php5.conf.erb' { + warning('content and template parameters are provided. content parameter will be used') + } + + $manage_content = $source ? { + undef => $content ? { + undef => template($template), + default => $content, + }, + default => undef, + } + + ::apache::mod { 'php5': + package => $package_name, + package_ensure => $package_ensure, + path => $path, + } + + include ::apache::mod::mime + include ::apache::mod::dir + Class['::apache::mod::mime'] -> Class['::apache::mod::dir'] -> Class['::apache::mod::php'] + + # Template uses $extensions + file { 'php5.conf': + ensure => file, + path => "${::apache::mod_dir}/php5.conf", + owner => 'root', + group => $root_group, + mode => $::apache::file_mode, + content => $manage_content, + source => $source, + require => [ + Exec["mkdir ${::apache::mod_dir}"], + ], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/prefork.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/prefork.pp new file mode 100644 index 000000000..85d8b84d4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/prefork.pp @@ -0,0 +1,77 @@ +class apache::mod::prefork ( + $startservers = '8', + $minspareservers = '5', + $maxspareservers = '20', + $serverlimit = '256', + $maxclients = '256', + $maxrequestsperchild = '4000', + $apache_version = $::apache::apache_version, +) { + if defined(Class['apache::mod::event']) { + fail('May not include both apache::mod::prefork and apache::mod::event on the same node') + } + if versioncmp($apache_version, '2.4') < 0 { + if defined(Class['apache::mod::itk']) { + fail('May not include both apache::mod::prefork and apache::mod::itk on the same node') + } + } + if defined(Class['apache::mod::peruser']) { + fail('May not include both apache::mod::prefork and apache::mod::peruser on the same node') + } + if defined(Class['apache::mod::worker']) { + fail('May not include both apache::mod::prefork and apache::mod::worker on the same node') + } + File { + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + } + + # Template uses: + # - $startservers + # - $minspareservers + # - $maxspareservers + # - $serverlimit + # - $maxclients + # - $maxrequestsperchild + file { "${::apache::mod_dir}/prefork.conf": + ensure => file, + content => template('apache/mod/prefork.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + + case $::osfamily { + 'redhat': { + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mpm{ 'prefork': + apache_version => $apache_version, + } + } + else { + file_line { '/etc/sysconfig/httpd prefork enable': + ensure => present, + path => '/etc/sysconfig/httpd', + line => '#HTTPD=/usr/sbin/httpd.worker', + match => '#?HTTPD=/usr/sbin/httpd.worker', + require => Package['httpd'], + notify => Class['apache::service'], + } + } + } + 'debian', 'freebsd', 'Suse' : { + ::apache::mpm{ 'prefork': + apache_version => $apache_version, + } + } + 'gentoo': { + ::portage::makeconf { 'apache2_mpms': + content => 'prefork', + } + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy.pp new file mode 100644 index 000000000..8c685d55b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy.pp @@ -0,0 +1,16 @@ +class apache::mod::proxy ( + $proxy_requests = 'Off', + $allow_from = undef, + $apache_version = $::apache::apache_version, +) { + ::apache::mod { 'proxy': } + # Template uses $proxy_requests, $apache_version + file { 'proxy.conf': + ensure => file, + path => "${::apache::mod_dir}/proxy.conf", + content => template('apache/mod/proxy.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_ajp.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_ajp.pp new file mode 100644 index 000000000..a011a1789 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_ajp.pp @@ -0,0 +1,4 @@ +class apache::mod::proxy_ajp { + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_ajp'] + ::apache::mod { 'proxy_ajp': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_balancer.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_balancer.pp new file mode 100644 index 000000000..5a0768d8d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_balancer.pp @@ -0,0 +1,10 @@ +class apache::mod::proxy_balancer { + + include ::apache::mod::proxy + include ::apache::mod::proxy_http + + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_balancer'] + Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_balancer'] + ::apache::mod { 'proxy_balancer': } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_connect.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_connect.pp new file mode 100644 index 000000000..7adef1f89 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_connect.pp @@ -0,0 +1,8 @@ +class apache::mod::proxy_connect ( + $apache_version = $::apache::apache_version, +) { + if versioncmp($apache_version, '2.2') >= 0 { + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_connect'] + ::apache::mod { 'proxy_connect': } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_html.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_html.pp new file mode 100644 index 000000000..8b910c251 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_html.pp @@ -0,0 +1,37 @@ +class apache::mod::proxy_html { + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_html'] + Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_html'] + + # Add libxml2 + case $::osfamily { + /RedHat|FreeBSD|Gentoo/: { + ::apache::mod { 'xml2enc': } + $loadfiles = undef + } + 'Debian': { + $gnu_path = $::hardwaremodel ? { + 'i686' => 'i386', + default => $::hardwaremodel, + } + $loadfiles = $::apache::params::distrelease ? { + '6' => ['/usr/lib/libxml2.so.2'], + '10' => ['/usr/lib/libxml2.so.2'], + default => ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"], + } + } + } + + ::apache::mod { 'proxy_html': + loadfiles => $loadfiles, + } + + # Template uses $icons_path + file { 'proxy_html.conf': + ensure => file, + path => "${::apache::mod_dir}/proxy_html.conf", + content => template('apache/mod/proxy_html.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_http.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_http.pp new file mode 100644 index 000000000..1579e68ee --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/proxy_http.pp @@ -0,0 +1,4 @@ +class apache::mod::proxy_http { + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_http'] + ::apache::mod { 'proxy_http': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/python.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/python.pp new file mode 100644 index 000000000..e326c8d75 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/python.pp @@ -0,0 +1,5 @@ +class apache::mod::python { + ::apache::mod { 'python': } +} + + diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/remoteip.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/remoteip.pp new file mode 100644 index 000000000..564390e94 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/remoteip.pp @@ -0,0 +1,27 @@ +class apache::mod::remoteip ( + $header = 'X-Forwarded-For', + $proxy_ips = [ '127.0.0.1' ], + $proxies_header = undef, + $trusted_proxy_ips = undef, + $apache_version = $::apache::apache_version +) { + if versioncmp($apache_version, '2.4') < 0 { + fail('mod_remoteip is only available in Apache 2.4') + } + + ::apache::mod { 'remoteip': } + + # Template uses: + # - $header + # - $proxy_ips + # - $proxies_header + # - $trusted_proxy_ips + file { 'remoteip.conf': + ensure => file, + path => "${::apache::mod_dir}/remoteip.conf", + content => template('apache/mod/remoteip.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Service['httpd'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/reqtimeout.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/reqtimeout.pp new file mode 100644 index 000000000..34c96a678 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/reqtimeout.pp @@ -0,0 +1,14 @@ +class apache::mod::reqtimeout ( + $timeouts = ['header=20-40,minrate=500', 'body=10,minrate=500'] +){ + ::apache::mod { 'reqtimeout': } + # Template uses no variables + file { 'reqtimeout.conf': + ensure => file, + path => "${::apache::mod_dir}/reqtimeout.conf", + content => template('apache/mod/reqtimeout.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/rewrite.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/rewrite.pp new file mode 100644 index 000000000..694f0b6f5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/rewrite.pp @@ -0,0 +1,4 @@ +class apache::mod::rewrite { + include ::apache::params + ::apache::mod { 'rewrite': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/rpaf.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/rpaf.pp new file mode 100644 index 000000000..12b86eb8b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/rpaf.pp @@ -0,0 +1,20 @@ +class apache::mod::rpaf ( + $sethostname = true, + $proxy_ips = [ '127.0.0.1' ], + $header = 'X-Forwarded-For' +) { + ::apache::mod { 'rpaf': } + + # Template uses: + # - $sethostname + # - $proxy_ips + # - $header + file { 'rpaf.conf': + ensure => file, + path => "${::apache::mod_dir}/rpaf.conf", + content => template('apache/mod/rpaf.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/security.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/security.pp new file mode 100644 index 000000000..4571e2fd2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/security.pp @@ -0,0 +1,76 @@ +class apache::mod::security ( + $crs_package = $::apache::params::modsec_crs_package, + $activated_rules = $::apache::params::modsec_default_rules, + $modsec_dir = $::apache::params::modsec_dir, + $modsec_secruleengine = $::apache::params::modsec_secruleengine, + $allowed_methods = 'GET HEAD POST OPTIONS', + $content_types = 'application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf', + $restricted_extensions = '.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/', + $restricted_headers = '/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/', +){ + + if $::osfamily == 'FreeBSD' { + fail('FreeBSD is not currently supported') + } + + ::apache::mod { 'security': + id => 'security2_module', + lib => 'mod_security2.so', + } + + ::apache::mod { 'unique_id_module': + id => 'unique_id_module', + lib => 'mod_unique_id.so', + } + + if $crs_package { + package { $crs_package: + ensure => 'latest', + before => File[$::apache::confd_dir], + } + } + + # Template uses: + # - $modsec_dir + file { 'security.conf': + ensure => file, + content => template('apache/mod/security.conf.erb'), + path => "${::apache::mod_dir}/security.conf", + owner => $::apache::params::user, + group => $::apache::params::group, + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + + file { $modsec_dir: + ensure => directory, + owner => $::apache::params::user, + group => $::apache::params::group, + mode => '0555', + purge => true, + force => true, + recurse => true, + } + + file { "${modsec_dir}/activated_rules": + ensure => directory, + owner => $::apache::params::user, + group => $::apache::params::group, + mode => '0555', + purge => true, + force => true, + recurse => true, + notify => Class['apache::service'], + } + + file { "${modsec_dir}/security_crs.conf": + ensure => file, + content => template('apache/mod/security_crs.conf.erb'), + require => File[$modsec_dir], + notify => Class['apache::service'], + } + + apache::security::rule_link { $activated_rules: } + +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/setenvif.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/setenvif.pp new file mode 100644 index 000000000..c73102dfb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/setenvif.pp @@ -0,0 +1,12 @@ +class apache::mod::setenvif { + ::apache::mod { 'setenvif': } + # Template uses no variables + file { 'setenvif.conf': + ensure => file, + path => "${::apache::mod_dir}/setenvif.conf", + content => template('apache/mod/setenvif.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/shib.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/shib.pp new file mode 100644 index 000000000..8ec4c6dd1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/shib.pp @@ -0,0 +1,15 @@ +class apache::mod::shib ( + $suppress_warning = false, +) { + + if $::osfamily == 'RedHat' and ! $suppress_warning { + warning('RedHat distributions do not have Apache mod_shib in their default package repositories.') + } + + $mod_shib = 'shib2' + + apache::mod {$mod_shib: + id => 'mod_shib', + } + +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/speling.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/speling.pp new file mode 100644 index 000000000..eb46d78f0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/speling.pp @@ -0,0 +1,3 @@ +class apache::mod::speling { + ::apache::mod { 'speling': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/ssl.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/ssl.pp new file mode 100644 index 000000000..a653baded --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/ssl.pp @@ -0,0 +1,81 @@ +class apache::mod::ssl ( + $ssl_compression = false, + $ssl_cryptodevice = 'builtin', + $ssl_options = [ 'StdEnvVars' ], + $ssl_openssl_conf_cmd = undef, + $ssl_cipher = 'HIGH:MEDIUM:!aNULL:!MD5:!RC4', + $ssl_honorcipherorder = 'On', + $ssl_protocol = [ 'all', '-SSLv2', '-SSLv3' ], + $ssl_pass_phrase_dialog = 'builtin', + $ssl_random_seed_bytes = '512', + $ssl_sessioncachetimeout = '300', + $apache_version = $::apache::apache_version, + $package_name = undef, +) { + + case $::osfamily { + 'debian': { + if versioncmp($apache_version, '2.4') >= 0 { + $ssl_mutex = 'default' + } elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' { + $ssl_mutex = 'file:/var/run/apache2/ssl_mutex' + } else { + $ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex" + } + } + 'redhat': { + $ssl_mutex = 'default' + } + 'freebsd': { + $ssl_mutex = 'default' + } + 'gentoo': { + $ssl_mutex = 'default' + } + 'Suse': { + $ssl_mutex = 'default' + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } + + $session_cache = $::osfamily ? { + 'debian' => "\${APACHE_RUN_DIR}/ssl_scache(512000)", + 'redhat' => '/var/cache/mod_ssl/scache(512000)', + 'freebsd' => '/var/run/ssl_scache(512000)', + 'gentoo' => '/var/run/ssl_scache(512000)', + 'Suse' => '/var/lib/apache2/ssl_scache(512000)' + } + + ::apache::mod { 'ssl': + package => $package_name, + } + + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mod { 'socache_shmcb': } + } + + # Template uses + # + # $ssl_compression + # $ssl_cryptodevice + # $ssl_cipher + # $ssl_honorcipherorder + # $ssl_options + # $ssl_openssl_conf_cmd + # $session_cache + # $ssl_mutex + # $ssl_random_seed_bytes + # $ssl_sessioncachetimeout + # $apache_version + # + file { 'ssl.conf': + ensure => file, + path => "${::apache::mod_dir}/ssl.conf", + content => template('apache/mod/ssl.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/status.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/status.pp new file mode 100644 index 000000000..4c3f8d9e2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/status.pp @@ -0,0 +1,46 @@ +# Class: apache::mod::status +# +# This class enables and configures Apache mod_status +# See: http://httpd.apache.org/docs/current/mod/mod_status.html +# +# Parameters: +# - $allow_from is an array of hosts, ip addresses, partial network numbers +# or networks in CIDR notation specifying what hosts can view the special +# /server-status URL. Defaults to ['127.0.0.1', '::1']. +# - $extended_status track and display extended status information. Valid +# values are 'On' or 'Off'. Defaults to 'On'. +# - $status_path is the path assigned to the Location directive which +# defines the URL to access the server status. Defaults to '/server-status'. +# +# Actions: +# - Enable and configure Apache mod_status +# +# Requires: +# - The apache class +# +# Sample Usage: +# +# # Simple usage allowing access from localhost and a private subnet +# class { 'apache::mod::status': +# $allow_from => ['127.0.0.1', '10.10.10.10/24'], +# } +# +class apache::mod::status ( + $allow_from = ['127.0.0.1','::1'], + $extended_status = 'On', + $apache_version = $::apache::apache_version, + $status_path = '/server-status', +){ + validate_array($allow_from) + validate_re(downcase($extended_status), '^(on|off)$', "${extended_status} is not supported for extended_status. Allowed values are 'On' and 'Off'.") + ::apache::mod { 'status': } + # Template uses $allow_from, $extended_status, $apache_version, $status_path + file { 'status.conf': + ensure => file, + path => "${::apache::mod_dir}/status.conf", + content => template('apache/mod/status.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/suexec.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/suexec.pp new file mode 100644 index 000000000..ded013d49 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/suexec.pp @@ -0,0 +1,3 @@ +class apache::mod::suexec { + ::apache::mod { 'suexec': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/suphp.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/suphp.pp new file mode 100644 index 000000000..c50beea06 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/suphp.pp @@ -0,0 +1,14 @@ +class apache::mod::suphp ( +){ + ::apache::mod { 'suphp': } + + file {'suphp.conf': + ensure => file, + path => "${::apache::mod_dir}/suphp.conf", + content => template('apache/mod/suphp.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} + diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/userdir.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/userdir.pp new file mode 100644 index 000000000..4b3d0b8e8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/userdir.pp @@ -0,0 +1,19 @@ +class apache::mod::userdir ( + $home = '/home', + $dir = 'public_html', + $disable_root = true, + $apache_version = $::apache::apache_version, + $options = [ 'MultiViews', 'Indexes', 'SymLinksIfOwnerMatch', 'IncludesNoExec' ], +) { + ::apache::mod { 'userdir': } + + # Template uses $home, $dir, $disable_root, $apache_version + file { 'userdir.conf': + ensure => file, + path => "${::apache::mod_dir}/userdir.conf", + content => template('apache/mod/userdir.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/version.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/version.pp new file mode 100644 index 000000000..1cc4412e1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/version.pp @@ -0,0 +1,10 @@ +class apache::mod::version( + $apache_version = $::apache::apache_version +) { + + if ($::osfamily == 'debian' and versioncmp($apache_version, '2.4') >= 0) { + warning("${module_name}: module version_module is built-in and can't be loaded") + } else { + ::apache::mod { 'version': } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/vhost_alias.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/vhost_alias.pp new file mode 100644 index 000000000..30ae122e1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/vhost_alias.pp @@ -0,0 +1,3 @@ +class apache::mod::vhost_alias { + ::apache::mod { 'vhost_alias': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/worker.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/worker.pp new file mode 100644 index 000000000..9e417e0c4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/worker.pp @@ -0,0 +1,135 @@ +# == Class: apache::mod::worker +# +# +# === Parameters +# +# [*startservers*] +# (optional) The number of child server processes created on startup +# Defaults is '2' +# +# [*maxclients*] +# (optional) The max number of simultaneous requests that will be served. +# This is the old name and is still supported. The new name is +# MaxRequestWorkers as of 2.3.13. +# Default is '150' +# +# [*minsparethreads*] +# (optional) Minimum number of idle threads to handle request spikes. +# Default is '25' +# +# [*maxsparethreads*] +# (optional) Maximum number of idle threads. +# Default is '75' +# +# [*threadsperchild*] +# (optional) The number of threads created by each child process. +# Default is '25' +# +# [*maxrequestsperchild*] +# (optional) Limit on the number of connectiojns an individual child server +# process will handle. This is the old name and is still supported. The new +# name is MaxConnectionsPerChild as of 2.3.9+. +# Default is '0' +# +# [*serverlimit*] +# (optional) With worker, use this directive only if your MaxRequestWorkers +# and ThreadsPerChild settings require more than 16 server processes +# (default). Do not set the value of this directive any higher than the +# number of server processes required by what you may want for +# MaxRequestWorkers and ThreadsPerChild. +# Default is '25' +# +# [*threadlimit*] +# (optional) This directive sets the maximum configured value for +# ThreadsPerChild for the lifetime of the Apache httpd process. +# Default is '64' +# +# [*listenbacklog*] +# (optional) Maximum length of the queue of pending connections. +# Defaults is '511' +# +# [*apache_version*] +# (optional) +# Default is $::apache::apache_version +# +class apache::mod::worker ( + $startservers = '2', + $maxclients = '150', + $minsparethreads = '25', + $maxsparethreads = '75', + $threadsperchild = '25', + $maxrequestsperchild = '0', + $serverlimit = '25', + $threadlimit = '64', + $listenbacklog = '511', + $apache_version = $::apache::apache_version, +) { + if defined(Class['apache::mod::event']) { + fail('May not include both apache::mod::worker and apache::mod::event on the same node') + } + if defined(Class['apache::mod::itk']) { + fail('May not include both apache::mod::worker and apache::mod::itk on the same node') + } + if defined(Class['apache::mod::peruser']) { + fail('May not include both apache::mod::worker and apache::mod::peruser on the same node') + } + if defined(Class['apache::mod::prefork']) { + fail('May not include both apache::mod::worker and apache::mod::prefork on the same node') + } + File { + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + } + + # Template uses: + # - $startservers + # - $maxclients + # - $minsparethreads + # - $maxsparethreads + # - $threadsperchild + # - $maxrequestsperchild + # - $serverlimit + # - $threadLimit + # - $listenbacklog + file { "${::apache::mod_dir}/worker.conf": + ensure => file, + content => template('apache/mod/worker.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } + + case $::osfamily { + 'redhat': { + if versioncmp($apache_version, '2.4') >= 0 { + ::apache::mpm{ 'worker': + apache_version => $apache_version, + } + } + else { + file_line { '/etc/sysconfig/httpd worker enable': + ensure => present, + path => '/etc/sysconfig/httpd', + line => 'HTTPD=/usr/sbin/httpd.worker', + match => '#?HTTPD=/usr/sbin/httpd.worker', + require => Package['httpd'], + notify => Class['apache::service'], + } + } + } + 'debian', 'freebsd', 'Suse': { + ::apache::mpm{ 'worker': + apache_version => $apache_version, + } + } + 'gentoo': { + ::portage::makeconf { 'apache2_mpms': + content => 'worker', + } + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/wsgi.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/wsgi.pp new file mode 100644 index 000000000..bff5b46b7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/wsgi.pp @@ -0,0 +1,41 @@ +class apache::mod::wsgi ( + $wsgi_socket_prefix = $::apache::params::wsgi_socket_prefix, + $wsgi_python_path = undef, + $wsgi_python_home = undef, + $package_name = undef, + $mod_path = undef, +){ + + if ($package_name != undef and $mod_path == undef) or ($package_name == undef and $mod_path != undef) { + fail('apache::mod::wsgi - both package_name and mod_path must be specified!') + } + + if $package_name != undef { + if $mod_path =~ /\// { + $_mod_path = $mod_path + } else { + $_mod_path = "${::apache::lib_path}/${mod_path}" + } + ::apache::mod { 'wsgi': + package => $package_name, + path => $_mod_path, + } + } + else { + ::apache::mod { 'wsgi': } + } + + # Template uses: + # - $wsgi_socket_prefix + # - $wsgi_python_path + # - $wsgi_python_home + file {'wsgi.conf': + ensure => file, + path => "${::apache::mod_dir}/wsgi.conf", + content => template('apache/mod/wsgi.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Class['apache::service'], + } +} + diff --git a/modules/services/unix/http/apache/module/apache/manifests/mod/xsendfile.pp b/modules/services/unix/http/apache/module/apache/manifests/mod/xsendfile.pp new file mode 100644 index 000000000..7c5e88437 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mod/xsendfile.pp @@ -0,0 +1,4 @@ +class apache::mod::xsendfile { + include ::apache::params + ::apache::mod { 'xsendfile': } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/mpm.pp b/modules/services/unix/http/apache/module/apache/manifests/mpm.pp new file mode 100644 index 000000000..153540910 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/mpm.pp @@ -0,0 +1,127 @@ +define apache::mpm ( + $lib_path = $::apache::lib_path, + $apache_version = $::apache::apache_version, +) { + if ! defined(Class['apache']) { + fail('You must include the apache base class before using any apache defined resources') + } + + $mpm = $name + $mod_dir = $::apache::mod_dir + + $_lib = "mod_mpm_${mpm}.so" + $_path = "${lib_path}/${_lib}" + $_id = "mpm_${mpm}_module" + + if versioncmp($apache_version, '2.4') >= 0 { + file { "${mod_dir}/${mpm}.load": + ensure => file, + path => "${mod_dir}/${mpm}.load", + content => "LoadModule ${_id} ${_path}\n", + require => [ + Package['httpd'], + Exec["mkdir ${mod_dir}"], + ], + before => File[$mod_dir], + notify => Class['apache::service'], + } + } + + case $::osfamily { + 'debian': { + file { "${::apache::mod_enable_dir}/${mpm}.conf": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.conf", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if versioncmp($apache_version, '2.4') >= 0 { + file { "${::apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if $mpm == 'itk' { + file { "${lib_path}/mod_mpm_itk.so": + ensure => link, + target => "${lib_path}/mpm_itk.so", + require => Package['httpd'], + before => Class['apache::service'], + } + } + } + + if $mpm == 'itk' and $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '14.04' { + # workaround https://bugs.launchpad.net/ubuntu/+source/mpm-itk/+bug/1286882 + exec { + '/usr/sbin/a2dismod mpm_event': + onlyif => '/usr/bin/test -e /etc/apache2/mods-enabled/mpm_event.load', + require => Package['httpd'], + before => Package['apache2-mpm-itk'], + } + } + + if versioncmp($apache_version, '2.4') < 0 or $mpm == 'itk' { + package { "apache2-mpm-${mpm}": + ensure => present, + } + if $::apache::mod_enable_dir { + Package["apache2-mpm-${mpm}"] { + before => File[$::apache::mod_enable_dir], + } + } + } + } + 'freebsd': { + class { '::apache::package': + mpm_module => $mpm + } + } + 'gentoo': { + # so we don't fail + } + 'redhat': { + # so we don't fail + } + 'Suse': { + file { "${::apache::mod_enable_dir}/${mpm}.conf": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.conf", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if versioncmp($apache_version, '2.4') >= 0 { + file { "${::apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${::apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], + notify => Class['apache::service'], + } + + if $mpm == 'itk' { + file { "${lib_path}/mod_mpm_itk.so": + ensure => link, + target => "${lib_path}/mpm_itk.so" + } + } + } + + if versioncmp($apache_version, '2.4') < 0 { + package { "apache2-${mpm}": + ensure => present, + } + } + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/namevirtualhost.pp b/modules/services/unix/http/apache/module/apache/manifests/namevirtualhost.pp new file mode 100644 index 000000000..f8c3a80d8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/namevirtualhost.pp @@ -0,0 +1,10 @@ +define apache::namevirtualhost { + $addr_port = $name + + # Template uses: $addr_port + concat::fragment { "NameVirtualHost ${addr_port}": + ensure => present, + target => $::apache::ports_file, + content => template('apache/namevirtualhost.erb'), + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/package.pp b/modules/services/unix/http/apache/module/apache/manifests/package.pp new file mode 100644 index 000000000..5c59f2546 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/package.pp @@ -0,0 +1,65 @@ +class apache::package ( + $ensure = 'present', + $mpm_module = $::apache::params::mpm_module, +) inherits ::apache::params { + + # The base class must be included first because it is used by parameter defaults + if ! defined(Class['apache']) { + fail('You must include the apache base class before using any apache defined resources') + } + + case $::osfamily { + 'FreeBSD': { + case $mpm_module { + 'prefork': { + $set = 'MPM_PREFORK' + $unset = 'MPM_WORKER MPM_EVENT' + } + 'worker': { + $set = 'MPM_WORKER' + $unset = 'MPM_PREFORK MPM_EVENT' + } + 'event': { + $set = 'MPM_EVENT' + $unset = 'MPM_PREFORK MPM_WORKER' + } + 'itk': { + $set = undef + $unset = undef + package { 'www/mod_mpm_itk': + ensure => installed, + } + } + default: { fail("MPM module ${mpm_module} not supported on FreeBSD") } + } + + # Configure ports to have apache build options set correctly + if $set { + file_line { 'apache SET options in /etc/make.conf': + ensure => $ensure, + path => '/etc/make.conf', + line => "apache24_SET_FORCE=${set}", + match => '^apache24_SET_FORCE=.*', + before => Package['httpd'], + } + file_line { 'apache UNSET options in /etc/make.conf': + ensure => $ensure, + path => '/etc/make.conf', + line => "apache24_UNSET_FORCE=${unset}", + match => '^apache24_UNSET_FORCE=.*', + before => Package['httpd'], + } + } + $apache_package = $::apache::apache_name + } + default: { + $apache_package = $::apache::apache_name + } + } + + package { 'httpd': + ensure => $ensure, + name => $apache_package, + notify => Class['Apache::Service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/peruser/multiplexer.pp b/modules/services/unix/http/apache/module/apache/manifests/peruser/multiplexer.pp new file mode 100644 index 000000000..97143a1d4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/peruser/multiplexer.pp @@ -0,0 +1,17 @@ +define apache::peruser::multiplexer ( + $user = $::apache::user, + $group = $::apache::group, + $file = undef, +) { + if ! $file { + $filename = "${name}.conf" + } else { + $filename = $file + } + file { "${::apache::mod_dir}/peruser/multiplexers/${filename}": + ensure => file, + content => "Multiplexer ${user} ${group}\n", + require => File["${::apache::mod_dir}/peruser/multiplexers"], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/peruser/processor.pp b/modules/services/unix/http/apache/module/apache/manifests/peruser/processor.pp new file mode 100644 index 000000000..30de61d7c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/peruser/processor.pp @@ -0,0 +1,17 @@ +define apache::peruser::processor ( + $user, + $group, + $file = undef, +) { + if ! $file { + $filename = "${name}.conf" + } else { + $filename = $file + } + file { "${::apache::mod_dir}/peruser/processors/${filename}": + ensure => file, + content => "Processor ${user} ${group}\n", + require => File["${::apache::mod_dir}/peruser/processors"], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/php.pp b/modules/services/unix/http/apache/module/apache/manifests/php.pp new file mode 100644 index 000000000..9fa9c682e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/php.pp @@ -0,0 +1,18 @@ +# Class: apache::php +# +# This class installs PHP for Apache +# +# Parameters: +# - $php_package +# +# Actions: +# - Install Apache PHP package +# +# Requires: +# +# Sample Usage: +# +class apache::php { + warning('apache::php is deprecated; please use apache::mod::php') + include ::apache::mod::php +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/proxy.pp b/modules/services/unix/http/apache/module/apache/manifests/proxy.pp new file mode 100644 index 000000000..050f36c27 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/proxy.pp @@ -0,0 +1,15 @@ +# Class: apache::proxy +# +# This class enabled the proxy module for Apache +# +# Actions: +# - Enables Apache Proxy module +# +# Requires: +# +# Sample Usage: +# +class apache::proxy { + warning('apache::proxy is deprecated; please use apache::mod::proxy') + include ::apache::mod::proxy +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/python.pp b/modules/services/unix/http/apache/module/apache/manifests/python.pp new file mode 100644 index 000000000..723a753f8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/python.pp @@ -0,0 +1,18 @@ +# Class: apache::python +# +# This class installs Python for Apache +# +# Parameters: +# - $php_package +# +# Actions: +# - Install Apache Python package +# +# Requires: +# +# Sample Usage: +# +class apache::python { + warning('apache::python is deprecated; please use apache::mod::python') + include ::apache::mod::python +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/security/rule_link.pp b/modules/services/unix/http/apache/module/apache/manifests/security/rule_link.pp new file mode 100644 index 000000000..a56a2d97f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/security/rule_link.pp @@ -0,0 +1,13 @@ +define apache::security::rule_link () { + + $parts = split($title, '/') + $filename = $parts[-1] + + file { $filename: + ensure => 'link', + path => "${::apache::mod::security::modsec_dir}/activated_rules/${filename}", + target => "${::apache::params::modsec_crs_path}/${title}", + require => File["${::apache::mod::security::modsec_dir}/activated_rules"], + notify => Class['apache::service'], + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/service.pp b/modules/services/unix/http/apache/module/apache/manifests/service.pp new file mode 100644 index 000000000..708027921 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/service.pp @@ -0,0 +1,49 @@ +# Class: apache::service +# +# Manages the Apache daemon +# +# Parameters: +# +# Actions: +# - Manage Apache service +# +# Requires: +# +# Sample Usage: +# +# sometype { 'foo': +# notify => Class['apache::service'], +# } +# +# +class apache::service ( + $service_name = $::apache::params::service_name, + $service_enable = true, + $service_ensure = 'running', + $service_manage = true, + $service_restart = undef +) { + # The base class must be included first because parameter defaults depend on it + if ! defined(Class['apache::params']) { + fail('You must include the apache::params class before using any apache defined resources') + } + validate_bool($service_enable) + validate_bool($service_manage) + + case $service_ensure { + true, false, 'running', 'stopped': { + $_service_ensure = $service_ensure + } + default: { + $_service_ensure = undef + } + } + if $service_manage { + service { 'httpd': + ensure => $_service_ensure, + name => $service_name, + enable => $service_enable, + restart => $service_restart + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/version.pp b/modules/services/unix/http/apache/module/apache/manifests/version.pp new file mode 100644 index 000000000..527dc6d38 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/version.pp @@ -0,0 +1,45 @@ +# Class: apache::version +# +# Try to automatically detect the version by OS +# +class apache::version { + # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, etc. + $osr_array = split($::operatingsystemrelease,'[\/\.]') + $distrelease = $osr_array[0] + if ! $distrelease { + fail("Class['apache::version']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") + } + + case $::osfamily { + 'RedHat': { + if ($::operatingsystem == 'Amazon') { + $default = '2.2' + } elsif ($::operatingsystem == 'Fedora' and versioncmp($distrelease, '18') >= 0) or ($::operatingsystem != 'Fedora' and versioncmp($distrelease, '7') >= 0) { + $default = '2.4' + } else { + $default = '2.2' + } + } + 'Debian': { + if $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '13.10') >= 0 { + $default = '2.4' + } elsif $::operatingsystem == 'Debian' and versioncmp($distrelease, '8') >= 0 { + $default = '2.4' + } else { + $default = '2.2' + } + } + 'FreeBSD': { + $default = '2.4' + } + 'Gentoo': { + $default = '2.4' + } + 'Suse': { + $default = '2.2' + } + default: { + fail("Class['apache::version']: Unsupported osfamily: ${::osfamily}") + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/manifests/vhost/custom.pp b/modules/services/unix/http/apache/module/apache/manifests/vhost/custom.pp new file mode 100644 index 000000000..12567f5db --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/manifests/vhost/custom.pp @@ -0,0 +1,37 @@ +# See README.md for usage information +define apache::vhost::custom( + $content, + $ensure = 'present', + $priority = '25', +) { + include ::apache + + ## Apache include does not always work with spaces in the filename + $filename = regsubst($name, ' ', '_', 'G') + + ::apache::custom_config { $filename: + ensure => $ensure, + confdir => $::apache::vhost_dir, + content => $content, + priority => $priority, + } + + # NOTE(pabelanger): This code is duplicated in ::apache::vhost and needs to + # converted into something generic. + if $::apache::vhost_enable_dir { + $vhost_symlink_ensure = $ensure ? { + present => link, + default => $ensure, + } + + file { "${priority}-${filename}.conf symlink": + ensure => $vhost_symlink_ensure, + path => "${::apache::vhost_enable_dir}/${priority}-${filename}.conf", + target => "${::apache::vhost_dir}/${priority}-${filename}.conf", + owner => 'root', + group => $::apache::params::root_group, + mode => $::apache::file_mode, + require => Apache::Custom_config[$filename], + } + } +} diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_parameters_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_parameters_spec.rb new file mode 100644 index 000000000..923df6666 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_parameters_spec.rb @@ -0,0 +1,501 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache parameters' do + + # Currently this test only does something on FreeBSD. + describe 'default_confd_files => false' do + it 'doesnt do anything' do + pp = "class { 'apache': default_confd_files => false }" + apply_manifest(pp, :catch_failures => true) + end + + if fact('osfamily') == 'FreeBSD' + describe file("#{$confd_dir}/no-accf.conf.erb") do + it { is_expected.not_to be_file } + end + end + end + describe 'default_confd_files => true' do + it 'copies conf.d files' do + pp = "class { 'apache': default_confd_files => true }" + apply_manifest(pp, :catch_failures => true) + end + + if fact('osfamily') == 'FreeBSD' + describe file("#{$confd_dir}/no-accf.conf.erb") do + it { is_expected.to be_file } + end + end + end + + describe 'when set adds a listen statement' do + it 'applys cleanly' do + pp = "class { 'apache': ip => '10.1.1.1', service_ensure => stopped }" + apply_manifest(pp, :catch_failures => true) + end + + describe file($ports_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Listen 10.1.1.1' } + end + end + + describe 'service tests => true' do + it 'starts the service' do + pp = <<-EOS + class { 'apache': + service_enable => true, + service_manage => true, + service_ensure => running, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + it { is_expected.to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { is_expected.to be_enabled } + end + end + end + + describe 'service tests => false' do + it 'stops the service' do + pp = <<-EOS + class { 'apache': + service_enable => false, + service_ensure => stopped, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + it { is_expected.not_to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { is_expected.not_to be_enabled } + end + end + end + + describe 'service manage => false' do + it 'we dont manage the service, so it shouldnt start the service' do + pp = <<-EOS + class { 'apache': + service_enable => true, + service_manage => false, + service_ensure => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + it { is_expected.not_to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { is_expected.not_to be_enabled } + end + end + end + + describe 'purge parameters => false' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': + purge_configs => false, + purge_vhost_dir => false, + vhost_dir => "#{$confd_dir}.vhosts" + } + EOS + shell("touch #{$confd_dir}/test.conf") + shell("mkdir -p #{$confd_dir}.vhosts && touch #{$confd_dir}.vhosts/test.conf") + apply_manifest(pp, :catch_failures => true) + end + + # Ensure the files didn't disappear. + describe file("#{$confd_dir}/test.conf") do + it { is_expected.to be_file } + end + describe file("#{$confd_dir}.vhosts/test.conf") do + it { is_expected.to be_file } + end + end + + if fact('osfamily') != 'Debian' + describe 'purge parameters => true' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': + purge_configs => true, + purge_vhost_dir => true, + vhost_dir => "#{$confd_dir}.vhosts" + } + EOS + shell("touch #{$confd_dir}/test.conf") + shell("mkdir -p #{$confd_dir}.vhosts && touch #{$confd_dir}.vhosts/test.conf") + apply_manifest(pp, :catch_failures => true) + end + + # File should be gone + describe file("#{$confd_dir}/test.conf") do + it { is_expected.not_to be_file } + end + describe file("#{$confd_dir}.vhosts/test.conf") do + it { is_expected.not_to be_file } + end + end + end + + describe 'serveradmin' do + it 'applies cleanly' do + pp = "class { 'apache': serveradmin => 'test@example.com' }" + apply_manifest(pp, :catch_failures => true) + end + + describe file($vhost) do + it { is_expected.to be_file } + it { is_expected.to contain 'ServerAdmin test@example.com' } + end + end + + describe 'sendfile' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': sendfile => 'On' }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'EnableSendfile On' } + end + + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': sendfile => 'Off' }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Sendfile Off' } + end + end + + describe 'error_documents' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': error_documents => true }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Alias /error/' } + end + end + + describe 'timeout' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': timeout => '1234' }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Timeout 1234' } + end + end + + describe 'httpd_dir' do + describe 'setup' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } + include 'apache::mod::mime' + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + describe file("#{$mod_dir}/mime.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'AddLanguage eo .eo' } + end + end + + describe 'server_root' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': server_root => '/tmp/root', service_ensure => stopped }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'ServerRoot "/tmp/root"' } + end + end + + describe 'confd_dir' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': confd_dir => '/tmp/root', service_ensure => stopped, use_optional_includes => true }" + apply_manifest(pp, :catch_failures => true) + end + end + + if $apache_version == '2.4' + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'IncludeOptional "/tmp/root/*.conf"' } + end + else + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Include "/tmp/root/*.conf"' } + end + end + end + + describe 'conf_template' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': conf_template => 'another/test.conf.erb', service_ensure => stopped }" + shell("mkdir -p #{default['distmoduledir']}/another/templates") + shell("echo 'testcontent' >> #{default['distmoduledir']}/another/templates/test.conf.erb") + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'testcontent' } + end + end + + describe 'servername' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': servername => 'test.server', service_ensure => stopped }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'ServerName "test.server"' } + end + end + + describe 'user' do + describe 'setup' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': + manage_user => true, + manage_group => true, + user => 'testweb', + group => 'testweb', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + describe user('testweb') do + it { is_expected.to exist } + it { is_expected.to belong_to_group 'testweb' } + end + + describe group('testweb') do + it { is_expected.to exist } + end + end + + describe 'logformats' do + describe 'setup' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': + log_formats => { + 'vhost_common' => '%v %h %l %u %t \\\"%r\\\" %>s %b', + 'vhost_combined' => '%v %h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-agent}i\\\"', + } + } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common' } + it { is_expected.to contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined' } + end + end + + + describe 'keepalive' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30', max_keepalive_requests => '200' }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'KeepAlive On' } + it { is_expected.to contain 'KeepAliveTimeout 30' } + it { is_expected.to contain 'MaxKeepAliveRequests 200' } + end + end + + describe 'limitrequestfieldsize' do + describe 'setup' do + it 'applies cleanly' do + pp = "class { 'apache': limitreqfieldsize => '16830' }" + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'LimitRequestFieldSize 16830' } + end + end + + describe 'logging' do + describe 'setup' do + it 'applies cleanly' do + pp = <<-EOS + if $::osfamily == 'RedHat' and "$::selinux" == "true" { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + default => 'policycoreutils-python', + } + + package { $semanage_package: ensure => installed } + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_log_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package[$semanage_package], + } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + } + file { '/apache_spec': ensure => directory, } + class { 'apache': logroot => '/apache_spec' } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + describe file("/apache_spec/#{$error_log}") do + it { is_expected.to be_file } + end + end + + describe 'ports_file' do + it 'applys cleanly' do + pp = <<-EOS + file { '/apache_spec': ensure => directory, } + class { 'apache': + ports_file => '/apache_spec/ports_file', + ip => '10.1.1.1', + service_ensure => stopped + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file('/apache_spec/ports_file') do + it { is_expected.to be_file } + it { is_expected.to contain 'Listen 10.1.1.1' } + end + end + + describe 'server_tokens' do + it 'applys cleanly' do + pp = <<-EOS + class { 'apache': + server_tokens => 'Minor', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'ServerTokens Minor' } + end + end + + describe 'server_signature' do + it 'applys cleanly' do + pp = <<-EOS + class { 'apache': + server_signature => 'testsig', + service_ensure => stopped, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'ServerSignature testsig' } + end + end + + describe 'trace_enable' do + it 'applys cleanly' do + pp = <<-EOS + class { 'apache': + trace_enable => 'Off', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($conf_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'TraceEnable Off' } + end + end + + describe 'package_ensure' do + it 'applys cleanly' do + pp = <<-EOS + class { 'apache': + package_ensure => present, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe package($package_name) do + it { is_expected.to be_installed } + end + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_ssl_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_ssl_spec.rb new file mode 100644 index 000000000..254a3c35a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/apache_ssl_spec.rb @@ -0,0 +1,93 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache ssl' do + + describe 'ssl parameters' do + it 'runs without error' do + pp = <<-EOS + class { 'apache': + service_ensure => stopped, + default_ssl_vhost => true, + default_ssl_cert => '/tmp/ssl_cert', + default_ssl_key => '/tmp/ssl_key', + default_ssl_chain => '/tmp/ssl_chain', + default_ssl_ca => '/tmp/ssl_ca', + default_ssl_crl_path => '/tmp/ssl_crl_path', + default_ssl_crl => '/tmp/ssl_crl', + default_ssl_crl_check => 'chain', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/15-default-ssl.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } + it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } + it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } + it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } + it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } + it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } + if $apache_version == '2.4' + it { is_expected.to contain 'SSLCARevocationCheck "chain"' } + else + it { is_expected.not_to contain 'SSLCARevocationCheck' } + end + end + end + + describe 'vhost ssl parameters' do + it 'runs without error' do + pp = <<-EOS + class { 'apache': + service_ensure => stopped, + } + + apache::vhost { 'test_ssl': + docroot => '/tmp/test', + ssl => true, + ssl_cert => '/tmp/ssl_cert', + ssl_key => '/tmp/ssl_key', + ssl_chain => '/tmp/ssl_chain', + ssl_ca => '/tmp/ssl_ca', + ssl_crl_path => '/tmp/ssl_crl_path', + ssl_crl => '/tmp/ssl_crl', + ssl_crl_check => 'chain', + ssl_certs_dir => '/tmp', + ssl_protocol => 'test', + ssl_cipher => 'test', + ssl_honorcipherorder => 'test', + ssl_verify_client => 'test', + ssl_verify_depth => 'test', + ssl_options => ['test', 'test1'], + ssl_proxyengine => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test_ssl.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'SSLCertificateFile "/tmp/ssl_cert"' } + it { is_expected.to contain 'SSLCertificateKeyFile "/tmp/ssl_key"' } + it { is_expected.to contain 'SSLCertificateChainFile "/tmp/ssl_chain"' } + it { is_expected.to contain 'SSLCACertificateFile "/tmp/ssl_ca"' } + it { is_expected.to contain 'SSLCARevocationPath "/tmp/ssl_crl_path"' } + it { is_expected.to contain 'SSLCARevocationFile "/tmp/ssl_crl"' } + it { is_expected.to contain 'SSLProxyEngine On' } + it { is_expected.to contain 'SSLProtocol test' } + it { is_expected.to contain 'SSLCipherSuite test' } + it { is_expected.to contain 'SSLHonorCipherOrder test' } + it { is_expected.to contain 'SSLVerifyClient test' } + it { is_expected.to contain 'SSLVerifyDepth test' } + it { is_expected.to contain 'SSLOptions test test1' } + if $apache_version == '2.4' + it { is_expected.to contain 'SSLCARevocationCheck "chain"' } + else + it { is_expected.not_to contain 'SSLCARevocationCheck' } + end + end + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/class_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/class_spec.rb new file mode 100644 index 000000000..aff79eb08 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/class_spec.rb @@ -0,0 +1,79 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache class' do + context 'default parameters' do + let(:pp) do + <<-EOS + class { 'apache': } + EOS + end + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + + describe package($package_name) do + it { is_expected.to be_installed } + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe port(80) do + it { should be_listening } + end + end + + context 'custom site/mod dir parameters' do + # Using puppet_apply as a helper + let(:pp) do + <<-EOS + if $::osfamily == 'RedHat' and "$::selinux" == "true" { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + default => 'policycoreutils-python', + } + + package { $semanage_package: ensure => installed } + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + subscribe => Package[$semanage_package], + refreshonly => true, + } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + subscribe => Exec['set_apache_defaults'], + refreshonly => true, + } + } + file { '/apache_spec': ensure => directory, } + file { '/apache_spec/apache_custom': ensure => directory, } + class { 'apache': + mod_dir => '/apache_spec/apache_custom/mods', + vhost_dir => '/apache_spec/apache_custom/vhosts', + } + EOS + end + + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/custom_config_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/custom_config_spec.rb new file mode 100644 index 000000000..c8e254e85 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/custom_config_spec.rb @@ -0,0 +1,94 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::custom_config define' do + context 'invalid config' do + it 'should not add the config' do + pp = <<-EOS + class { 'apache': } + apache::custom_config { 'acceptance_test': + content => 'INVALID', + } + EOS + + apply_manifest(pp, :expect_failures => true) + end + + describe file("#{$confd_dir}/25-acceptance_test.conf") do + it { is_expected.not_to be_file } + end + end + + context 'valid config' do + it 'should add the config' do + pp = <<-EOS + class { 'apache': } + apache::custom_config { 'acceptance_test': + content => '# just a comment', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$confd_dir}/25-acceptance_test.conf") do + it { is_expected.to contain '# just a comment' } + end + end + + context 'with a custom filename' do + it 'should store content in the described file' do + pp = <<-EOS + class { 'apache': } + apache::custom_config { 'filename_test': + filename => 'custom_filename', + content => '# just another comment', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$confd_dir}/custom_filename") do + it { is_expected.to contain '# just another comment' } + end + end + + describe 'custom_config without priority prefix' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + apache::custom_config { 'prefix_test': + priority => false, + content => '# just a comment', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$confd_dir}/prefix_test.conf") do + it { is_expected.to be_file } + end + end + + describe 'custom_config only applied after configs are written' do + it 'applies in the right order' do + pp = <<-EOS + class { 'apache': } + + apache::custom_config { 'ordering_test': + content => '# just a comment', + } + + # Try to wedge the apache::custom_config call between when httpd.conf is written and + # ports.conf is written. This should trigger a dependency cycle + File["#{$conf_file}"] -> Apache::Custom_config['ordering_test'] -> Concat["#{$ports_file}"] + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Found 1 dependency cycle/i) + end + + describe file("#{$confd_dir}/25-ordering_test.conf") do + it { is_expected.not_to be_file } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/default_mods_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/default_mods_spec.rb new file mode 100644 index 000000000..3f2852696 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/default_mods_spec.rb @@ -0,0 +1,102 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::default_mods class' do + describe 'no default mods' do + # Using puppet_apply as a helper + let(:pp) do + <<-EOS + class { 'apache': + default_mods => false, + } + EOS + end + + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + describe service($service_name) do + it { is_expected.to be_running } + end + end + + describe 'no default mods and failing' do + # Using puppet_apply as a helper + it 'should apply with errors' do + pp = <<-EOS + class { 'apache': + default_mods => false, + } + apache::vhost { 'defaults.example.com': + docroot => '/var/www/defaults', + aliases => { + alias => '/css', + path => '/var/www/css', + }, + setenv => 'TEST1 one', + } + EOS + + apply_manifest(pp, { :expect_failures => true }) + end + + # Are these the same? + describe service($service_name) do + it { is_expected.not_to be_running } + end + describe "service #{$service_name}" do + it 'should not be running' do + shell("pidof #{$service_name}", {:acceptable_exit_codes => 1}) + end + end + end + + describe 'alternative default mods' do + # Using puppet_apply as a helper + let(:pp) do + <<-EOS + class { 'apache': + default_mods => [ + 'info', + 'alias', + 'mime', + 'env', + 'expires', + ], + } + apache::vhost { 'defaults.example.com': + docroot => '/var/www/defaults', + aliases => { + alias => '/css', + path => '/var/www/css', + }, + setenv => 'TEST1 one', + } + EOS + end + it_behaves_like "a idempotent resource" + + describe service($service_name) do + it { is_expected.to be_running } + end + end + + describe 'change loadfile name' do + let(:pp) do + <<-EOS + class { 'apache': default_mods => false } + ::apache::mod { 'auth_basic': + loadfile_name => 'zz_auth_basic.load', + } + EOS + end + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + describe service($service_name) do + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/zz_auth_basic.load") do + it { is_expected.to be_file } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/itk_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/itk_spec.rb new file mode 100644 index 000000000..059589a3f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/itk_spec.rb @@ -0,0 +1,60 @@ +require 'spec_helper_acceptance' + +case fact('osfamily') +when 'Debian' + service_name = 'apache2' + majrelease = fact('operatingsystemmajrelease') + if ['6', '7', '10.04', '12.04'].include?(majrelease) + variant = :itk_only + else + variant = :prefork + end +when 'RedHat' + unless fact('operatingsystemmajrelease') == '5' + service_name = 'httpd' + majrelease = fact('operatingsystemmajrelease') + if ['6'].include?(majrelease) + variant = :itk_only + else + variant = :prefork + end + end +when 'FreeBSD' + service_name = 'apache24' + majrelease = fact('operatingsystemmajrelease') + variant = :prefork +end + +describe 'apache::mod::itk class', :if => service_name do + describe 'running puppet code' do + # Using puppet_apply as a helper + let(:pp) do + case variant + when :prefork + <<-EOS + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::itk': } + EOS + when :itk_only + <<-EOS + class { 'apache': + mpm_module => 'itk', + } + EOS + end + end + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + end + + describe service(service_name) do + it { is_expected.to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_dav_svn_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_dav_svn_spec.rb new file mode 100644 index 000000000..9abd12aed --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_dav_svn_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::dav_svn class', :unless => (fact('operatingsystem') == 'OracleLinux' and fact('operatingsystemmajrelease') == '7') do + case fact('osfamily') + when 'Debian' + if fact('operatingsystemmajrelease') == '6' or fact('operatingsystemmajrelease') == '10.04' or fact('operatingsystemrelease') == '10.04' + authz_svn_load_file = 'dav_svn_authz_svn.load' + else + authz_svn_load_file = 'authz_svn.load' + end + when 'RedHat' + authz_svn_load_file = 'dav_svn_authz_svn.load' + when 'FreeBSD' + authz_svn_load_file = 'dav_svn_authz_svn.load' + end + + context "default dav_svn config" do + it 'succeeds in puppeting dav_svn' do + pp= <<-EOS + class { 'apache': } + include apache::mod::dav_svn + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/dav_svn.load") do + it { is_expected.to contain "LoadModule dav_svn_module" } + end + end + + context "dav_svn with enabled authz_svn config" do + it 'succeeds in puppeting dav_svn' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::dav_svn': + authz_svn_enabled => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/#{authz_svn_load_file}") do + it { is_expected.to contain "LoadModule authz_svn_module" } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_deflate_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_deflate_spec.rb new file mode 100644 index 000000000..1b55e087a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_deflate_spec.rb @@ -0,0 +1,33 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::deflate class' do + context "default deflate config" do + it 'succeeds in puppeting deflate' do + pp= <<-EOS + class { 'apache': } + include apache::mod::deflate + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/deflate.conf") do + it { is_expected.to contain "AddOutputFilterByType DEFLATE text/html text/plain text/xml" } + it { is_expected.to contain "AddOutputFilterByType DEFLATE text/css" } + it { is_expected.to contain "AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript" } + it { is_expected.to contain "AddOutputFilterByType DEFLATE application/rss+xml" } + it { is_expected.to contain "DeflateFilterNote Input instream" } + it { is_expected.to contain "DeflateFilterNote Output outstream" } + it { is_expected.to contain "DeflateFilterNote Ratio ratio" } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_fcgid_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_fcgid_spec.rb new file mode 100644 index 000000000..ce3b5b5b2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_fcgid_spec.rb @@ -0,0 +1,57 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::fcgid class', :if => ((fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') != '5') and !(fact('operatingsystem') == 'OracleLinux' and fact('operatingsystemmajrelease') == '7')) do + context "default fcgid config" do + it 'succeeds in puppeting fcgid' do + pp = <<-EOS + class { 'epel': } # mod_fcgid lives in epel + class { 'apache': } + class { 'apache::mod::php': } # For /usr/bin/php-cgi + class { 'apache::mod::fcgid': + options => { + 'FcgidIPCDir' => '/var/run/fcgidsock', + }, + } + apache::vhost { 'fcgid.example.com': + port => '80', + docroot => '/var/www/fcgid', + directories => { + path => '/var/www/fcgid', + options => '+ExecCGI', + addhandlers => { + handler => 'fcgid-script', + extensions => '.php', + }, + fcgiwrapper => { + command => '/usr/bin/php-cgi', + suffix => '.php', + } + }, + } + file { '/var/www/fcgid/index.php': + ensure => file, + owner => 'root', + group => 'root', + content => "\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service('httpd') do + it { is_expected.to be_enabled } + it { is_expected.to be_running } + end + + it 'should answer to fcgid.example.com' do + shell("/usr/bin/curl -H 'Host: fcgid.example.com' 127.0.0.1:80") do |r| + expect(r.stdout).to match(/^Hello world$/) + expect(r.exit_code).to eq(0) + end + end + + it 'should run a php-cgi process' do + shell("pgrep -u apache php-cgi", :acceptable_exit_codes => [0]) + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_mime_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_mime_spec.rb new file mode 100644 index 000000000..f8bc7c15c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_mime_spec.rb @@ -0,0 +1,30 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::mime class' do + context "default mime config" do + it 'succeeds in puppeting mime' do + pp= <<-EOS + class { 'apache': } + include apache::mod::mime + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/mime.conf") do + it { is_expected.to contain "AddType application/x-compress .Z" } + it { is_expected.to contain "AddHandler type-map var\n" } + it { is_expected.to contain "AddType text/html .shtml\n" } + it { is_expected.to contain "AddOutputFilter INCLUDES .shtml\n" } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_negotiation_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_negotiation_spec.rb new file mode 100644 index 000000000..56c29e318 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_negotiation_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::negotiation class' do + context "default negotiation config" do + it 'succeeds in puppeting negotiation' do + pp= <<-EOS + class { '::apache': default_mods => false } + class { '::apache::mod::negotiation': } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$mod_dir}/negotiation.conf") do + it { should contain "LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +ForceLanguagePriority Prefer Fallback" } + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { should be_running } + end + end + + context "with alternative force_language_priority" do + it 'succeeds in puppeting negotiation' do + pp= <<-EOS + class { '::apache': default_mods => false } + class { '::apache::mod::negotiation': + force_language_priority => 'Prefer', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$mod_dir}/negotiation.conf") do + it { should contain "ForceLanguagePriority Prefer" } + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { should be_running } + end + end + + context "with alternative language_priority" do + it 'succeeds in puppeting negotiation' do + pp= <<-EOS + class { '::apache': default_mods => false } + class { '::apache::mod::negotiation': + language_priority => [ 'en', 'es' ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$mod_dir}/negotiation.conf") do + it { should contain "LanguagePriority en es" } + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { should be_running } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_pagespeed_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_pagespeed_spec.rb new file mode 100644 index 000000000..2434fbb4e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_pagespeed_spec.rb @@ -0,0 +1,74 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::pagespeed class' do + context "default pagespeed config" do + it 'succeeds in puppeting pagespeed' do + pp= <<-EOS + if $::osfamily == 'Debian' { + class { 'apt': } + + apt::source { 'mod-pagespeed': + key => '7FAC5991', + key_server => 'pgp.mit.edu', + location => 'http://dl.google.com/linux/mod-pagespeed/deb/', + release => 'stable', + repos => 'main', + include_src => false, + before => Class['apache'], + } + } elsif $::osfamily == 'RedHat' { + yumrepo { 'mod-pagespeed': + baseurl => "http://dl.google.com/linux/mod-pagespeed/rpm/stable/$::architecture", + enabled => 1, + gpgcheck => 1, + gpgkey => 'https://dl-ssl.google.com/linux/linux_signing_key.pub', + before => Class['apache'], + } + } + + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::pagespeed': + enable_filters => ['remove_comments'], + disable_filters => ['extend_cache'], + forbid_filters => ['rewrite_javascript'], + } + apache::vhost { 'pagespeed.example.com': + port => '80', + docroot => '/var/www/pagespeed', + } + host { 'pagespeed.example.com': ip => '127.0.0.1', } + file { '/var/www/pagespeed/index.html': + ensure => file, + content => "\n\n\n

Hello World!

\n\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/pagespeed.conf") do + it { is_expected.to contain "AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html" } + it { is_expected.to contain "ModPagespeedEnableFilters remove_comments" } + it { is_expected.to contain "ModPagespeedDisableFilters extend_cache" } + it { is_expected.to contain "ModPagespeedForbidFilters rewrite_javascript" } + end + + it 'should answer to pagespeed.example.com and include and be stripped of comments by mod_pagespeed' do + shell("/usr/bin/curl pagespeed.example.com:80") do |r| + expect(r.stdout).to match(//) + expect(r.stdout).not_to match(//) + expect(r.exit_code).to eq(0) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_passenger_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_passenger_spec.rb new file mode 100644 index 000000000..086c93eea --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_passenger_spec.rb @@ -0,0 +1,201 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::passenger class' do + case fact('osfamily') + when 'Debian' + mod_dir = '/etc/apache2/mods-available/' + conf_file = "#{$mod_dir}/passenger.conf" + load_file = "#{$mod_dir}/zpassenger.load" + + case fact('operatingsystem') + when 'Ubuntu' + case fact('lsbdistrelease') + when '10.04' + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + when '12.04' + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + when '14.04' + passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' + passenger_ruby = '/usr/bin/ruby' + passenger_default_ruby = '/usr/bin/ruby' + else + # This may or may not work on Ubuntu releases other than the above + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + end + when 'Debian' + case fact('lsbdistcodename') + when 'wheezy' + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + when 'jessie' + passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini' + passenger_ruby = '/usr/bin/ruby' + passenger_default_ruby = '/usr/bin/ruby' + else + # This may or may not work on Debian releases other than the above + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + end + end + + passenger_module_path = '/usr/lib/apache2/modules/mod_passenger.so' + rackapp_user = 'www-data' + rackapp_group = 'www-data' + when 'RedHat' + conf_file = "#{$mod_dir}/passenger.conf" + load_file = "#{$mod_dir}/zpassenger.load" + # sometimes installs as 3.0.12, sometimes as 3.0.19 - so just check for the stable part + passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.1' + passenger_ruby = '/usr/bin/ruby' + passenger_tempdir = '/var/run/rubygem-passenger' + passenger_module_path = 'modules/mod_passenger.so' + rackapp_user = 'apache' + rackapp_group = 'apache' + end + + pp_rackapp = <<-EOS + /* a simple ruby rack 'hellow world' app */ + file { '/var/www/passenger': + ensure => directory, + owner => '#{rackapp_user}', + group => '#{rackapp_group}', + require => Class['apache::mod::passenger'], + } + file { '/var/www/passenger/config.ru': + ensure => file, + owner => '#{rackapp_user}', + group => '#{rackapp_group}', + content => "app = proc { |env| [200, { \\"Content-Type\\" => \\"text/html\\" }, [\\"hello world\\"]] }\\nrun app", + require => File['/var/www/passenger'] , + } + apache::vhost { 'passenger.example.com': + port => '80', + docroot => '/var/www/passenger/public', + docroot_group => '#{rackapp_group}' , + docroot_owner => '#{rackapp_user}' , + custom_fragment => "PassengerRuby #{passenger_ruby}\\nRailsEnv development" , + require => File['/var/www/passenger/config.ru'] , + } + host { 'passenger.example.com': ip => '127.0.0.1', } + EOS + + case fact('osfamily') + when 'Debian' + context "default passenger config" do + it 'succeeds in puppeting passenger' do + pp = <<-EOS + /* stock apache and mod_passenger */ + class { 'apache': } + class { 'apache::mod::passenger': } + #{pp_rackapp} + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file(conf_file) do + it { is_expected.to contain "PassengerRoot \"#{passenger_root}\"" } + + case fact('operatingsystem') + when 'Ubuntu' + case fact('lsbdistrelease') + when '10.04' + it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerDefaultRuby/" } + when '12.04' + it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerDefaultRuby/" } + when '14.04' + it { is_expected.to contain "PassengerDefaultRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerRuby/" } + else + # This may or may not work on Ubuntu releases other than the above + it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerDefaultRuby/" } + end + when 'Debian' + case fact('lsbdistcodename') + when 'wheezy' + it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerDefaultRuby/" } + when 'jessie' + it { is_expected.to contain "PassengerDefaultRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerRuby/" } + else + # This may or may not work on Debian releases other than the above + it { is_expected.to contain "PassengerRuby \"#{passenger_ruby}\"" } + it { is_expected.not_to contain "/PassengerDefaultRuby/" } + end + end + end + + describe file(load_file) do + it { is_expected.to contain "LoadModule passenger_module #{passenger_module_path}" } + end + + it 'should output status via passenger-memory-stats' do + shell("PATH=/usr/bin:$PATH /usr/sbin/passenger-memory-stats") do |r| + expect(r.stdout).to match(/Apache processes/) + expect(r.stdout).to match(/Nginx processes/) + expect(r.stdout).to match(/Passenger processes/) + + # passenger-memory-stats output on newer Debian/Ubuntu verions do not contain + # these two lines + unless ((fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04') or + (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8')) + expect(r.stdout).to match(/### Processes: [0-9]+/) + expect(r.stdout).to match(/### Total private dirty RSS: [0-9\.]+ MB/) + end + + expect(r.exit_code).to eq(0) + end + end + + # passenger-status fails under stock ubuntu-server-12042-x64 + mod_passenger, + # even when the passenger process is successfully installed and running + unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '12.04' + it 'should output status via passenger-status' do + # xml output not available on ubunutu <= 10.04, so sticking with default pool output + shell("PATH=/usr/bin:$PATH /usr/sbin/passenger-status") do |r| + # spacing may vary + expect(r.stdout).to match(/[\-]+ General information [\-]+/) + if fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04' or + fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8' + expect(r.stdout).to match(/Max pool size[ ]+: [0-9]+/) + expect(r.stdout).to match(/Processes[ ]+: [0-9]+/) + expect(r.stdout).to match(/Requests in top-level queue[ ]+: [0-9]+/) + else + expect(r.stdout).to match(/max[ ]+= [0-9]+/) + expect(r.stdout).to match(/count[ ]+= [0-9]+/) + expect(r.stdout).to match(/active[ ]+= [0-9]+/) + expect(r.stdout).to match(/inactive[ ]+= [0-9]+/) + expect(r.stdout).to match(/Waiting on global queue: [0-9]+/) + end + + expect(r.exit_code).to eq(0) + end + end + end + + it 'should answer to passenger.example.com' do + shell("/usr/bin/curl passenger.example.com:80") do |r| + expect(r.stdout).to match(/^hello world<\/b>$/) + expect(r.exit_code).to eq(0) + end + end + + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_php_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_php_spec.rb new file mode 100644 index 000000000..11bcafcba --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_php_spec.rb @@ -0,0 +1,133 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::php class' do + context "default php config" do + it 'succeeds in puppeting php' do + pp= <<-EOS + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::php': } + apache::vhost { 'php.example.com': + port => '80', + docroot => '/var/www/php', + } + host { 'php.example.com': ip => '127.0.0.1', } + file { '/var/www/php/index.php': + ensure => file, + content => "\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/php5.conf") do + it { is_expected.to contain "DirectoryIndex index.php" } + end + + it 'should answer to php.example.com' do + shell("/usr/bin/curl php.example.com:80") do |r| + expect(r.stdout).to match(/PHP Version/) + expect(r.exit_code).to eq(0) + end + end + end + + context "custom extensions, php_flag, php_value, php_admin_flag, and php_admin_value" do + it 'succeeds in puppeting php' do + pp= <<-EOS + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::php': + extensions => ['.php','.php5'], + } + apache::vhost { 'php.example.com': + port => '80', + docroot => '/var/www/php', + php_values => { 'include_path' => '.:/usr/share/pear:/usr/bin/php', }, + php_flags => { 'display_errors' => 'on', }, + php_admin_values => { 'open_basedir' => '/var/www/php/:/usr/share/pear/', }, + php_admin_flags => { 'engine' => 'on', }, + } + host { 'php.example.com': ip => '127.0.0.1', } + file { '/var/www/php/index.php5': + ensure => file, + content => "\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$vhost_dir}/25-php.example.com.conf") do + it { is_expected.to contain " php_flag display_errors on" } + it { is_expected.to contain " php_value include_path .:/usr/share/pear:/usr/bin/php" } + it { is_expected.to contain " php_admin_flag engine on" } + it { is_expected.to contain " php_admin_value open_basedir /var/www/php/:/usr/share/pear/" } + end + + it 'should answer to php.example.com' do + shell("/usr/bin/curl php.example.com:80") do |r| + expect(r.stdout).to match(/\/usr\/share\/pear\//) + expect(r.exit_code).to eq(0) + end + end + end + + context "provide custom config file" do + it 'succeeds in puppeting php' do + pp= <<-EOS + class {'apache': + mpm_module => 'prefork', + } + class {'apache::mod::php': + content => '# somecontent', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$mod_dir}/php5.conf") do + it { should contain "# somecontent" } + end + end + + context "provide content and template config file" do + it 'succeeds in puppeting php' do + pp= <<-EOS + class {'apache': + mpm_module => 'prefork', + } + class {'apache::mod::php': + content => '# somecontent', + template => 'apache/mod/php5.conf.erb', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$mod_dir}/php5.conf") do + it { should contain "# somecontent" } + end + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_proxy_html_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_proxy_html_spec.rb new file mode 100644 index 000000000..f87d82583 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_proxy_html_spec.rb @@ -0,0 +1,35 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::proxy_html class' do + context "default proxy_html config" do + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ + it 'adds epel' do + pp = "class { 'epel': }" + apply_manifest(pp, :catch_failures => true) + end + end + + it 'succeeds in puppeting proxy_html' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::proxy': } + class { 'apache::mod::proxy_http': } + # mod_proxy_html doesn't exist in RHEL5 + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease != '5' { + class { 'apache::mod::proxy_html': } + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_security_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_security_spec.rb new file mode 100644 index 000000000..d6f2987df --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_security_spec.rb @@ -0,0 +1,253 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::mod::security class', :unless => (fact('osfamily') == 'Debian' and (fact('lsbdistcodename') == 'squeeze' or fact('lsbdistcodename') == 'lucid' or fact('lsbdistcodename') == 'precise' or fact('lsbdistcodename') == 'wheezy')) do + context "default mod_security config" do + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ + it 'adds epel' do + pp = "class { 'epel': }" + apply_manifest(pp, :catch_failures => true) + end + elsif fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' + it 'changes obsoletes, per PUP-4497' do + pp = <<-EOS + ini_setting { 'obsoletes': + path => '/etc/yum.conf', + section => 'main', + setting => 'obsoletes', + value => '0', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + it 'succeeds in puppeting mod_security' do + pp= <<-EOS + host { 'modsec.example.com': ip => '127.0.0.1', } + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + } + file { '/var/www/html/index.html': + ensure => file, + content => 'Index page', + } + EOS + apply_manifest(pp, :catch_failures => true) + + #Need to add a short sleep here because on RHEL6 the service takes a bit longer to init + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ + sleep 5 + end + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe package($package_name) do + it { is_expected.to be_installed } + end + + describe file("#{$mod_dir}/security.conf") do + it { is_expected.to contain "mod_security2.c" } + end + + describe 'should be listening on port 80' do + it 'should return index page' do + shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r| + expect(r.stdout).to match(/Index page/) + expect(r.exit_code).to eq(0) + end + end + + it 'should block query with SQL' do + shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] + end + end + + end #default mod_security config + + context "mod_security should allow disabling by vhost" do + it 'succeeds in puppeting mod_security' do + pp= <<-EOS + host { 'modsec.example.com': ip => '127.0.0.1', } + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + } + file { '/var/www/html/index.html': + ensure => file, + content => 'Index page', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/security.conf") do + it { is_expected.to contain "mod_security2.c" } + end + + it 'should block query with SQL' do + shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] + end + + it 'should disable mod_security per vhost' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + modsec_disable_vhost => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + it 'should return index page' do + shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r| + expect(r.stdout).to match(/Index page/) + expect(r.exit_code).to eq(0) + end + end + end #mod_security should allow disabling by vhost + + context "mod_security should allow disabling by ip" do + it 'succeeds in puppeting mod_security' do + pp= <<-EOS + host { 'modsec.example.com': ip => '127.0.0.1', } + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + } + file { '/var/www/html/index.html': + ensure => file, + content => 'Index page', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/security.conf") do + it { is_expected.to contain "mod_security2.c" } + end + + it 'should block query with SQL' do + shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] + end + + it 'should disable mod_security per vhost' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + modsec_disable_ips => [ '127.0.0.1' ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + it 'should return index page' do + shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r| + expect(r.stdout).to match(/Index page/) + expect(r.exit_code).to eq(0) + end + end + end #mod_security should allow disabling by ip + + context "mod_security should allow disabling by id" do + it 'succeeds in puppeting mod_security' do + pp= <<-EOS + host { 'modsec.example.com': ip => '127.0.0.1', } + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + } + file { '/var/www/html/index.html': + ensure => file, + content => 'Index page', + } + file { '/var/www/html/index2.html': + ensure => file, + content => 'Page 2', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$mod_dir}/security.conf") do + it { is_expected.to contain "mod_security2.c" } + end + + it 'should block query with SQL' do + shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22] + end + + it 'should disable mod_security per vhost' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::security': } + apache::vhost { 'modsec.example.com': + port => '80', + docroot => '/var/www/html', + modsec_disable_ids => [ '950007' ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + it 'should return index page' do + shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r| + expect(r.stdout).to match(/Index page/) + expect(r.exit_code).to eq(0) + end + end + + end #mod_security should allow disabling by id + + +end #apache::mod::security class diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_suphp_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_suphp_spec.rb new file mode 100644 index 000000000..fb23b504d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/mod_suphp_spec.rb @@ -0,0 +1,57 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::suphp class', :if => fact('operatingsystem') == 'Ubuntu' do + context "default suphp config" do + it 'succeeds in puppeting suphp' do + pp = <<-EOS +class { 'apache': + mpm_module => 'prefork', +} +host { 'suphp.example.com': ip => '127.0.0.1', } +apache::vhost { 'suphp.example.com': + port => '80', + docroot => '/var/www/suphp', +} +file { '/var/www/suphp/index.php': + ensure => file, + owner => 'daemon', + group => 'daemon', + content => "\\n", + require => File['/var/www/suphp'], + before => Class['apache::mod::php'], +} +class { 'apache::mod::php': } +class { 'apache::mod::suphp': } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service('apache2') do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to suphp.example.com' do + timeout = 0 + loop do + r = shell('curl suphp.example.com:80') + timeout += 1 + break if r.stdout =~ /^daemon$/ + if timeout > 40 + expect(timeout < 40).to be true + break + end + sleep(1) + end + shell("/usr/bin/curl suphp.example.com:80") do |r| + expect(r.stdout).to match(/^daemon$/) + expect(r.exit_code).to eq(0) + end + end + + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/centos-70-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/centos-70-x64.yml new file mode 100644 index 000000000..2ab005204 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/centos-70-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + centos-70-x64: + roles: + - master + platform: el-7-x86_64 + box : puppetlabs/centos-7.0-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/boxes/centos-7.0-64-nocm + hypervisor : vagrant +CONFIG: + log_level: verbose + type: foss diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-607-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-607-x64.yml new file mode 100644 index 000000000..e642e0992 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-607-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-607-x64: + roles: + - master + platform: debian-6-amd64 + box : debian-607-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml new file mode 100644 index 000000000..cbbbfb2cc --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-70rc1-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-70rc1-x64: + roles: + - master + platform: debian-7-amd64 + box : debian-70rc1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-70rc1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-i386.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-i386.yml new file mode 100644 index 000000000..a38902d89 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-i386.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-73-i386: + roles: + - master + platform: debian-7-i386 + box : debian-73-i386-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-i386-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-x64.yml new file mode 100644 index 000000000..f9cf0c9b8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-73-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-73-x64: + roles: + - master + platform: debian-7-amd64 + box : debian-73-x64-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-82-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-82-x64.yml new file mode 100644 index 000000000..800c49aaa --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/debian-82-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + debian-82: + roles: + - master + platform: debian-8-amd64 + box: puppetlabs/debian-8.2-64-nocm + hypervisor: vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/default.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..00e141d09 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/default.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-66-x64: + roles: + - master + platform: el-6-x86_64 + box : puppetlabs/centos-6.6-64-nocm + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/fedora-18-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..086cae995 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5ca1514e4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..d065b304f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml new file mode 100644 index 000000000..f4b2366f3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1310-x64: + roles: + - master + platform: ubuntu-13.10-amd64 + box : ubuntu-server-1310-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-1310-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/prefork_worker_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/prefork_worker_spec.rb new file mode 100644 index 000000000..668716144 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/prefork_worker_spec.rb @@ -0,0 +1,80 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +case fact('osfamily') +when 'FreeBSD' + describe 'apache::mod::event class' do + describe 'running puppet code' do + # Using puppet_apply as a helper + it 'should work with no errors' do + pp = <<-EOS + class { 'apache': + mpm_module => 'event', + } + EOS + + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero + end + end + + describe service($service_name) do + it { is_expected.to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + end + end +end + +describe 'apache::mod::worker class' do + describe 'running puppet code' do + # Using puppet_apply as a helper + let(:pp) do + <<-EOS + class { 'apache': + mpm_module => 'worker', + } + EOS + end + + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + end + + describe service($service_name) do + it { is_expected.to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + end +end + +describe 'apache::mod::prefork class' do + describe 'running puppet code' do + # Using puppet_apply as a helper + let(:pp) do + <<-EOS + class { 'apache': + mpm_module => 'prefork', + } + EOS + end + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + end + + describe service($service_name) do + it { is_expected.to be_running } + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/service_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/service_spec.rb new file mode 100644 index 000000000..c62a34973 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/service_spec.rb @@ -0,0 +1,18 @@ +require 'spec_helper_acceptance' + +describe 'apache::service class' do + describe 'adding dependencies in between the base class and service class' do + let(:pp) do + <<-EOS + class { 'apache': } + file { '/tmp/test': + require => Class['apache'], + notify => Class['apache::service'], + } + EOS + end + + # Run it twice and test for idempotency + it_behaves_like "a idempotent resource" + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/version.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/version.rb new file mode 100644 index 000000000..88cf509b7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/version.rb @@ -0,0 +1,76 @@ +_osfamily = fact('osfamily') +_operatingsystem = fact('operatingsystem') +_operatingsystemrelease = fact('operatingsystemrelease').to_f + +case _osfamily +when 'RedHat' + $confd_dir = '/etc/httpd/conf.d' + $conf_file = '/etc/httpd/conf/httpd.conf' + $ports_file = '/etc/httpd/conf/ports.conf' + $vhost_dir = '/etc/httpd/conf.d' + $vhost = '/etc/httpd/conf.d/15-default.conf' + $run_dir = '/var/run/httpd' + $service_name = 'httpd' + $package_name = 'httpd' + $error_log = 'error_log' + $suphp_handler = 'php5-script' + $suphp_configpath = 'undef' + + if (_operatingsystem == 'Fedora' and _operatingsystemrelease >= 18) or (_operatingsystem != 'Fedora' and _operatingsystemrelease >= 7) + $apache_version = '2.4' + $mod_dir = '/etc/httpd/conf.modules.d' + else + $apache_version = '2.2' + $mod_dir = '/etc/httpd/conf.d' + end +when 'Debian' + $confd_dir = '/etc/apache2/conf.d' + $mod_dir = '/etc/apache2/mods-available' + $conf_file = '/etc/apache2/apache2.conf' + $ports_file = '/etc/apache2/ports.conf' + $vhost = '/etc/apache2/sites-available/15-default.conf' + $vhost_dir = '/etc/apache2/sites-enabled' + $run_dir = '/var/run/apache2' + $service_name = 'apache2' + $package_name = 'apache2' + $error_log = 'error.log' + $suphp_handler = 'x-httpd-php' + $suphp_configpath = '/etc/php5/apache2' + + if _operatingsystem == 'Ubuntu' and _operatingsystemrelease >= 13.10 + $apache_version = '2.4' + elsif _operatingsystem == 'Debian' and _operatingsystemrelease >= 8.0 + $apache_version = '2.4' + else + $apache_version = '2.2' + end +when 'FreeBSD' + $confd_dir = '/usr/local/etc/apache24/Includes' + $mod_dir = '/usr/local/etc/apache24/Modules' + $conf_file = '/usr/local/etc/apache24/httpd.conf' + $ports_file = '/usr/local/etc/apache24/Includes/ports.conf' + $vhost = '/usr/local/etc/apache24/Vhosts/15-default.conf' + $vhost_dir = '/usr/local/etc/apache24/Vhosts' + $run_dir = '/var/run/apache24' + $service_name = 'apache24' + $package_name = 'apache24' + $error_log = 'http-error.log' + + $apache_version = '2.2' +when 'Gentoo' + $confd_dir = '/etc/apache2/conf.d' + $mod_dir = '/etc/apache2/modules.d' + $conf_file = '/etc/apache2/httpd.conf' + $ports_file = '/etc/apache2/ports.conf' + $vhost = '/etc/apache2/vhosts.d/15-default.conf' + $vhost_dir = '/etc/apache2/vhosts.d' + $run_dir = '/var/run/apache2' + $service_name = 'apache2' + $package_name = 'www-servers/apache' + $error_log = 'http-error.log' + + $apache_version = '2.4' +else + $apache_version = '0' +end + diff --git a/modules/services/unix/http/apache/module/apache/spec/acceptance/vhost_spec.rb b/modules/services/unix/http/apache/module/apache/spec/acceptance/vhost_spec.rb new file mode 100644 index 000000000..b9b3a80ac --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/acceptance/vhost_spec.rb @@ -0,0 +1,1530 @@ +require 'spec_helper_acceptance' +require_relative './version.rb' + +describe 'apache::vhost define' do + context 'no default vhosts' do + it 'should create no default vhosts' do + pp = <<-EOS + class { 'apache': + default_vhost => false, + default_ssl_vhost => false, + service_ensure => stopped + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/15-default.conf") do + it { is_expected.not_to be_file } + end + + describe file("#{$vhost_dir}/15-default-ssl.conf") do + it { is_expected.not_to be_file } + end + end + + context "default vhost without ssl" do + it 'should create a default vhost config' do + pp = <<-EOS + class { 'apache': } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/15-default.conf") do + it { is_expected.to contain '' } + end + + describe file("#{$vhost_dir}/15-default-ssl.conf") do + it { is_expected.not_to be_file } + end + end + + context 'default vhost with ssl' do + it 'should create default vhost configs' do + pp = <<-EOS + file { '#{$run_dir}': + ensure => 'directory', + recurse => true, + } + + class { 'apache': + default_ssl_vhost => true, + require => File['#{$run_dir}'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/15-default.conf") do + it { is_expected.to contain '' } + end + + describe file("#{$vhost_dir}/15-default-ssl.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "SSLEngine on" } + end + end + + context 'new vhost on port 80' do + it 'should configure an apache vhost' do + pp = <<-EOS + class { 'apache': } + file { '#{$run_dir}': + ensure => 'directory', + recurse => true, + } + + apache::vhost { 'first.example.com': + port => '80', + docroot => '/var/www/first', + require => File['#{$run_dir}'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-first.example.com.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "ServerName first.example.com" } + end + end + + context 'new proxy vhost on port 80' do + it 'should configure an apache proxy vhost' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'proxy.example.com': + port => '80', + docroot => '/var/www/proxy', + proxy_pass => [ + { 'path' => '/foo', 'url' => 'http://backend-foo/'}, + ], + proxy_preserve_host => true, + proxy_error_override => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-proxy.example.com.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "ServerName proxy.example.com" } + it { is_expected.to contain "ProxyPass" } + it { is_expected.to contain "ProxyPreserveHost On" } + it { is_expected.to contain "ProxyErrorOverride On" } + it { is_expected.not_to contain "" } + end + end + + context 'new proxy vhost on port 80' do + it 'should configure an apache proxy vhost' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'proxy.example.com': + port => '80', + docroot => '/var/www/proxy', + proxy_pass_match => [ + { 'path' => '/foo', 'url' => 'http://backend-foo/'}, + ], + proxy_preserve_host => true, + proxy_error_override => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-proxy.example.com.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "ServerName proxy.example.com" } + it { is_expected.to contain "ProxyPassMatch /foo http://backend-foo/" } + it { is_expected.to contain "ProxyPreserveHost On" } + it { is_expected.to contain "ProxyErrorOverride On" } + it { is_expected.not_to contain "" } + end + end + + context 'new vhost on port 80' do + it 'should configure two apache vhosts' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'first.example.com': + port => '80', + docroot => '/var/www/first', + } + host { 'first.example.com': ip => '127.0.0.1', } + file { '/var/www/first/index.html': + ensure => file, + content => "Hello from first\\n", + } + apache::vhost { 'second.example.com': + port => '80', + docroot => '/var/www/second', + } + host { 'second.example.com': ip => '127.0.0.1', } + file { '/var/www/second/index.html': + ensure => file, + content => "Hello from second\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to first.example.com' do + shell("/usr/bin/curl first.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from first\n") + end + end + + it 'should answer to second.example.com' do + shell("/usr/bin/curl second.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from second\n") + end + end + end + + context 'new vhost with multiple IP addresses on port 80' do + it 'should configure one apache vhost with 2 ip addresses' do + pp = <<-EOS + class { 'apache': + default_vhost => false, + } + apache::vhost { 'example.com': + port => '80', + ip => ['127.0.0.1','127.0.0.2'], + ip_based => true, + docroot => '/var/www/html', + } + host { 'host1.example.com': ip => '127.0.0.1', } + host { 'host2.example.com': ip => '127.0.0.2', } + file { '/var/www/html/index.html': + ensure => file, + content => "Hello from vhost\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$vhost_dir}/25-example.com.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "ServerName example.com" } + end + + describe file($ports_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Listen 127.0.0.1:80' } + it { is_expected.to contain 'Listen 127.0.0.2:80' } + it { is_expected.not_to contain 'NameVirtualHost 127.0.0.1:80' } + it { is_expected.not_to contain 'NameVirtualHost 127.0.0.2:80' } + end + + it 'should answer to host1.example.com' do + shell("/usr/bin/curl host1.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from vhost\n") + end + end + + it 'should answer to host2.example.com' do + shell("/usr/bin/curl host2.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from vhost\n") + end + end + end + + context 'new vhost with IPv6 address on port 80', :ipv6 do + it 'should configure one apache vhost with an ipv6 address' do + pp = <<-EOS + class { 'apache': + default_vhost => false, + } + apache::vhost { 'example.com': + port => '80', + ip => '::1', + ip_based => true, + docroot => '/var/www/html', + } + host { 'ipv6.example.com': ip => '::1', } + file { '/var/www/html/index.html': + ensure => file, + content => "Hello from vhost\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + describe file("#{$vhost_dir}/25-example.com.conf") do + it { is_expected.to contain '' } + it { is_expected.to contain "ServerName example.com" } + end + + describe file($ports_file) do + it { is_expected.to be_file } + it { is_expected.to contain 'Listen [::1]:80' } + it { is_expected.not_to contain 'NameVirtualHost [::1]:80' } + end + + it 'should answer to ipv6.example.com' do + shell("/usr/bin/curl ipv6.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from vhost\n") + end + end + end + + context 'apache_directories' do + describe 'readme example, adapted' do + it 'should configure a vhost with Files' do + pp = <<-EOS + class { 'apache': } + + if versioncmp($apache::apache_version, '2.4') >= 0 { + $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'require' => 'all denied', } + } else { + $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'deny' => 'from all', } + } + + $_directories = [ + { 'path' => '/var/www/files', }, + $_files_match_directory, + ] + + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => $_directories, + } + file { '/var/www/files/index.html': + ensure => file, + content => "Hello World\\n", + } + file { '/var/www/files/index.html.bak': + ensure => file, + content => "Hello World\\n", + } + host { 'files.example.net': ip => '127.0.0.1', } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to files.example.net' do + expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html").stdout).to eq("Hello World\n") + expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html.bak", {:acceptable_exit_codes => 22}).stderr).to match(/curl: \(22\) The requested URL returned error: 403/) + end + end + + describe 'other Directory options' do + it 'should configure a vhost with multiple Directory sections' do + pp = <<-EOS + class { 'apache': } + + if versioncmp($apache::apache_version, '2.4') >= 0 { + $_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' } + } else { + $_files_match_directory = [ + { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }, + { 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] }, + ] + } + + $_directories = [ + { 'path' => '/var/www/files', }, + { 'path' => '/foo/', 'provider' => 'location', 'directoryindex' => 'notindex.html', }, + $_files_match_directory, + ] + + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => $_directories, + } + file { '/var/www/files/foo': + ensure => directory, + } + file { '/var/www/files/foo/notindex.html': + ensure => file, + content => "Hello Foo\\n", + } + file { '/var/www/files/private.html': + ensure => file, + content => "Hello World\\n", + } + file { '/var/www/files/bar': + ensure => directory, + } + file { '/var/www/files/bar/bar.html': + ensure => file, + content => "Hello Bar\\n", + } + host { 'files.example.net': ip => '127.0.0.1', } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to files.example.net' do + expect(shell("/usr/bin/curl -sSf files.example.net:80/").stdout).to eq("Hello World\n") + expect(shell("/usr/bin/curl -sSf files.example.net:80/foo/").stdout).to eq("Hello Foo\n") + expect(shell("/usr/bin/curl -sSf files.example.net:80/private.html", {:acceptable_exit_codes => 22}).stderr).to match(/curl: \(22\) The requested URL returned error: 403/) + expect(shell("/usr/bin/curl -sSf files.example.net:80/bar/bar.html").stdout).to eq("Hello Bar\n") + end + end + + describe 'SetHandler directive' do + it 'should configure a vhost with a SetHandler directive' do + pp = <<-EOS + class { 'apache': } + apache::mod { 'status': } + host { 'files.example.net': ip => '127.0.0.1', } + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { path => '/var/www/files', }, + { path => '/server-status', provider => 'location', sethandler => 'server-status', }, + ], + } + file { '/var/www/files/index.html': + ensure => file, + content => "Hello World\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to files.example.net' do + expect(shell("/usr/bin/curl -sSf files.example.net:80/index.html").stdout).to eq("Hello World\n") + expect(shell("/usr/bin/curl -sSf files.example.net:80/server-status?auto").stdout).to match(/Scoreboard: /) + end + end + + describe 'Satisfy and Auth directive', :unless => $apache_version == '2.4' do + it 'should configure a vhost with Satisfy and Auth directive' do + pp = <<-EOS + class { 'apache': } + host { 'files.example.net': ip => '127.0.0.1', } + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { + path => '/var/www/files/foo', + auth_type => 'Basic', + auth_name => 'Basic Auth', + auth_user_file => '/var/www/htpasswd', + auth_require => "valid-user", + }, + { + path => '/var/www/files/bar', + auth_type => 'Basic', + auth_name => 'Basic Auth', + auth_user_file => '/var/www/htpasswd', + auth_require => 'valid-user', + satisfy => 'Any', + }, + { + path => '/var/www/files/baz', + allow => 'from 10.10.10.10', + auth_type => 'Basic', + auth_name => 'Basic Auth', + auth_user_file => '/var/www/htpasswd', + auth_require => 'valid-user', + satisfy => 'Any', + }, + ], + } + file { '/var/www/files/foo': + ensure => directory, + } + file { '/var/www/files/bar': + ensure => directory, + } + file { '/var/www/files/baz': + ensure => directory, + } + file { '/var/www/files/foo/index.html': + ensure => file, + content => "Hello World\\n", + } + file { '/var/www/files/bar/index.html': + ensure => file, + content => "Hello World\\n", + } + file { '/var/www/files/baz/index.html': + ensure => file, + content => "Hello World\\n", + } + file { '/var/www/htpasswd': + ensure => file, + content => "login:IZ7jMcLSx0oQk", # "password" as password + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { should be_running } + end + + it 'should answer to files.example.net' do + shell("/usr/bin/curl -sSf files.example.net:80/foo/index.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 401/) + shell("/usr/bin/curl -sSf -u login:password files.example.net:80/foo/index.html").stdout.should eq("Hello World\n") + shell("/usr/bin/curl -sSf files.example.net:80/bar/index.html").stdout.should eq("Hello World\n") + shell("/usr/bin/curl -sSf -u login:password files.example.net:80/bar/index.html").stdout.should eq("Hello World\n") + shell("/usr/bin/curl -sSf files.example.net:80/baz/index.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 401/) + shell("/usr/bin/curl -sSf -u login:password files.example.net:80/baz/index.html").stdout.should eq("Hello World\n") + end + end + end + + case fact('lsbdistcodename') + when 'precise', 'wheezy' + context 'vhost FallbackResource example' do + it 'should configure a vhost with FallbackResource' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'fallback.example.net': + docroot => '/var/www/fallback', + fallbackresource => '/index.html' + } + file { '/var/www/fallback/index.html': + ensure => file, + content => "Hello World\\n", + } + host { 'fallback.example.net': ip => '127.0.0.1', } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to fallback.example.net' do + shell("/usr/bin/curl fallback.example.net:80/Does/Not/Exist") do |r| + expect(r.stdout).to eq("Hello World\n") + end + end + + end + else + # The current stable RHEL release (6.4) comes with Apache httpd 2.2.15 + # That was released March 6, 2010. + # FallbackResource was backported to 2.2.16, and released July 25, 2010. + # Ubuntu Lucid (10.04) comes with apache2 2.2.14, released October 3, 2009. + # https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS + end + + context 'virtual_docroot hosting separate sites' do + it 'should configure a vhost with VirtualDocumentRoot' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'virt.example.com': + vhost_name => '*', + serveraliases => '*virt.example.com', + port => '80', + docroot => '/var/www/virt', + virtual_docroot => '/var/www/virt/%1', + } + host { 'virt.example.com': ip => '127.0.0.1', } + host { 'a.virt.example.com': ip => '127.0.0.1', } + host { 'b.virt.example.com': ip => '127.0.0.1', } + file { [ '/var/www/virt/a', '/var/www/virt/b', ]: ensure => directory, } + file { '/var/www/virt/a/index.html': ensure => file, content => "Hello from a.virt\\n", } + file { '/var/www/virt/b/index.html': ensure => file, content => "Hello from b.virt\\n", } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should answer to a.virt.example.com' do + shell("/usr/bin/curl a.virt.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from a.virt\n") + end + end + + it 'should answer to b.virt.example.com' do + shell("/usr/bin/curl b.virt.example.com:80", {:acceptable_exit_codes => 0}) do |r| + expect(r.stdout).to eq("Hello from b.virt\n") + end + end + end + + context 'proxy_pass for alternative vhost' do + it 'should configure a local vhost and a proxy vhost' do + apply_manifest(%{ + class { 'apache': default_vhost => false, } + apache::vhost { 'localhost': + docroot => '/var/www/local', + ip => '127.0.0.1', + port => '8888', + } + apache::listen { '*:80': } + apache::vhost { 'proxy.example.com': + docroot => '/var/www', + port => '80', + add_listen => false, + proxy_pass => { + 'path' => '/', + 'url' => 'http://localhost:8888/subdir/', + }, + } + host { 'proxy.example.com': ip => '127.0.0.1', } + file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } + file { '/var/www/local/subdir/index.html': + ensure => file, + content => "Hello from localhost\\n", + } + }, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should get a response from the back end' do + shell("/usr/bin/curl --max-redirs 0 proxy.example.com:80") do |r| + expect(r.stdout).to eq("Hello from localhost\n") + expect(r.exit_code).to eq(0) + end + end + end + + context 'proxy_pass_match for alternative vhost' do + it 'should configure a local vhost and a proxy vhost' do + apply_manifest(%{ + class { 'apache': default_vhost => false, } + apache::vhost { 'localhost': + docroot => '/var/www/local', + ip => '127.0.0.1', + port => '8888', + } + apache::listen { '*:80': } + apache::vhost { 'proxy.example.com': + docroot => '/var/www', + port => '80', + add_listen => false, + proxy_pass_match => { + 'path' => '/', + 'url' => 'http://localhost:8888/subdir/', + }, + } + host { 'proxy.example.com': ip => '127.0.0.1', } + file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } + file { '/var/www/local/subdir/index.html': + ensure => file, + content => "Hello from localhost\\n", + } + }, :catch_failures => true) + end + + describe service($service_name) do + if (fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') == '8') + pending 'Should be enabled - Bug 760616 on Debian 8' + else + it { should be_enabled } + end + it { is_expected.to be_running } + end + + it 'should get a response from the back end' do + shell("/usr/bin/curl --max-redirs 0 proxy.example.com:80") do |r| + expect(r.stdout).to eq("Hello from localhost\n") + expect(r.exit_code).to eq(0) + end + end + end + + describe 'ip_based' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + ip_based => true, + servername => 'test.server', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($ports_file) do + it { is_expected.to be_file } + it { is_expected.not_to contain 'NameVirtualHost test.server' } + end + end + + describe 'add_listen' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': default_vhost => false } + host { 'testlisten.server': ip => '127.0.0.1' } + apache::listen { '81': } + apache::vhost { 'testlisten.server': + docroot => '/tmp', + port => '80', + add_listen => false, + servername => 'testlisten.server', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($ports_file) do + it { is_expected.to be_file } + it { is_expected.not_to contain 'Listen 80' } + it { is_expected.to contain 'Listen 81' } + end + end + + describe 'docroot' do + it 'applies cleanly' do + pp = <<-EOS + user { 'test_owner': ensure => present, } + group { 'test_group': ensure => present, } + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp/test', + docroot_owner => 'test_owner', + docroot_group => 'test_group', + docroot_mode => '0750', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file('/tmp/test') do + it { is_expected.to be_directory } + it { is_expected.to be_owned_by 'test_owner' } + it { is_expected.to be_grouped_into 'test_group' } + it { is_expected.to be_mode 750 } + end + end + + describe 'default_vhost' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + default_vhost => true, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file($ports_file) do + it { is_expected.to be_file } + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' + it { is_expected.not_to contain 'NameVirtualHost test.server' } + elsif fact('operatingsystem') == 'Ubuntu' and fact('operatingsystemrelease') =~ /(14\.04|13\.10)/ + it { is_expected.not_to contain 'NameVirtualHost test.server' } + elsif fact('operatingsystem') == 'Debian' and fact('operatingsystemmajrelease') == '8' + it { is_expected.not_to contain 'NameVirtualHost test.server' } + else + it { is_expected.to contain 'NameVirtualHost test.server' } + end + end + + describe file("#{$vhost_dir}/10-test.server.conf") do + it { is_expected.to be_file } + end + end + + describe 'options' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + options => ['Indexes','FollowSymLinks', 'ExecCGI'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'Options Indexes FollowSymLinks ExecCGI' } + end + end + + describe 'override' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + override => ['All'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'AllowOverride All' } + end + end + + describe 'logroot' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain ' CustomLog "/tmp' } + end + end + + ['access', 'error'].each do |logtype| + case logtype + when 'access' + logname = 'CustomLog' + when 'error' + logname = 'ErrorLog' + end + + describe "#{logtype}_log" do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + #{logtype}_log => false, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.not_to contain " #{logname} \"/tmp" } + end + end + + describe "#{logtype}_log_pipe" do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + #{logtype}_log_pipe => '|/bin/sh', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain " #{logname} \"|/bin/sh" } + end + end + + describe "#{logtype}_log_syslog" do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + #{logtype}_log_syslog => 'syslog', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain " #{logname} \"syslog\"" } + end + end + end + + describe 'access_log_format' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + access_log_syslog => 'syslog', + access_log_format => '%h %l', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'CustomLog "syslog" "%h %l"' } + end + end + + describe 'access_log_env_var' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + access_log_syslog => 'syslog', + access_log_env_var => 'admin', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'CustomLog "syslog" combined env=admin' } + end + end + + describe 'multiple access_logs' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + logroot => '/tmp', + access_logs => [ + {'file' => 'log1'}, + {'file' => 'log2', 'env' => 'admin' }, + {'file' => '/var/tmp/log3', 'format' => '%h %l'}, + {'syslog' => 'syslog' } + ] + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'CustomLog "/tmp/log1" combined' } + it { is_expected.to contain 'CustomLog "/tmp/log2" combined env=admin' } + it { is_expected.to contain 'CustomLog "/var/tmp/log3" "%h %l"' } + it { is_expected.to contain 'CustomLog "syslog" combined' } + end + end + + describe 'aliases' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + aliases => [ + { alias => '/image' , path => '/ftp/pub/image' } , + { scriptalias => '/myscript' , path => '/usr/share/myscript' } + ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'Alias /image "/ftp/pub/image"' } + it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } + end + end + + describe 'scriptaliases' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + scriptaliases => [{ alias => '/myscript', path => '/usr/share/myscript', }], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'ScriptAlias /myscript "/usr/share/myscript"' } + end + end + + describe 'proxy' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': service_ensure => stopped, } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + proxy_dest => 'test2', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'ProxyPass / test2/' } + end + end + + describe 'actions' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + action => 'php-fastcgi', + } + EOS + pp = pp + "\nclass { 'apache::mod::actions': }" if fact('osfamily') == 'Debian' + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'Action php-fastcgi /cgi-bin virtual' } + end + end + + describe 'suphp' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': service_ensure => stopped, } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + suphp_addhandler => '#{$suphp_handler}', + suphp_engine => 'on', + suphp_configpath => '#{$suphp_configpath}', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain "suPHP_AddHandler #{$suphp_handler}" } + it { is_expected.to contain 'suPHP_Engine on' } + it { is_expected.to contain "suPHP_ConfigPath \"#{$suphp_configpath}\"" } + end + end + + describe 'no_proxy_uris' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': service_ensure => stopped, } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + proxy_dest => 'http://test2', + no_proxy_uris => [ 'http://test2/test' ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'ProxyPass http://test2/test !' } + it { is_expected.to contain 'ProxyPass / http://test2/' } + end + end + + describe 'redirect' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + redirect_source => ['/images'], + redirect_dest => ['http://test.server/'], + redirect_status => ['permanent'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'Redirect permanent /images http://test.server/' } + end + end + + describe 'request_headers' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + request_headers => ['append MirrorID "mirror 12"'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'append MirrorID "mirror 12"' } + end + end + + describe 'rewrite rules' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + rewrites => [ + { comment => 'test', + rewrite_cond => '%{HTTP_USER_AGENT} ^Lynx/ [OR]', + rewrite_rule => ['^index\.html$ welcome.html'], + rewrite_map => ['lc int:tolower'], + } + ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain '#test' } + it { is_expected.to contain 'RewriteCond %{HTTP_USER_AGENT} ^Lynx/ [OR]' } + it { is_expected.to contain 'RewriteRule ^index.html$ welcome.html' } + it { is_expected.to contain 'RewriteMap lc int:tolower' } + end + end + + describe 'directory rewrite rules' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + if ! defined(Class['apache::mod::rewrite']) { + include ::apache::mod::rewrite + } + apache::vhost { 'test.server': + docroot => '/tmp', + directories => [ + { + path => '/tmp', + rewrites => [ + { + comment => 'Permalink Rewrites', + rewrite_base => '/', + }, + { rewrite_rule => [ '^index\\.php$ - [L]' ] }, + { rewrite_cond => [ + '%{REQUEST_FILENAME} !-f', + '%{REQUEST_FILENAME} !-d', ], rewrite_rule => [ '. /index.php [L]' ], } + ], + }, + ], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { should be_file } + it { should contain '#Permalink Rewrites' } + it { should contain 'RewriteEngine On' } + it { should contain 'RewriteBase /' } + it { should contain 'RewriteRule ^index\.php$ - [L]' } + it { should contain 'RewriteCond %{REQUEST_FILENAME} !-f' } + it { should contain 'RewriteCond %{REQUEST_FILENAME} !-d' } + it { should contain 'RewriteRule . /index.php [L]' } + end + end + + describe 'setenv/setenvif' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + setenv => ['TEST /test'], + setenvif => ['Request_URI "\.gif$" object_is_image=gif'] + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'SetEnv TEST /test' } + it { is_expected.to contain 'SetEnvIf Request_URI "\.gif$" object_is_image=gif' } + end + end + + describe 'block' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + block => 'scm', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain '' } + end + end + + describe 'wsgi' do + context 'on lucid', :if => fact('lsbdistcodename') == 'lucid' do + it 'import_script applies cleanly' do + pp = <<-EOS + class { 'apache': } + class { 'apache::mod::wsgi': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + wsgi_application_group => '%{GLOBAL}', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => {processes => '2'}, + wsgi_process_group => 'nobody', + wsgi_script_aliases => { '/test' => '/test1' }, + wsgi_pass_authorization => 'On', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + context 'on everything but lucid', :unless => fact('lsbdistcodename') == 'lucid' do + it 'import_script applies cleanly' do + pp = <<-EOS + class { 'apache': } + class { 'apache::mod::wsgi': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + wsgi_application_group => '%{GLOBAL}', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => {processes => '2'}, + wsgi_import_script => '/test1', + wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' }, + wsgi_process_group => 'nobody', + wsgi_script_aliases => { '/test' => '/test1' }, + wsgi_pass_authorization => 'On', + wsgi_chunked_request => 'On', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'WSGIApplicationGroup %{GLOBAL}' } + it { is_expected.to contain 'WSGIDaemonProcess wsgi processes=2' } + it { is_expected.to contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' } + it { is_expected.to contain 'WSGIProcessGroup nobody' } + it { is_expected.to contain 'WSGIScriptAlias /test "/test1"' } + it { is_expected.to contain 'WSGIPassAuthorization On' } + it { is_expected.to contain 'WSGIChunkedRequest On' } + end + end + end + + describe 'custom_fragment' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + custom_fragment => inline_template('#weird test string'), + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain '#weird test string' } + end + end + + describe 'itk' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + itk => { user => 'nobody', group => 'nobody' } + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'AssignUserId nobody nobody' } + end + end + + # Limit testing to Debian, since Centos does not have fastcgi package. + case fact('osfamily') + when 'Debian' + describe 'fastcgi' do + it 'applies cleanly' do + pp = <<-EOS + unless $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '12.04') >= 0 { + $_os = $::operatingsystem + + if $_os == 'Ubuntu' { + $_location = "http://archive.ubuntu.com/" + $_security_location = "http://archive.ubuntu.com/" + $_release = $::lsbdistcodename + $_release_security = "${_release}-security" + $_repos = "main universe multiverse" + } else { + $_location = "http://httpredir.debian.org/debian/" + $_security_location = "http://security.debian.org/" + $_release = $::lsbdistcodename + $_release_security = "${_release}/updates" + $_repos = "main contrib non-free" + } + + include ::apt + apt::source { "${_os}_${_release}": + location => $_location, + release => $_release, + repos => $_repos, + include_src => false, + } + + apt::source { "${_os}_${_release}-updates": + location => $_location, + release => "${_release}-updates", + repos => $_repos, + include_src => false, + } + + apt::source { "${_os}_${_release}-security": + location => $_security_location, + release => $_release_security, + repos => $_repos, + include_src => false, + } + } + EOS + + #apt-get update may not run clean here. Should be OK. + apply_manifest(pp, :catch_failures => false) + + pp2 = <<-EOS + class { 'apache': } + class { 'apache::mod::fastcgi': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + fastcgi_server => 'localhost', + fastcgi_socket => '/tmp/fast/1234', + fastcgi_dir => '/tmp/fast', + } + EOS + apply_manifest(pp2, :catch_failures => true, :acceptable_exit_codes => [0, 2]) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'FastCgiExternalServer localhost -socket /tmp/fast/1234' } + it { is_expected.to contain '' } + end + end + end + + describe 'additional_includes' do + it 'applies cleanly' do + pp = <<-EOS + if $::osfamily == 'RedHat' and "$::selinux" == "true" { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + default => 'policycoreutils-python', + } + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package[$semanage_package], + } + package { $semanage_package: ensure => installed } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + } + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + file { '/apache_spec': ensure => directory, } + file { '/apache_spec/include': ensure => present, content => '#additional_includes' } + apache::vhost { 'test.server': + docroot => '/apache_spec', + additional_includes => '/apache_spec/include', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'Include "/apache_spec/include"' } + end + end + + describe 'virtualhost without priority prefix' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'test.server': + priority => false, + docroot => '/tmp' + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/test.server.conf") do + it { is_expected.to be_file } + end + end + + describe 'SSLProtocol directive' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'test.server': + docroot => '/tmp', + ssl => true, + ssl_protocol => ['All', '-SSLv2'], + } + apache::vhost { 'test2.server': + docroot => '/tmp', + ssl => true, + ssl_protocol => 'All -SSLv2', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'SSLProtocol *All -SSLv2' } + end + + describe file("#{$vhost_dir}/25-test2.server.conf") do + it { is_expected.to be_file } + it { is_expected.to contain 'SSLProtocol *All -SSLv2' } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/dev_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/dev_spec.rb new file mode 100644 index 000000000..933d67703 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/dev_spec.rb @@ -0,0 +1,89 @@ +require 'spec_helper' + +describe 'apache::dev', :type => :class do + let(:pre_condition) {[ + 'include apache' + ]} + context "on a Debian OS" do + let :facts do + { + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => 'Linux' + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("libaprutil1-dev") } + it { is_expected.to contain_package("libapr1-dev") } + it { is_expected.to contain_package("apache2-prefork-dev") } + end + context "on an Ubuntu 14 OS" do + let :facts do + { + :lsbdistrelease => '14.04', + :lsbdistcodename => 'trusty', + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '14.04', + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => 'Linux' + } + end + it { is_expected.to contain_package("apache2-dev") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => 'Linux' + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("httpd-devel") } + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '9', + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => 'FreeBSD' + } + end + it { is_expected.to contain_class("apache::params") } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => 'Linux' + } + end + it { is_expected.to contain_class("apache::params") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/alias_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/alias_spec.rb new file mode 100644 index 000000000..9bb28b3aa --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/alias_spec.rb @@ -0,0 +1,96 @@ +require 'spec_helper' + +describe 'apache::mod::alias', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod("alias") } + it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/share\/apache2\/icons\/"/) } + end + context "on a RedHat 6-based OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod("alias") } + it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/var\/www\/icons\/"/) } + end + context "on a RedHat 7-based OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod("alias") } + it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/share\/httpd\/icons\/"/) } + end + context "with icons options", :compile do + let :pre_condition do + 'class { apache: default_mods => false }' + end + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + let :params do + { + 'icons_options' => 'foo' + } + end + it { is_expected.to contain_apache__mod("alias") } + it { is_expected.to contain_file("alias.conf").with(:content => /Options foo/) } + end + context "on a FreeBSD OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'FreeBSD', + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '10', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod("alias") } + it { is_expected.to contain_file("alias.conf").with(:content => /Alias \/icons\/ "\/usr\/local\/www\/apache24\/icons\/"/) } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_cas_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_cas_spec.rb new file mode 100644 index 000000000..53c13c5a1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_cas_spec.rb @@ -0,0 +1,54 @@ +require 'spec_helper' + +describe 'apache::mod::auth_cas', :type => :class do + let :params do + { + :cas_login_url => 'https://cas.example.com/login', + :cas_validate_url => 'https://cas.example.com/validate', + } + end + + let :pre_condition do + 'include ::apache' + end + + context "on a Debian OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_cas") } + it { is_expected.to contain_package("libapache2-mod-auth-cas") } + it { is_expected.to contain_file("auth_cas.conf").with_path('/etc/apache2/mods-available/auth_cas.conf') } + it { is_expected.to contain_file("/var/cache/apache2/mod_auth_cas/").with_owner('www-data') } + end + context "on a RedHat OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_cas") } + it { is_expected.to contain_package("mod_auth_cas") } + it { is_expected.to contain_file("auth_cas.conf").with_path('/etc/httpd/conf.d/auth_cas.conf') } + it { is_expected.to contain_file("/var/cache/mod_auth_cas/").with_owner('apache') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_kerb_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_kerb_spec.rb new file mode 100644 index 000000000..beba378a9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_kerb_spec.rb @@ -0,0 +1,76 @@ +require 'spec_helper' + +describe 'apache::mod::auth_kerb', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_kerb") } + it { is_expected.to contain_package("libapache2-mod-auth-kerb") } + end + context "on a RedHat OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_kerb") } + it { is_expected.to contain_package("mod_auth_kerb") } + end + context "on a FreeBSD OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'FreeBSD', + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '9', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_kerb") } + it { is_expected.to contain_package("www/mod_auth_kerb2") } + end + context "on a Gentoo OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("auth_kerb") } + it { is_expected.to contain_package("www-apache/mod_auth_kerb") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_mellon_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_mellon_spec.rb new file mode 100644 index 000000000..4fac1c3e8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/auth_mellon_spec.rb @@ -0,0 +1,89 @@ +require 'spec_helper' + +describe 'apache::mod::auth_mellon', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { should contain_apache__mod('auth_mellon') } + it { should contain_package('libapache2-mod-auth-mellon') } + it { should contain_file('auth_mellon.conf').with_path('/etc/apache2/mods-available/auth_mellon.conf') } + it { should contain_file('auth_mellon.conf').with_content("MellonPostDirectory \"\/var\/cache\/apache2\/mod_auth_mellon\/\"\n") } + end + describe 'with parameters' do + let :params do + { :mellon_cache_size => '200', + :mellon_cache_entry_size => '2010', + :mellon_lock_file => '/tmp/junk', + :mellon_post_directory => '/tmp/post', + :mellon_post_ttl => '5', + :mellon_post_size => '8', + :mellon_post_count => '10' + } + end + it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheSize\s+200$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheEntrySize\s+2010$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonLockFile\s+"\/tmp\/junk"$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostDirectory\s+"\/tmp\/post"$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostTTL\s+5$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostSize\s+8$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostCount\s+10$/) } + end + + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { should contain_apache__mod('auth_mellon') } + it { should contain_package('mod_auth_mellon') } + it { should contain_file('auth_mellon.conf').with_path('/etc/httpd/conf.d/auth_mellon.conf') } + it { should contain_file('auth_mellon.conf').with_content("MellonCacheSize 100\nMellonLockFile \"/run/mod_auth_mellon/lock\"\n") } + end + describe 'with parameters' do + let :params do + { :mellon_cache_size => '200', + :mellon_cache_entry_size => '2010', + :mellon_lock_file => '/tmp/junk', + :mellon_post_directory => '/tmp/post', + :mellon_post_ttl => '5', + :mellon_post_size => '8', + :mellon_post_count => '10' + } + end + it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheSize\s+200$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonCacheEntrySize\s+2010$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonLockFile\s+"\/tmp\/junk"$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostDirectory\s+"\/tmp\/post"$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostTTL\s+5$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostSize\s+8$/) } + it { should contain_file('auth_mellon.conf').with_content(/^MellonPostCount\s+10$/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/authnz_ldap_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/authnz_ldap_spec.rb new file mode 100644 index 000000000..f89783399 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/authnz_ldap_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper' + +describe 'apache::mod::authnz_ldap', :type => :class do + let :pre_condition do + 'include apache' + end + + context "on a Debian OS" do + let :facts do + { + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :operatingsystem => 'Debian', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::ldap") } + it { is_expected.to contain_apache__mod('authnz_ldap') } + + context 'default verifyServerCert' do + it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } + end + + context 'verifyServerCert = false' do + let(:params) { { :verifyServerCert => false } } + it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } + end + + context 'verifyServerCert = wrong' do + let(:params) { { :verifyServerCert => 'wrong' } } + it 'should raise an error' do + expect { is_expected.to raise_error Puppet::Error } + end + end + end #Debian + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :operatingsystem => 'RedHat', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::ldap") } + it { is_expected.to contain_apache__mod('authnz_ldap') } + + context 'default verifyServerCert' do + it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } + end + + context 'verifyServerCert = false' do + let(:params) { { :verifyServerCert => false } } + it { is_expected.to contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } + end + + context 'verifyServerCert = wrong' do + let(:params) { { :verifyServerCert => 'wrong' } } + it 'should raise an error' do + expect { is_expected.to raise_error Puppet::Error } + end + end + end # Redhat + +end + diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/dav_svn_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dav_svn_spec.rb new file mode 100644 index 000000000..06c6b870f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dav_svn_spec.rb @@ -0,0 +1,79 @@ +require 'spec_helper' + +describe 'apache::mod::dav_svn', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :operatingsystemmajrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dav_svn') } + it { is_expected.to contain_package("libapache2-svn") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :operatingsystemmajrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dav_svn') } + it { is_expected.to contain_package("mod_dav_svn") } + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :operatingsystemmajrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dav_svn') } + it { is_expected.to contain_package("devel/subversion") } + end + context "on a Gentoo OS", :compile do + let :facts do + { + :id => 'root', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :kernel => 'Linux', + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dav_svn') } + it { is_expected.to contain_package("dev-vcs/subversion") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/deflate_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/deflate_spec.rb new file mode 100644 index 000000000..d0d8fedc2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/deflate_spec.rb @@ -0,0 +1,126 @@ +require 'spec_helper' + +# This function is called inside the OS specific contexts +def general_deflate_specs + it { is_expected.to contain_apache__mod("deflate") } + + it do + is_expected.to contain_file("deflate.conf").with_content( + "AddOutputFilterByType DEFLATE text/css\n"\ + "AddOutputFilterByType DEFLATE text/html\n"\ + "\n"\ + "DeflateFilterNote Input instream\n"\ + "DeflateFilterNote Ratio ratio\n" + ) + end +end + +describe 'apache::mod::deflate', :type => :class do + let :pre_condition do + 'class { "apache": + default_mods => false, + } + class { "apache::mod::deflate": + types => [ "text/html", "text/css" ], + notes => { + "Input" => "instream", + "Ratio" => "ratio", + } + } + ' + end + + context "On a Debian OS with default params" do + let :facts do + { + :id => 'root', + :lsbdistcodename => 'squeeze', + :kernel => 'Linux', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_deflate_specs() + + it { is_expected.to contain_file("deflate.conf").with({ + :ensure => 'file', + :path => '/etc/apache2/mods-available/deflate.conf', + } ) } + it { is_expected.to contain_file("deflate.conf symlink").with({ + :ensure => 'link', + :path => '/etc/apache2/mods-enabled/deflate.conf', + } ) } + end + + context "on a RedHat OS with default params" do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_deflate_specs() + + it { is_expected.to contain_file("deflate.conf").with_path("/etc/httpd/conf.d/deflate.conf") } + end + + context "On a FreeBSD OS with default params" do + let :facts do + { + :id => 'root', + :kernel => 'FreeBSD', + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '9', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_deflate_specs() + + it { is_expected.to contain_file("deflate.conf").with({ + :ensure => 'file', + :path => '/usr/local/etc/apache24/Modules/deflate.conf', + } ) } + end + + context "On a Gentoo OS with default params" do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_deflate_specs() + + it { is_expected.to contain_file("deflate.conf").with({ + :ensure => 'file', + :path => '/etc/apache2/modules.d/deflate.conf', + } ) } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/dev_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dev_spec.rb new file mode 100644 index 000000000..1686a0275 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dev_spec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe 'apache::mod::dev', :type => :class do + let(:pre_condition) {[ + 'include apache' + ]} + [ + ['RedHat', '6', 'Santiago', 'Linux'], + ['Debian', '6', 'squeeze', 'Linux'], + ['FreeBSD', '9', 'FreeBSD', 'FreeBSD'], + ].each do |osfamily, operatingsystemrelease, lsbdistcodename, kernel| + context "on a #{osfamily} OS" do + let :facts do + { + :lsbdistcodename => lsbdistcodename, + :osfamily => osfamily, + :operatingsystem => osfamily, + :operatingsystemrelease => operatingsystemrelease, + :is_pe => false, + :concat_basedir => '/foo', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin', + :kernel => kernel + } + end + it { is_expected.to contain_class('apache::dev') } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/dir_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dir_spec.rb new file mode 100644 index 000000000..11622a41c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/dir_spec.rb @@ -0,0 +1,138 @@ +require 'spec_helper' + +describe 'apache::mod::dir', :type => :class do + let :pre_condition do + 'class { "apache": + default_mods => false, + }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :lsbdistcodename => 'squeeze', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dir') } + it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } + end + context "passing indexes => ['example.txt','fearsome.aspx']" do + let :params do + {:indexes => ['example.txt','fearsome.aspx']} + end + it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } + it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Redhat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dir') } + it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } + end + context "passing indexes => ['example.txt','fearsome.aspx']" do + let :params do + {:indexes => ['example.txt','fearsome.aspx']} + end + it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } + it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dir') } + it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } + end + context "passing indexes => ['example.txt','fearsome.aspx']" do + let :params do + {:indexes => ['example.txt','fearsome.aspx']} + end + it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } + it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } + end + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('dir') } + it { is_expected.to contain_file('dir.conf').with_content(/^DirectoryIndex /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.html\.var /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.cgi /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.pl /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.php /) } + it { is_expected.to contain_file('dir.conf').with_content(/ index\.xhtml$/) } + end + context "passing indexes => ['example.txt','fearsome.aspx']" do + let :params do + {:indexes => ['example.txt','fearsome.aspx']} + end + it { is_expected.to contain_file('dir.conf').with_content(/ example\.txt /) } + it { is_expected.to contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/disk_cache.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/disk_cache.rb new file mode 100644 index 000000000..263b4cac6 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/disk_cache.rb @@ -0,0 +1,111 @@ +require 'spec_helper' + +describe 'apache::mod::disk_cache', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_apache__mod("disk_cache") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/apache2\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_apache__mod("cache_disk") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/apache2\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + end + + context "on a RedHat 6-based OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_apache__mod("disk_cache") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_apache__mod("cache_disk") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + end + context "on a FreeBSD OS", :compile do + let :facts do + { + :id => 'root', + :kernel => 'FreeBSD', + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '10', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_apache__mod("disk_cache") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_apache__mod("cache_disk") } + it { is_expected.to contain_file("disk_cache.conf").with(:content => /CacheEnable disk /\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/event_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/event_spec.rb new file mode 100644 index 000000000..dd0a427ea --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/event_spec.rb @@ -0,0 +1,154 @@ +require 'spec_helper' + +describe 'apache::mod::event', :type => :class do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('event') } + it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/event.conf").with_ensure('file') } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('event') } + it { is_expected.to contain_file("/etc/apache2/modules.d/event.conf").with_ensure('file') } + end + context "on a Debian OS" do + let :facts do + { + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('event') } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file') } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/event.conf").with_ensure('link') } + + context "Test mpm_event params" do + let :params do + { + :serverlimit => '0', + :startservers => '1', + :maxclients => '2', + :minsparethreads => '3', + :maxsparethreads => '4', + :threadsperchild => '5', + :maxrequestsperchild => '6', + :threadlimit => '7', + :listenbacklog => '8', + :maxrequestworkers => '9', + :maxconnectionsperchild => '10', + } + end + + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ServerLimit\s*0/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*StartServers\s*1/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxClients\s*2/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MinSpareThreads\s*3/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxSpareThreads\s*4/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ThreadsPerChild\s*5/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxRequestsPerChild\s*6/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ThreadLimit\s*7/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*ListenBacklog\s*8/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxRequestWorkers\s*9/) } + it { is_expected.to contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file').with_content(/^\s*MaxConnectionsPerChild\s*10/) } + end + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.not_to contain_file("/etc/apache2/mods-available/event.load") } + it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/event.load") } + + it { is_expected.to contain_package("apache2-mpm-event") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_file("/etc/apache2/mods-available/event.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n" + }) + } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/event.load").with_ensure('link') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.not_to contain_apache__mod('prefork') } + + it { is_expected.to contain_file("/etc/httpd/conf.d/event.conf").with_ensure('file') } + + it { is_expected.to contain_file("/etc/httpd/conf.d/event.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n", + }) + } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/expires_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/expires_spec.rb new file mode 100644 index 000000000..e6eab7c48 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/expires_spec.rb @@ -0,0 +1,84 @@ +require 'spec_helper' + +describe 'apache::mod::expires', :type => :class do + let :pre_condition do + 'include apache' + end + context "with expires active", :compile do + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod("expires") } + it { is_expected.to contain_file("expires.conf").with(:content => /ExpiresActive On\n/) } + end + context "with expires default", :compile do + let :pre_condition do + 'class { apache: default_mods => false }' + end + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + let :params do + { + 'expires_default' => 'access plus 1 month' + } + end + it { is_expected.to contain_apache__mod("expires") } + it { is_expected.to contain_file("expires.conf").with_content( + "ExpiresActive On\n" \ + "ExpiresDefault \"access plus 1 month\"\n" + ) + } + end + context "with expires by type", :compile do + let :pre_condition do + 'class { apache: default_mods => false }' + end + let :facts do + { + :id => 'root', + :kernel => 'Linux', + :osfamily => 'RedHat', + :operatingsystem => 'RedHat', + :operatingsystemrelease => '7', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :concat_basedir => '/dne', + :is_pe => false, + } + end + let :params do + { + 'expires_by_type' => [ + { 'text/json' => 'mod plus 1 day' }, + { 'text/html' => 'access plus 1 year' }, + ] + } + end + it { is_expected.to contain_apache__mod("expires") } + it { is_expected.to contain_file("expires.conf").with_content( + "ExpiresActive On\n" \ + "ExpiresByType text/json \"mod plus 1 day\"\n" \ + "ExpiresByType text/html \"access plus 1 year\"\n" + ) + } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/ext_filter_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ext_filter_spec.rb new file mode 100644 index 000000000..ed61db9f2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ext_filter_spec.rb @@ -0,0 +1,68 @@ +require 'spec_helper' + +describe 'apache::mod::ext_filter', :type => :class do + let :pre_condition do + 'class { "apache": + default_mods => false, + }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { is_expected.to contain_apache__mod('ext_filter') } + it { is_expected.not_to contain_file('ext_filter.conf') } + end + describe 'with parameters' do + let :params do + { :ext_filter_define => {'filtA' => 'input=A output=B', + 'filtB' => 'input=C cmd="C"' }, + } + end + it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtA\s+input=A output=B$/) } + it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtB\s+input=C cmd="C"$/) } + end + + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { is_expected.to contain_apache__mod('ext_filter') } + it { is_expected.not_to contain_file('ext_filter.conf') } + end + describe 'with parameters' do + let :params do + { :ext_filter_define => {'filtA' => 'input=A output=B', + 'filtB' => 'input=C cmd="C"' }, + } + end + it { is_expected.to contain_file('ext_filter.conf').with_path('/etc/httpd/conf.d/ext_filter.conf') } + it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtA\s+input=A output=B$/) } + it { is_expected.to contain_file('ext_filter.conf').with_content(/^ExtFilterDefine\s+filtB\s+input=C cmd="C"$/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/fastcgi_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/fastcgi_spec.rb new file mode 100644 index 000000000..e204bb746 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/fastcgi_spec.rb @@ -0,0 +1,45 @@ +require 'spec_helper' + +describe 'apache::mod::fastcgi', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fastcgi') } + it { is_expected.to contain_package("libapache2-mod-fastcgi") } + it { is_expected.to contain_file('fastcgi.conf') } + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fastcgi') } + it { is_expected.to contain_package("mod_fastcgi") } + it { is_expected.not_to contain_file('fastcgi.conf') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/fcgid_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/fcgid_spec.rb new file mode 100644 index 000000000..98953625a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/fcgid_spec.rb @@ -0,0 +1,143 @@ +require 'spec_helper' + +describe 'apache::mod::fcgid', :type => :class do + let :pre_condition do + 'include apache' + end + + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :operatingsystemmajrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fcgid').with({ + 'loadfile_name' => 'unixd_fcgid.load' + }) } + it { is_expected.to contain_package("libapache2-mod-fcgid") } + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :operatingsystemmajrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + describe 'without parameters' do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fcgid').with({ + 'loadfile_name' => 'unixd_fcgid.load' + }) } + it { is_expected.to contain_package("mod_fcgid") } + end + + describe 'with parameters' do + let :params do { + :options => { + 'FcgidIPCDir' => '/var/run/fcgidsock', + 'SharememPath' => '/var/run/fcgid_shm', + 'FcgidMinProcessesPerClass' => '0', + 'AddHandler' => 'fcgid-script .fcgi', + } + } end + + it 'should contain the correct config' do + content = catalogue.resource('file', 'unixd_fcgid.conf').send(:parameters)[:content] + expect(content.split("\n").reject { |c| c =~ /(^#|^$)/ }).to eq([ + '', + ' AddHandler fcgid-script .fcgi', + ' FcgidIPCDir /var/run/fcgidsock', + ' FcgidMinProcessesPerClass 0', + ' SharememPath /var/run/fcgid_shm', + '', + ]) + end + end + end + + context "on RHEL7" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :operatingsystemmajrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + describe 'without parameters' do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fcgid').with({ + 'loadfile_name' => 'unixd_fcgid.load' + }) } + it { is_expected.to contain_package("mod_fcgid") } + end + end + + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '10', + :operatingsystemmajrelease => '10', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fcgid').with({ + 'loadfile_name' => 'unixd_fcgid.load' + }) } + it { is_expected.to contain_package("www/mod_fcgid") } + end + + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('fcgid').with({ + 'loadfile_name' => 'unixd_fcgid.load' + }) } + it { is_expected.to contain_package("www-apache/mod_fcgid") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/info_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/info_spec.rb new file mode 100644 index 000000000..8ecbcdd2a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/info_spec.rb @@ -0,0 +1,224 @@ +require 'spec_helper' + +# This function is called inside the OS specific contexts +def general_info_specs_22 + it { is_expected.to contain_apache__mod('info') } + + context 'passing no parameters' do + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + " Order deny,allow\n"\ + " Deny from all\n"\ + " Allow from 127.0.0.1\n"\ + " Allow from ::1\n"\ + "\n" + ) + } + end + context 'passing restrict_access => false' do + let :params do { + :restrict_access => false + } + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + "\n" + ) + } + end + context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do + let :params do + {:allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']} + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + " Order deny,allow\n"\ + " Deny from all\n"\ + " Allow from 10.10.1.2\n"\ + " Allow from 192.168.1.2\n"\ + " Allow from 127.0.0.1\n"\ + "\n" + ) + } + end + context 'passing both restrict_access and allow_from' do + let :params do + { + :restrict_access => false, + :allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1'] + } + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + "\n" + ) + } + end +end + +def general_info_specs_24 + it { is_expected.to contain_apache__mod('info') } + + context 'passing no parameters' do + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + " Require ip 127.0.0.1 ::1\n"\ + "\n" + ) + } + end + context 'passing restrict_access => false' do + let :params do { + :restrict_access => false + } + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + "\n" + ) + } + end + context "passing allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']" do + let :params do + {:allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1']} + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + " Require ip 10.10.1.2 192.168.1.2 127.0.0.1\n"\ + "\n" + ) + } + end + context 'passing both restrict_access and allow_from' do + let :params do + { + :restrict_access => false, + :allow_from => ['10.10.1.2', '192.168.1.2', '127.0.0.1'] + } + end + it { + is_expected.to contain_file('info.conf').with_content( + "\n"\ + " SetHandler server-info\n"\ + "\n" + ) + } + end +end + +describe 'apache::mod::info', :type => :class do + let :pre_condition do + "class { 'apache': default_mods => false, }" + end + + context 'On a Debian OS' do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_info_specs_22() + + it { is_expected.to contain_file('info.conf').with({ + :ensure => 'file', + :path => '/etc/apache2/mods-available/info.conf', + } ) } + it { is_expected.to contain_file('info.conf symlink').with({ + :ensure => 'link', + :path => '/etc/apache2/mods-enabled/info.conf', + } ) } + end + + context 'on a RedHat OS' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_info_specs_22() + + it { is_expected.to contain_file('info.conf').with({ + :ensure => 'file', + :path => '/etc/httpd/conf.d/info.conf', + } ) } + end + + context 'on a FreeBSD OS' do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '10', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_info_specs_24() + + it { is_expected.to contain_file('info.conf').with({ + :ensure => 'file', + :path => '/usr/local/etc/apache24/Modules/info.conf', + } ) } + end + + context 'on a Gentoo OS' do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + + # Load the more generic tests for this context + general_info_specs_24() + + it { is_expected.to contain_file('info.conf').with({ + :ensure => 'file', + :path => '/etc/apache2/modules.d/info.conf', + } ) } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/itk_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/itk_spec.rb new file mode 100644 index 000000000..27369f144 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/itk_spec.rb @@ -0,0 +1,130 @@ +require 'spec_helper' + +describe 'apache::mod::itk', :type => :class do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('itk') } + it { is_expected.to contain_file("/etc/apache2/mods-available/itk.conf").with_ensure('file') } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/itk.conf").with_ensure('link') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.not_to contain_file("/etc/apache2/mods-available/itk.load") } + it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/itk.load") } + + it { is_expected.to contain_package("apache2-mpm-itk") } + end + + context "with Apache version >= 2.4" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_file("/etc/apache2/mods-available/itk.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_itk_module /usr/lib/apache2/modules/mod_mpm_itk.so\n" + }) + } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/itk.load").with_ensure('link') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('itk') } + it { is_expected.to contain_file("/etc/httpd/conf.d/itk.conf").with_ensure('file') } + it { is_expected.to contain_package("httpd-itk") } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_file_line("/etc/sysconfig/httpd itk enable").with({ + 'require' => 'Package[httpd]', + }) + } + end + + context "with Apache version >= 2.4" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_file("/etc/httpd/conf.d/itk.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_itk_module modules/mod_mpm_itk.so\n" + }) + } + end + end + context "on a FreeBSD OS" do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '10', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + :mpm_module => 'itk', + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('itk') } + it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/itk.conf").with_ensure('file') } + it { is_expected.to contain_package("www/mod_mpm_itk") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/ldap_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ldap_spec.rb new file mode 100644 index 000000000..2b82d8d1b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ldap_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper' + +describe 'apache::mod::ldap', :type => :class do + let :pre_condition do + 'include apache' + end + + context "on a Debian OS" do + let :facts do + { + :lsbdistcodename => 'squeeze', + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :operatingsystem => 'Debian', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::ldap") } + it { is_expected.to contain_apache__mod('ldap') } + + context 'default ldap_trusted_global_cert_file' do + it { is_expected.to contain_file('ldap.conf').without_content(/^LDAPTrustedGlobalCert/) } + end + + context 'ldap_trusted_global_cert_file param' do + let(:params) { { :ldap_trusted_global_cert_file => 'ca.pem' } } + it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$/) } + end + + context 'ldap_trusted_global_cert_file and ldap_trusted_global_cert_type params' do + let(:params) {{ + :ldap_trusted_global_cert_file => 'ca.pem', + :ldap_trusted_global_cert_type => 'CA_DER' + }} + it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_DER ca\.pem$/) } + end + end #Debian + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :operatingsystem => 'RedHat', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::ldap") } + it { is_expected.to contain_apache__mod('ldap') } + + context 'default ldap_trusted_global_cert_file' do + it { is_expected.to contain_file('ldap.conf').without_content(/^LDAPTrustedGlobalCert/) } + end + + context 'ldap_trusted_global_cert_file param' do + let(:params) { { :ldap_trusted_global_cert_file => 'ca.pem' } } + it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$/) } + end + + context 'ldap_trusted_global_cert_file and ldap_trusted_global_cert_type params' do + let(:params) {{ + :ldap_trusted_global_cert_file => 'ca.pem', + :ldap_trusted_global_cert_type => 'CA_DER' + }} + it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_DER ca\.pem$/) } + end + end # Redhat +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_magic_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_magic_spec.rb new file mode 100644 index 000000000..f846ce386 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_magic_spec.rb @@ -0,0 +1,112 @@ +require 'spec_helper' + +# This function is called inside the OS specific contexts +def general_mime_magic_specs + it { is_expected.to contain_apache__mod("mime_magic") } +end + +describe 'apache::mod::mime_magic', :type => :class do + let :pre_condition do + 'include apache' + end + + context "On a Debian OS with default params" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + general_mime_magic_specs() + + it do + is_expected.to contain_file("mime_magic.conf").with_content( + "MIMEMagicFile \"/etc/apache2/magic\"\n" + ) + end + + it { is_expected.to contain_file("mime_magic.conf").with({ + :ensure => 'file', + :path => '/etc/apache2/mods-available/mime_magic.conf', + } ) } + it { is_expected.to contain_file("mime_magic.conf symlink").with({ + :ensure => 'link', + :path => '/etc/apache2/mods-enabled/mime_magic.conf', + } ) } + + context "with magic_file => /tmp/Debian_magic" do + let :params do + { :magic_file => "/tmp/Debian_magic" } + end + + it do + is_expected.to contain_file("mime_magic.conf").with_content( + "MIMEMagicFile \"/tmp/Debian_magic\"\n" + ) + end + end + + end + + context "on a RedHat OS with default params" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + general_mime_magic_specs() + + it do + is_expected.to contain_file("mime_magic.conf").with_content( + "MIMEMagicFile \"/etc/httpd/conf/magic\"\n" + ) + end + + it { is_expected.to contain_file("mime_magic.conf").with_path("/etc/httpd/conf.d/mime_magic.conf") } + + end + + context "with magic_file => /tmp/magic" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + let :params do + { :magic_file => "/tmp/magic" } + end + + it do + is_expected.to contain_file("mime_magic.conf").with_content( + "MIMEMagicFile \"/tmp/magic\"\n" + ) + end + end + + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_spec.rb new file mode 100644 index 000000000..3c7ad88d1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/mime_spec.rb @@ -0,0 +1,54 @@ +require 'spec_helper' + +# This function is called inside the OS specific conte, :compilexts +def general_mime_specs + it { is_expected.to contain_apache__mod("mime") } +end + +describe 'apache::mod::mime', :type => :class do + let :pre_condition do + 'include apache' + end + + context "On a Debian OS with default params", :compile do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + general_mime_specs() + + it { is_expected.to contain_file("mime.conf").with_path('/etc/apache2/mods-available/mime.conf') } + + end + + context "on a RedHat OS with default params", :compile do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + general_mime_specs() + + it { is_expected.to contain_file("mime.conf").with_path("/etc/httpd/conf.d/mime.conf") } + + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/negotiation_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/negotiation_spec.rb new file mode 100644 index 000000000..813e76def --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/negotiation_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper' + +describe 'apache::mod::negotiation', :type => :class do + describe "OS independent tests" do + + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + context "default params" do + let :pre_condition do + 'class {"::apache": }' + end + it { should contain_class("apache") } + it do + should contain_file('negotiation.conf').with( { + :ensure => 'file', + :content => 'LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +ForceLanguagePriority Prefer Fallback +', + } ) + end + end + + context 'with force_language_priority parameter' do + let :pre_condition do + 'class {"::apache": default_mods => ["negotiation"]}' + end + let :params do + { :force_language_priority => 'Prefer' } + end + it do + should contain_file('negotiation.conf').with( { + :ensure => 'file', + :content => /^ForceLanguagePriority Prefer$/, + } ) + end + end + + context 'with language_priority parameter' do + let :pre_condition do + 'class {"::apache": default_mods => ["negotiation"]}' + end + let :params do + { :language_priority => [ 'en', 'es' ] } + end + it do + should contain_file('negotiation.conf').with( { + :ensure => 'file', + :content => /^LanguagePriority en es$/, + } ) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/pagespeed_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/pagespeed_spec.rb new file mode 100644 index 000000000..44c60053e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/pagespeed_spec.rb @@ -0,0 +1,54 @@ +require 'spec_helper' + +describe 'apache::mod::pagespeed', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('pagespeed') } + it { is_expected.to contain_package("mod-pagespeed-stable") } + + context "when setting additional_configuration to a Hash" do + let :params do { :additional_configuration => { 'Key' => 'Value' } } end + it { is_expected.to contain_file('pagespeed.conf').with_content /Key Value/ } + end + + context "when setting additional_configuration to an Array" do + let :params do { :additional_configuration => [ 'Key Value' ] } end + it { is_expected.to contain_file('pagespeed.conf').with_content /Key Value/ } + end + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('pagespeed') } + it { is_expected.to contain_package("mod-pagespeed-stable") } + it { is_expected.to contain_file('pagespeed.conf') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/passenger_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/passenger_spec.rb new file mode 100644 index 000000000..d7e9ce9ed --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/passenger_spec.rb @@ -0,0 +1,327 @@ +require 'spec_helper' + +describe 'apache::mod::passenger', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :kernel => 'Linux', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('passenger') } + it { is_expected.to contain_package("libapache2-mod-passenger") } + it { is_expected.to contain_file('zpassenger.load').with({ + 'path' => '/etc/apache2/mods-available/zpassenger.load', + }) } + it { is_expected.to contain_file('passenger.conf').with({ + 'path' => '/etc/apache2/mods-available/passenger.conf', + }) } + describe "with passenger_root => '/usr/lib/example'" do + let :params do + { :passenger_root => '/usr/lib/example' } + end + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/example"}) } + end + describe "with passenger_ruby => /usr/lib/example/ruby" do + let :params do + { :passenger_ruby => '/usr/lib/example/ruby' } + end + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby"}) } + end + describe "with passenger_default_ruby => /usr/lib/example/ruby1.9.3" do + let :params do + { :passenger_ruby => '/usr/lib/example/ruby1.9.3' } + end + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby1.9.3"}) } + end + describe "with passenger_high_performance => on" do + let :params do + { :passenger_high_performance => 'on' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerHighPerformance on$/) } + end + describe "with passenger_pool_idle_time => 1200" do + let :params do + { :passenger_pool_idle_time => 1200 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerPoolIdleTime 1200$/) } + end + describe "with passenger_max_request_queue_size => 100" do + let :params do + { :passenger_max_request_queue_size => 100 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxRequestQueueSize 100$/) } + end + + describe "with passenger_max_requests => 20" do + let :params do + { :passenger_max_requests => 20 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxRequests 20$/) } + end + describe "with passenger_spawn_method => bogus" do + let :params do + { :passenger_spawn_method => 'bogus' } + end + it { is_expected.to raise_error(Puppet::Error, /not permitted for passenger_spawn_method/) } + end + describe "with passenger_spawn_method => direct" do + let :params do + { :passenger_spawn_method => 'direct' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerSpawnMethod direct$/) } + end + describe "with passenger_stat_throttle_rate => 10" do + let :params do + { :passenger_stat_throttle_rate => 10 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerStatThrottleRate 10$/) } + end + describe "with passenger_max_pool_size => 16" do + let :params do + { :passenger_max_pool_size => 16 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMaxPoolSize 16$/) } + end + describe "with passenger_min_instances => 5" do + let :params do + { :passenger_min_instances => 5 } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerMinInstances 5$/) } + end + describe "with rack_autodetect => on" do + let :params do + { :rack_autodetect => 'on' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ RackAutoDetect on$/) } + end + describe "with rails_autodetect => on" do + let :params do + { :rails_autodetect => 'on' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ RailsAutoDetect on$/) } + end + describe "with passenger_use_global_queue => on" do + let :params do + { :passenger_use_global_queue => 'on' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerUseGlobalQueue on$/) } + end + describe "with passenger_app_env => 'foo'" do + let :params do + { :passenger_app_env => 'foo' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerAppEnv foo$/) } + end + describe "with passenger_log_file => '/var/log/apache2/passenger.log'" do + let :params do + { :passenger_log_file => '/var/log/apache2/passenger.log' } + end + it { is_expected.to contain_file('passenger.conf').with_content(%r{^ PassengerLogFile /var/log/apache2/passenger.log$}) } + end + describe "with mod_path => '/usr/lib/foo/mod_foo.so'" do + let :params do + { :mod_path => '/usr/lib/foo/mod_foo.so' } + end + it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_foo\.so$/) } + end + describe "with mod_lib_path => '/usr/lib/foo'" do + let :params do + { :mod_lib_path => '/usr/lib/foo' } + end + it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_passenger\.so$/) } + end + describe "with mod_lib => 'mod_foo.so'" do + let :params do + { :mod_lib => 'mod_foo.so' } + end + it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/apache2\/modules\/mod_foo\.so$/) } + end + describe "with mod_id => 'mod_foo'" do + let :params do + { :mod_id => 'mod_foo' } + end + it { is_expected.to contain_file('zpassenger.load').with_content(/^LoadModule mod_foo \/usr\/lib\/apache2\/modules\/mod_passenger\.so$/) } + end + + context "with Ubuntu 12.04 defaults" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '12.04', + :kernel => 'Linux', + :operatingsystem => 'Ubuntu', + :lsbdistrelease => '12.04', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr"}) } + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/bin/ruby"}) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerDefaultRuby/) } + end + + context "with Ubuntu 14.04 defaults" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '14.04', + :operatingsystem => 'Ubuntu', + :kernel => 'Linux', + :lsbdistrelease => '14.04', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } + end + + context "with Debian 7 defaults" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '7.3', + :operatingsystem => 'Debian', + :kernel => 'Linux', + :lsbdistcodename => 'wheezy', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr"}) } + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/bin/ruby"}) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerDefaultRuby/) } + end + + context "with Debian 8 defaults" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '8.0', + :operatingsystem => 'Debian', + :kernel => 'Linux', + :lsbdistcodename => 'jessie', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini"}) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } + it { is_expected.to contain_file('passenger.conf').with_content(%r{PassengerDefaultRuby "/usr/bin/ruby"}) } + end + end + + context "on a RedHat OS" do + let :rh_facts do + { + :osfamily => 'RedHat', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + context "on EL6" do + let(:facts) { rh_facts.merge(:operatingsystemrelease => '6') } + + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('passenger') } + it { is_expected.to contain_package("mod_passenger") } + it { is_expected.to contain_file('passenger_package.conf').with({ + 'path' => '/etc/httpd/conf.d/passenger.conf', + }) } + it { is_expected.to contain_file('passenger_package.conf').without_content } + it { is_expected.to contain_file('passenger_package.conf').without_source } + it { is_expected.to contain_file('zpassenger.load').with({ + 'path' => '/etc/httpd/conf.d/zpassenger.load', + }) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRoot/) } + it { is_expected.to contain_file('passenger.conf').without_content(/PassengerRuby/) } + describe "with passenger_root => '/usr/lib/example'" do + let :params do + { :passenger_root => '/usr/lib/example' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/example"$/) } + end + describe "with passenger_ruby => /usr/lib/example/ruby" do + let :params do + { :passenger_ruby => '/usr/lib/example/ruby' } + end + it { is_expected.to contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/lib\/example\/ruby"$/) } + end + end + + context "on EL7" do + let(:facts) { rh_facts.merge(:operatingsystemrelease => '7') } + + it { is_expected.to contain_file('passenger_package.conf').with({ + 'path' => '/etc/httpd/conf.d/passenger.conf', + }) } + it { is_expected.to contain_file('zpassenger.load').with({ + 'path' => '/etc/httpd/conf.modules.d/zpassenger.load', + }) } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('passenger') } + it { is_expected.to contain_package("www/rubygem-passenger") } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('passenger') } + it { is_expected.to contain_package("www-apache/passenger") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/perl_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/perl_spec.rb new file mode 100644 index 000000000..17ee1b366 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/perl_spec.rb @@ -0,0 +1,76 @@ +require 'spec_helper' + +describe 'apache::mod::perl', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('perl') } + it { is_expected.to contain_package("libapache2-mod-perl2") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('perl') } + it { is_expected.to contain_package("mod_perl") } + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('perl') } + it { is_expected.to contain_package("www/mod_perl2") } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :operatingsystem => 'Gentoo', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('perl') } + it { is_expected.to contain_package("www-apache/mod_perl") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/peruser_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/peruser_spec.rb new file mode 100644 index 000000000..097a36fff --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/peruser_spec.rb @@ -0,0 +1,43 @@ +require 'spec_helper' + +describe 'apache::mod::peruser', :type => :class do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '10', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it do + expect { + catalogue + }.to raise_error(Puppet::Error, /Unsupported osfamily FreeBSD/) + end + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('peruser') } + it { is_expected.to contain_file("/etc/apache2/modules.d/peruser.conf").with_ensure('file') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/php_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/php_spec.rb new file mode 100644 index 000000000..3aaa3d329 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/php_spec.rb @@ -0,0 +1,293 @@ +require 'spec_helper' + +describe 'apache::mod::php', :type => :class do + describe "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "with mpm_module => prefork" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::prefork") } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("libapache2-mod-php5") } + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n" + ) } + end + context "with mpm_module => itk" do + let :pre_condition do + 'class { "apache": mpm_module => itk, }' + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::itk") } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("libapache2-mod-php5") } + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n" + ) } + end + end + describe "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "with default params" do + let :pre_condition do + 'class { "apache": }' + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("php") } + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module modules/libphp5.so\n" + ) } + end + context "with alternative package name" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :package_name => 'php54'} + end + it { is_expected.to contain_package("php54") } + end + context "with alternative path" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :path => 'alternative-path'} + end + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module alternative-path\n" + ) } + end + context "with alternative extensions" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :extensions => ['.php','.php5']} + end + it { is_expected.to contain_file("php5.conf").with_content(Regexp.new(Regexp.escape(''))) } + end + context "with specific version" do + let :pre_condition do + 'class { "apache": }' + end + let :params do + { :package_ensure => '5.3.13'} + end + it { is_expected.to contain_package("php").with( + :ensure => '5.3.13' + ) } + end + context "with mpm_module => prefork" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::prefork") } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("php") } + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module modules/libphp5.so\n" + ) } + end + context "with mpm_module => itk" do + let :pre_condition do + 'class { "apache": mpm_module => itk, }' + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class("apache::mod::itk") } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("php") } + it { is_expected.to contain_file("php5.load").with( + :content => "LoadModule php5_module modules/libphp5.so\n" + ) } + end + end + describe "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '10', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "with mpm_module => prefork" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("www/mod_php5") } + it { is_expected.to contain_file('php5.load') } + end + context "with mpm_module => itk" do + let :pre_condition do + 'class { "apache": mpm_module => itk, }' + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_class('apache::mod::itk') } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("www/mod_php5") } + it { is_expected.to contain_file('php5.load') } + end + end + describe "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + context "with mpm_module => prefork" do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("dev-lang/php") } + it { is_expected.to contain_file('php5.load') } + end + context "with mpm_module => itk" do + let :pre_condition do + 'class { "apache": mpm_module => itk, }' + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_class('apache::mod::itk') } + it { is_expected.to contain_apache__mod('php5') } + it { is_expected.to contain_package("dev-lang/php") } + it { is_expected.to contain_file('php5.load') } + end + end + describe "OS independent tests" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :kernel => 'Linux', + :lsbdistcodename => 'squeeze', + :concat_basedir => '/dne', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'with content param' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { :content => 'somecontent' } + end + it { should contain_file('php5.conf').with( + :content => 'somecontent' + ) } + end + context 'with template param' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { :template => 'apache/mod/php5.conf.erb' } + end + it { should contain_file('php5.conf').with( + :content => /^# PHP is an HTML-embedded scripting language which attempts to make it/ + ) } + end + context 'with source param' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { :source => 'some-path' } + end + it { should contain_file('php5.conf').with( + :source => 'some-path' + ) } + end + context 'content has priority over template' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { + :template => 'apache/mod/php5.conf.erb', + :content => 'somecontent' + } + end + it { should contain_file('php5.conf').with( + :content => 'somecontent' + ) } + end + context 'source has priority over template' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { + :template => 'apache/mod/php5.conf.erb', + :source => 'some-path' + } + end + it { should contain_file('php5.conf').with( + :source => 'some-path' + ) } + end + context 'source has priority over content' do + let :pre_condition do + 'class { "apache": mpm_module => prefork, }' + end + let :params do + { + :content => 'somecontent', + :source => 'some-path' + } + end + it { should contain_file('php5.conf').with( + :source => 'some-path' + ) } + end + context 'with mpm_module => worker' do + let :pre_condition do + 'class { "apache": mpm_module => worker, }' + end + it 'should raise an error' do + expect { expect(subject).to contain_apache__mod('php5') }.to raise_error Puppet::Error, /mpm_module => 'prefork' or mpm_module => 'itk'/ + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/prefork_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/prefork_spec.rb new file mode 100644 index 000000000..3e2954fc7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/prefork_spec.rb @@ -0,0 +1,134 @@ +require 'spec_helper' + +describe 'apache::mod::prefork', :type => :class do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('prefork') } + it { is_expected.to contain_file("/etc/apache2/mods-available/prefork.conf").with_ensure('file') } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/prefork.conf").with_ensure('link') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.not_to contain_file("/etc/apache2/mods-available/prefork.load") } + it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/prefork.load") } + + it { is_expected.to contain_package("apache2-mpm-prefork") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_file("/etc/apache2/mods-available/prefork.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n" + }) + } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/prefork.load").with_ensure('link') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('prefork') } + it { is_expected.to contain_file("/etc/httpd/conf.d/prefork.conf").with_ensure('file') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_file_line("/etc/sysconfig/httpd prefork enable").with({ + 'require' => 'Package[httpd]', + }) + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.not_to contain_apache__mod('event') } + + it { is_expected.to contain_file("/etc/httpd/conf.d/prefork.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n", + }) + } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('prefork') } + it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/prefork.conf").with_ensure('file') } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('prefork') } + it { is_expected.to contain_file("/etc/apache2/modules.d/prefork.conf").with_ensure('file') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_connect_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_connect_spec.rb new file mode 100644 index 000000000..dbb314c2b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_connect_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper' + +describe 'apache::mod::proxy_connect', :type => :class do + let :pre_condition do + [ + 'include apache', + 'include apache::mod::proxy', + ] + end + context 'on a Debian OS' do + let :facts do + { + :osfamily => 'Debian', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'with Apache version < 2.2' do + let :facts do + super().merge({ + :operatingsystemrelease => '7.0', + :lsbdistcodename => 'wheezy', + }) + end + let :params do + { + :apache_version => '2.1', + } + end + it { is_expected.not_to contain_apache__mod('proxy_connect') } + end + context 'with Apache version = 2.2' do + let :facts do + super().merge({ + :operatingsystemrelease => '7.0', + :lsbdistcodename => 'wheezy', + }) + end + let :params do + { + :apache_version => '2.2', + } + end + it { is_expected.to contain_apache__mod('proxy_connect') } + end + context 'with Apache version >= 2.4' do + let :facts do + super().merge({ + :operatingsystemrelease => '8.0', + :lsbdistcodename => 'jessie', + }) + end + let :params do + { + :apache_version => '2.4', + } + end + it { is_expected.to contain_apache__mod('proxy_connect') } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_html_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_html_spec.rb new file mode 100644 index 000000000..80106931e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/proxy_html_spec.rb @@ -0,0 +1,105 @@ +require 'spec_helper' + +describe 'apache::mod::proxy_html', :type => :class do + let :pre_condition do + [ + 'include apache', + 'include apache::mod::proxy', + 'include apache::mod::proxy_http', + ] + end + context "on a Debian OS" do + shared_examples "debian" do |loadfiles| + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => loadfiles) } + it { is_expected.to contain_package("libapache2-mod-proxy-html") } + end + let :facts do + { + :osfamily => 'Debian', + :concat_basedir => '/dne', + :architecture => 'i386', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :hardwaremodel => 'i386', + :is_pe => false, + } + end + + context "on squeeze" do + let(:facts) { super().merge({ :operatingsystemrelease => '6' }) } + it_behaves_like "debian", ['/usr/lib/libxml2.so.2'] + end + context "on wheezy" do + let(:facts) { super().merge({ :operatingsystemrelease => '7' }) } + context "i386" do + let(:facts) { super().merge({ + :hardwaremodel => 'i686', + :architecture => 'i386' + })} + it_behaves_like "debian", ["/usr/lib/i386-linux-gnu/libxml2.so.2"] + end + context "x64" do + let(:facts) { super().merge({ + :hardwaremodel => 'x86_64', + :architecture => 'amd64' + })} + it_behaves_like "debian", ["/usr/lib/x86_64-linux-gnu/libxml2.so.2"] + end + end + end + context "on a RedHat OS", :compile do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } + it { is_expected.to contain_package("mod_proxy_html") } + end + context "on a FreeBSD OS", :compile do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } + it { is_expected.to contain_package("www/mod_proxy_html") } + end + context "on a Gentoo OS", :compile do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('proxy_html').with(:loadfiles => nil) } + it { is_expected.to contain_package("www-apache/mod_proxy_html") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/python_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/python_spec.rb new file mode 100644 index 000000000..46c4cde3a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/python_spec.rb @@ -0,0 +1,76 @@ +require 'spec_helper' + +describe 'apache::mod::python', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("python") } + it { is_expected.to contain_package("libapache2-mod-python") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("python") } + it { is_expected.to contain_package("mod_python") } + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("python") } + it { is_expected.to contain_package("www/mod_python3") } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod("python") } + it { is_expected.to contain_package("www-apache/mod_python") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/remoteip_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/remoteip_spec.rb new file mode 100644 index 000000000..c9f5b4e83 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/remoteip_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +describe 'apache::mod::remoteip', :type => :class do + let :pre_condition do + [ + 'include apache', + ] + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '8', + :concat_basedir => '/dne', + :lsbdistcodename => 'jessie', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + } + end + let :params do + { :apache_version => '2.4' } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('remoteip') } + it { is_expected.to contain_file('remoteip.conf').with({ + 'path' => '/etc/apache2/mods-available/remoteip.conf', + }) } + + describe "with header X-Forwarded-For" do + let :params do + { :header => 'X-Forwarded-For' } + end + it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPHeader X-Forwarded-For$/) } + end + describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do + let :params do + { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } + end + it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPInternalProxy 10.42.17.8$/) } + it { is_expected.to contain_file('remoteip.conf').with_content(/^RemoteIPInternalProxy 10.42.18.99$/) } + end + describe "with Apache version < 2.4" do + let :params do + { :apache_version => '2.2' } + end + it 'should fail' do + expect { catalogue }.to raise_error(Puppet::Error, /mod_remoteip is only available in Apache 2.4/) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/reqtimeout_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/reqtimeout_spec.rb new file mode 100644 index 000000000..1869eb68d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/reqtimeout_spec.rb @@ -0,0 +1,150 @@ +require 'spec_helper' + +describe 'apache::mod::reqtimeout', :type => :class do + let :pre_condition do + 'class { "apache": + default_mods => false, + }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :lsbdistcodename => 'squeeze', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } + end + context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do + let :params do + {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } + end + context "passing timeouts => 'header=20-60,minrate=600'" do + let :params do + {:timeouts => 'header=20-60,minrate=600'} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Redhat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } + end + context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do + let :params do + {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } + end + context "passing timeouts => 'header=20-60,minrate=600'" do + let :params do + {:timeouts => 'header=20-60,minrate=600'} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } + end + context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do + let :params do + {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } + end + context "passing timeouts => 'header=20-60,minrate=600'" do + let :params do + {:timeouts => 'header=20-60,minrate=600'} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } + end + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + context "passing no parameters" do + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-40,minrate=500\nRequestReadTimeout body=10,minrate=500$/) } + end + context "passing timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']" do + let :params do + {:timeouts => ['header=20-60,minrate=600', 'body=60,minrate=600']} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600\nRequestReadTimeout body=60,minrate=600$/) } + end + context "passing timeouts => 'header=20-60,minrate=600'" do + let :params do + {:timeouts => 'header=20-60,minrate=600'} + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('reqtimeout') } + it { is_expected.to contain_file('reqtimeout.conf').with_content(/^RequestReadTimeout header=20-60,minrate=600$/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/rpaf_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/rpaf_spec.rb new file mode 100644 index 000000000..83591bc28 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/rpaf_spec.rb @@ -0,0 +1,130 @@ +require 'spec_helper' + +describe 'apache::mod::rpaf', :type => :class do + let :pre_condition do + [ + 'include apache', + ] + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('rpaf') } + it { is_expected.to contain_package("libapache2-mod-rpaf") } + it { is_expected.to contain_file('rpaf.conf').with({ + 'path' => '/etc/apache2/mods-available/rpaf.conf', + }) } + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFenable On$/) } + + describe "with sethostname => true" do + let :params do + { :sethostname => 'true' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFsethostname On$/) } + end + describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do + let :params do + { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFproxy_ips 10.42.17.8 10.42.18.99$/) } + end + describe "with header => X-Real-IP" do + let :params do + { :header => 'X-Real-IP' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFheader X-Real-IP$/) } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('rpaf') } + it { is_expected.to contain_package("www/mod_rpaf2") } + it { is_expected.to contain_file('rpaf.conf').with({ + 'path' => '/usr/local/etc/apache24/Modules/rpaf.conf', + }) } + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFenable On$/) } + + describe "with sethostname => true" do + let :params do + { :sethostname => 'true' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFsethostname On$/) } + end + describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do + let :params do + { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFproxy_ips 10.42.17.8 10.42.18.99$/) } + end + describe "with header => X-Real-IP" do + let :params do + { :header => 'X-Real-IP' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFheader X-Real-IP$/) } + end + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__mod('rpaf') } + it { is_expected.to contain_package("www-apache/mod_rpaf") } + it { is_expected.to contain_file('rpaf.conf').with({ + 'path' => '/etc/apache2/modules.d/rpaf.conf', + }) } + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFenable On$/) } + + describe "with sethostname => true" do + let :params do + { :sethostname => 'true' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFsethostname On$/) } + end + describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do + let :params do + { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFproxy_ips 10.42.17.8 10.42.18.99$/) } + end + describe "with header => X-Real-IP" do + let :params do + { :header => 'X-Real-IP' } + end + it { is_expected.to contain_file('rpaf.conf').with_content(/^RPAFheader X-Real-IP$/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/security_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/security_spec.rb new file mode 100644 index 000000000..ba0bb2f71 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/security_spec.rb @@ -0,0 +1,95 @@ +require 'spec_helper' + +describe 'apache::mod::security', :type => :class do + let :pre_condition do + 'include apache' + end + + context "on RedHat based systems" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { should contain_apache__mod('security').with( + :id => 'security2_module', + :lib => 'mod_security2.so' + ) } + it { should contain_apache__mod('unique_id_module').with( + :id => 'unique_id_module', + :lib => 'mod_unique_id.so' + ) } + it { should contain_package('mod_security_crs') } + it { should contain_file('security.conf').with( + :path => '/etc/httpd/conf.modules.d/security.conf' + ) } + it { should contain_file('/etc/httpd/modsecurity.d').with( + :ensure => 'directory', + :path => '/etc/httpd/modsecurity.d', + :owner => 'apache', + :group => 'apache' + ) } + it { should contain_file('/etc/httpd/modsecurity.d/activated_rules').with( + :ensure => 'directory', + :path => '/etc/httpd/modsecurity.d/activated_rules', + :owner => 'apache', + :group => 'apache' + ) } + it { should contain_file('/etc/httpd/modsecurity.d/security_crs.conf').with( + :path => '/etc/httpd/modsecurity.d/security_crs.conf' + ) } + it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } + end + + context "on Debian based systems" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/', + :lsbdistcodename => 'squeeze', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernel => 'Linux', + :is_pe => false, + } + end + it { should contain_apache__mod('security').with( + :id => 'security2_module', + :lib => 'mod_security2.so' + ) } + it { should contain_apache__mod('unique_id_module').with( + :id => 'unique_id_module', + :lib => 'mod_unique_id.so' + ) } + it { should contain_package('modsecurity-crs') } + it { should contain_file('security.conf').with( + :path => '/etc/apache2/mods-available/security.conf' + ) } + it { should contain_file('/etc/modsecurity').with( + :ensure => 'directory', + :path => '/etc/modsecurity', + :owner => 'www-data', + :group => 'www-data' + ) } + it { should contain_file('/etc/modsecurity/activated_rules').with( + :ensure => 'directory', + :path => '/etc/modsecurity/activated_rules', + :owner => 'www-data', + :group => 'www-data' + ) } + it { should contain_file('/etc/modsecurity/security_crs.conf').with( + :path => '/etc/modsecurity/security_crs.conf' + ) } + it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') } + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/shib_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/shib_spec.rb new file mode 100644 index 000000000..11193b276 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/shib_spec.rb @@ -0,0 +1,44 @@ +require 'spec_helper' + +describe 'apache::mod::shib', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { should contain_apache__mod('shib2').with_id('mod_shib') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :fqdn => 'test.example.com', + :is_pe => false, + } + end + describe 'with no parameters' do + it { should contain_apache__mod('shib2').with_id('mod_shib') } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/speling_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/speling_spec.rb new file mode 100644 index 000000000..b07af2589 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/speling_spec.rb @@ -0,0 +1,39 @@ +require 'spec_helper' + +describe 'apache::mod::speling', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod('speling') } + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_apache__mod('speling') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/ssl_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ssl_spec.rb new file mode 100644 index 000000000..0fd813d7e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/ssl_spec.rb @@ -0,0 +1,165 @@ +require 'spec_helper' + +describe 'apache::mod::ssl', :type => :class do + let :pre_condition do + 'include apache' + end + context 'on an unsupported OS' do + let :facts do + { + :osfamily => 'Magic', + :operatingsystemrelease => '0', + :concat_basedir => '/dne', + :operatingsystem => 'Magic', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { expect { catalogue }.to raise_error(Puppet::Error, /Unsupported osfamily:/) } + end + + context 'on a RedHat OS' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + it { is_expected.to contain_package('mod_ssl') } + context 'with a custom package_name parameter' do + let :params do + { :package_name => 'httpd24-mod_ssl' } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + it { is_expected.to contain_package('httpd24-mod_ssl') } + it { is_expected.not_to contain_package('mod_ssl') } + end + end + + context 'on a Debian OS' do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + it { is_expected.not_to contain_package('libapache2-mod-ssl') } + end + + context 'on a FreeBSD OS' do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + end + + context 'on a Gentoo OS' do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + end + + context 'on a Suse OS' do + let :facts do + { + :osfamily => 'Suse', + :operatingsystem => 'SLES', + :operatingsystemrelease => '11.2', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class('apache::params') } + it { is_expected.to contain_apache__mod('ssl') } + end + # Template config doesn't vary by distro + context "on all distros" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + context 'not setting ssl_pass_phrase_dialog' do + it { is_expected.to contain_file('ssl.conf').with_content(/^ SSLPassPhraseDialog builtin$/)} + end + + context 'setting ssl_pass_phrase_dialog' do + let :params do + { + :ssl_pass_phrase_dialog => 'exec:/path/to/program', + } + end + it { is_expected.to contain_file('ssl.conf').with_content(/^ SSLPassPhraseDialog exec:\/path\/to\/program$/)} + end + + context 'setting ssl_random_seed_bytes' do + let :params do + { + :ssl_random_seed_bytes => '1024', + } + end + it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLRandomSeed startup file:/dev/urandom 1024$})} + end + + context 'setting ssl_openssl_conf_cmd' do + let :params do + { + :ssl_openssl_conf_cmd => 'DHParameters "foo.pem"', + } + end + it { is_expected.to contain_file('ssl.conf').with_content(/^\s+SSLOpenSSLConfCmd DHParameters "foo.pem"$/)} + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/status_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/status_spec.rb new file mode 100644 index 000000000..e3b3d2442 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/status_spec.rb @@ -0,0 +1,206 @@ +require 'spec_helper' + +# Helper function for testing the contents of `status.conf` +def status_conf_spec(allow_from, extended_status, status_path) + it do + is_expected.to contain_file("status.conf").with_content( + "\n"\ + " SetHandler server-status\n"\ + " Order deny,allow\n"\ + " Deny from all\n"\ + " Allow from #{Array(allow_from).join(' ')}\n"\ + "\n"\ + "ExtendedStatus #{extended_status}\n"\ + "\n"\ + "\n"\ + " # Show Proxy LoadBalancer status in mod_status\n"\ + " ProxyStatus On\n"\ + "\n" + ) + end +end + +describe 'apache::mod::status', :type => :class do + let :pre_condition do + 'include apache' + end + + context "on a Debian OS with default params" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_apache__mod("status") } + + status_conf_spec(["127.0.0.1", "::1"], "On", "/server-status") + + it { is_expected.to contain_file("status.conf").with({ + :ensure => 'file', + :path => '/etc/apache2/mods-available/status.conf', + } ) } + + it { is_expected.to contain_file("status.conf symlink").with({ + :ensure => 'link', + :path => '/etc/apache2/mods-enabled/status.conf', + } ) } + + end + + context "on a RedHat OS with default params" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + it { is_expected.to contain_apache__mod("status") } + + status_conf_spec(["127.0.0.1", "::1"], "On", "/server-status") + + it { is_expected.to contain_file("status.conf").with_path("/etc/httpd/conf.d/status.conf") } + + end + + context "with custom parameters $allow_from => ['10.10.10.10','11.11.11.11'], $extended_status => 'Off', $status_path => '/custom-status'" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do + { + :allow_from => ['10.10.10.10','11.11.11.11'], + :extended_status => 'Off', + :status_path => '/custom-status', + } + end + + status_conf_spec(["10.10.10.10", "11.11.11.11"], "Off", "/custom-status") + + end + + context "with valid parameter type $allow_from => ['10.10.10.10']" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do + { :allow_from => ['10.10.10.10'] } + end + it 'should expect to succeed array validation' do + expect { + is_expected.to contain_file("status.conf") + }.not_to raise_error() + end + end + + context "with invalid parameter type $allow_from => '10.10.10.10'" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do + { :allow_from => '10.10.10.10' } + end + it 'should expect to fail array validation' do + expect { + is_expected.to contain_file("status.conf") + }.to raise_error(Puppet::Error) + end + end + + # Only On or Off are valid options + ['On', 'Off'].each do |valid_param| + context "with valid value $extended_status => '#{valid_param}'" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do + { :extended_status => valid_param } + end + it 'should expect to succeed regular expression validation' do + expect { + is_expected.to contain_file("status.conf") + }.not_to raise_error() + end + end + end + + ['Yes', 'No'].each do |invalid_param| + context "with invalid value $extended_status => '#{invalid_param}'" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do + { :extended_status => invalid_param } + end + it 'should expect to fail regular expression validation' do + expect { + is_expected.to contain_file("status.conf") + }.to raise_error(Puppet::Error) + end + end + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/suphp_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/suphp_spec.rb new file mode 100644 index 000000000..9b20000f3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/suphp_spec.rb @@ -0,0 +1,40 @@ +require 'spec_helper' + +describe 'apache::mod::suphp', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("libapache2-mod-suphp") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package("mod_suphp") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/worker_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/worker_spec.rb new file mode 100644 index 000000000..9d0d8e5e0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/worker_spec.rb @@ -0,0 +1,189 @@ +require 'spec_helper' + +describe 'apache::mod::worker', :type => :class do + let :pre_condition do + 'class { "apache": mpm_module => false, }' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.to contain_file("/etc/apache2/mods-available/worker.conf").with_ensure('file') } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/worker.conf").with_ensure('link') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.not_to contain_file("/etc/apache2/mods-available/worker.load") } + it { is_expected.not_to contain_file("/etc/apache2/mods-enabled/worker.load") } + + it { is_expected.to contain_package("apache2-mpm-worker") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.to contain_file("/etc/apache2/mods-available/worker.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n" + }) + } + it { is_expected.to contain_file("/etc/apache2/mods-enabled/worker.load").with_ensure('link') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.to contain_file("/etc/httpd/conf.d/worker.conf").with_ensure('file') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => '2.2', + } + end + + it { is_expected.to contain_file_line("/etc/sysconfig/httpd worker enable").with({ + 'require' => 'Package[httpd]', + }) + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => '2.4', + } + end + + it { is_expected.not_to contain_apache__mod('event') } + + it { is_expected.to contain_file("/etc/httpd/conf.d/worker.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n", + }) + } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.to contain_file("/usr/local/etc/apache24/Modules/worker.conf").with_ensure('file') } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.to contain_file("/etc/apache2/modules.d/worker.conf").with_ensure('file') } + end + + # Template config doesn't vary by distro + context "on all distros" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + context 'defaults' do + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ServerLimit\s+25$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+StartServers\s+2$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxClients\s+150$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MinSpareThreads\s+25$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxSpareThreads\s+75$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadsPerChild\s+25$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxRequestsPerChild\s+0$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadLimit\s+64$/) } + it { should contain_file("/etc/httpd/conf.d/worker.conf").with(:content => /^\s*ListenBacklog\s*511/) } + end + + context 'setting params' do + let :params do + { + :serverlimit => 10, + :startservers => 11, + :maxclients => 12, + :minsparethreads => 13, + :maxsparethreads => 14, + :threadsperchild => 15, + :maxrequestsperchild => 16, + :threadlimit => 17, + :listenbacklog => 8, + } + end + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ServerLimit\s+10$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+StartServers\s+11$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxClients\s+12$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MinSpareThreads\s+13$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxSpareThreads\s+14$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadsPerChild\s+15$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+MaxRequestsPerChild\s+16$/) } + it { should contain_file('/etc/httpd/conf.d/worker.conf').with(:content => /^\s+ThreadLimit\s+17$/) } + it { should contain_file("/etc/httpd/conf.d/worker.conf").with(:content => /^\s*ListenBacklog\s*8/) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/mod/wsgi_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/mod/wsgi_spec.rb new file mode 100644 index 000000000..5fe313acf --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/mod/wsgi_spec.rb @@ -0,0 +1,147 @@ +require 'spec_helper' + +describe 'apache::mod::wsgi', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class('apache::mod::wsgi').with( + 'wsgi_socket_prefix' => nil + ) + } + it { is_expected.to contain_package("libapache2-mod-wsgi") } + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class('apache::mod::wsgi').with( + 'wsgi_socket_prefix' => '/var/run/wsgi' + ) + } + it { is_expected.to contain_package("mod_wsgi") } + + describe "with custom WSGISocketPrefix" do + let :params do + { :wsgi_socket_prefix => 'run/wsgi' } + end + it {is_expected.to contain_file('wsgi.conf').with_content(/^ WSGISocketPrefix run\/wsgi$/)} + end + describe "with custom WSGIPythonHome" do + let :params do + { :wsgi_python_home => '/path/to/virtenv' } + end + it {is_expected.to contain_file('wsgi.conf').with_content(/^ WSGIPythonHome "\/path\/to\/virtenv"$/)} + end + describe "with custom package_name and mod_path" do + let :params do + { + :package_name => 'mod_wsgi_package', + :mod_path => '/foo/bar/baz', + } + end + it { is_expected.to contain_apache__mod('wsgi').with({ + 'package' => 'mod_wsgi_package', + 'path' => '/foo/bar/baz', + }) + } + it { is_expected.to contain_package("mod_wsgi_package") } + it { is_expected.to contain_file('wsgi.load').with_content(%r"LoadModule wsgi_module /foo/bar/baz") } + end + describe "with custom mod_path not containing /" do + let :params do + { + :package_name => 'mod_wsgi_package', + :mod_path => 'wsgi_mod_name.so', + } + end + it { is_expected.to contain_apache__mod('wsgi').with({ + 'path' => 'modules/wsgi_mod_name.so', + 'package' => 'mod_wsgi_package', + }) + } + it { is_expected.to contain_file('wsgi.load').with_content(%r"LoadModule wsgi_module modules/wsgi_mod_name.so") } + + end + describe "with package_name but no mod_path" do + let :params do + { + :mod_path => '/foo/bar/baz', + } + end + it { expect { catalogue }.to raise_error Puppet::Error, /apache::mod::wsgi - both package_name and mod_path must be specified!/ } + end + describe "with mod_path but no package_name" do + let :params do + { + :package_name => '/foo/bar/baz', + } + end + it { expect { catalogue }.to raise_error Puppet::Error, /apache::mod::wsgi - both package_name and mod_path must be specified!/ } + end + end + context "on a FreeBSD OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class('apache::mod::wsgi').with( + 'wsgi_socket_prefix' => nil + ) + } + it { is_expected.to contain_package("www/mod_wsgi") } + end + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_class('apache::mod::wsgi').with( + 'wsgi_socket_prefix' => nil + ) + } + it { is_expected.to contain_package("www-apache/mod_wsgi") } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/params_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/params_spec.rb new file mode 100644 index 000000000..d02209497 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/params_spec.rb @@ -0,0 +1,24 @@ +require 'spec_helper' + +describe 'apache::params', :type => :class do + context "On a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_apache__params } + + it "Should not contain any resources" do + should have_resource_count(0) + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/classes/service_spec.rb b/modules/services/unix/http/apache/module/apache/spec/classes/service_spec.rb new file mode 100644 index 000000000..f53937a7f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/classes/service_spec.rb @@ -0,0 +1,173 @@ +require 'spec_helper' + +describe 'apache::service', :type => :class do + let :pre_condition do + 'include apache::params' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_service("httpd").with( + 'name' => 'apache2', + 'ensure' => 'running', + 'enable' => 'true' + ) + } + + context "with $service_name => 'foo'" do + let (:params) {{ :service_name => 'foo' }} + it { is_expected.to contain_service("httpd").with( + 'name' => 'foo' + ) + } + end + + context "with $service_enable => true" do + let (:params) {{ :service_enable => true }} + it { is_expected.to contain_service("httpd").with( + 'name' => 'apache2', + 'ensure' => 'running', + 'enable' => 'true' + ) + } + end + + context "with $service_enable => false" do + let (:params) {{ :service_enable => false }} + it { is_expected.to contain_service("httpd").with( + 'name' => 'apache2', + 'ensure' => 'running', + 'enable' => 'false' + ) + } + end + + context "$service_enable must be a bool" do + let (:params) {{ :service_enable => 'not-a-boolean' }} + + it 'should fail' do + expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + + context "$service_manage must be a bool" do + let (:params) {{ :service_manage => 'not-a-boolean' }} + + it 'should fail' do + expect { catalogue }.to raise_error(Puppet::Error, /is not a boolean/) + end + end + + context "with $service_ensure => 'running'" do + let (:params) {{ :service_ensure => 'running', }} + it { is_expected.to contain_service("httpd").with( + 'ensure' => 'running', + 'enable' => 'true' + ) + } + end + + context "with $service_ensure => 'stopped'" do + let (:params) {{ :service_ensure => 'stopped', }} + it { is_expected.to contain_service("httpd").with( + 'ensure' => 'stopped', + 'enable' => 'true' + ) + } + end + + context "with $service_ensure => 'UNDEF'" do + let (:params) {{ :service_ensure => 'UNDEF' }} + it { is_expected.to contain_service("httpd").without_ensure } + end + + context "with $service_restart unset" do + it { is_expected.to contain_service("httpd").without_restart } + end + + context "with $service_restart => '/usr/sbin/apachectl graceful'" do + let (:params) {{ :service_restart => '/usr/sbin/apachectl graceful' }} + it { is_expected.to contain_service("httpd").with( + 'restart' => '/usr/sbin/apachectl graceful' + ) + } + end + end + + + context "on a RedHat 5 OS, do not manage service" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '5', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let(:params) do + { + 'service_ensure' => 'running', + 'service_name' => 'httpd', + 'service_manage' => false + } + end + it { is_expected.not_to contain_service('httpd') } + end + + context "on a FreeBSD 5 OS" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { is_expected.to contain_service("httpd").with( + 'name' => 'apache24', + 'ensure' => 'running', + 'enable' => 'true' + ) + } + end + + context "on a Gentoo OS" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + it { is_expected.to contain_service("httpd").with( + 'name' => 'apache2', + 'ensure' => 'running', + 'enable' => 'true' + ) + } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/balancermember_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/balancermember_spec.rb new file mode 100644 index 000000000..0322d308e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/balancermember_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' + +describe 'apache::balancermember', :type => :define do + let :pre_condition do + 'include apache + apache::balancer {"balancer":} + apache::balancer {"balancer-external":} + apache::balancermember {"http://127.0.0.1:8080-external": url => "http://127.0.0.1:8080/", balancer_cluster => "balancer-external"} + ' + end + let :title do + 'http://127.0.0.1:8080/' + end + let :params do + { + :options => [], + :url => 'http://127.0.0.1:8080/', + :balancer_cluster => 'balancer-internal' + } + end + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :lsbdistcodename => 'squeeze', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernel => 'Linux', + :is_pe => false, + } + end + describe "allows multiple balancermembers with the same url" do + it { should contain_concat__fragment('BalancerMember http://127.0.0.1:8080/') } + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/custom_config_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/custom_config_spec.rb new file mode 100644 index 000000000..7d566b071 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/custom_config_spec.rb @@ -0,0 +1,138 @@ +require 'spec_helper' + +describe 'apache::custom_config', :type => :define do + let :pre_condition do + 'class { "apache": }' + end + let :title do + 'rspec' + end + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'defaults with content' do + let :params do + { + 'content' => '# Test', + } + end + it { is_expected.to contain_exec("syntax verification for rspec").with({ + 'refreshonly' => 'true', + 'subscribe' => 'File[apache_rspec]', + 'command' => '/usr/sbin/apachectl -t', + 'notify' => 'Class[Apache::Service]', + 'before' => 'Exec[remove rspec if invalid]', + }) + } + it { is_expected.to contain_exec("remove rspec if invalid").with({ + 'unless' => '/usr/sbin/apachectl -t', + 'subscribe' => 'File[apache_rspec]', + 'refreshonly' => 'true', + }) + } + it { is_expected.to contain_file("apache_rspec").with({ + 'ensure' => 'present', + 'content' => '# Test', + 'require' => 'Package[httpd]', + }) + } + end + context 'set everything with source' do + let :params do + { + 'confdir' => '/dne', + 'priority' => '30', + 'source' => 'puppet:///modules/apache/test', + 'verify_command' => '/bin/true', + } + end + it { is_expected.to contain_exec("syntax verification for rspec").with({ + 'command' => '/bin/true', + }) + } + it { is_expected.to contain_exec("remove rspec if invalid").with({ + 'command' => '/bin/rm /dne/30-rspec.conf', + 'unless' => '/bin/true', + }) + } + it { is_expected.to contain_file("apache_rspec").with({ + 'path' => '/dne/30-rspec.conf', + 'ensure' => 'present', + 'source' => 'puppet:///modules/apache/test', + 'require' => 'Package[httpd]', + }) + } + end + context 'verify_config => false' do + let :params do + { + 'content' => '# test', + 'verify_config' => false, + } + end + it { is_expected.to_not contain_exec('syntax verification for rspec') } + it { is_expected.to_not contain_exec('remove rspec if invalid') } + it { is_expected.to contain_file('apache_rspec').with({ + 'notify' => 'Class[Apache::Service]' + }) + } + end + context 'ensure => absent' do + let :params do + { + 'ensure' => 'absent' + } + end + it { is_expected.to_not contain_exec('syntax verification for rspec') } + it { is_expected.to_not contain_exec('remove rspec if invalid') } + it { is_expected.to contain_file('apache_rspec').with({ + 'ensure' => 'absent', + }) + } + end + describe 'validation' do + context 'both content and source' do + let :params do + { + 'content' => 'foo', + 'source' => 'bar', + } + end + it do + expect { + catalogue + }.to raise_error(Puppet::Error, /Only one of \$content and \$source can be specified\./) + end + end + context 'neither content nor source' do + it do + expect { + catalogue + }.to raise_error(Puppet::Error, /One of \$content and \$source must be specified\./) + end + end + context 'bad ensure' do + let :params do + { + 'content' => 'foo', + 'ensure' => 'foo', + } + end + it do + expect { + catalogue + }.to raise_error(Puppet::Error, /is not supported for ensure/) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/fastcgi_server_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/fastcgi_server_spec.rb new file mode 100644 index 000000000..1a6d3199c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/fastcgi_server_spec.rb @@ -0,0 +1,133 @@ +require 'spec_helper' + +describe 'apache::fastcgi::server', :type => :define do + let :pre_condition do + 'include apache' + end + let :title do + 'www' + end + describe 'os-dependent items' do + context "on RedHat based systems" do + let :default_facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '6', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :facts do default_facts end + it { should contain_class("apache") } + it { should contain_class("apache::mod::fastcgi") } + it { should contain_file("fastcgi-pool-#{title}.conf").with( + :ensure => 'present', + :path => "/etc/httpd/conf.d/fastcgi-pool-#{title}.conf" + ) } + end + context "on Debian based systems" do + let :default_facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :lsbdistcodename => 'squeeze', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :facts do default_facts end + it { should contain_class("apache") } + it { should contain_class("apache::mod::fastcgi") } + it { should contain_file("fastcgi-pool-#{title}.conf").with( + :ensure => 'present', + :path => "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf" + ) } + end + context "on FreeBSD systems" do + let :default_facts do + { + :osfamily => 'FreeBSD', + :operatingsystem => 'FreeBSD', + :operatingsystemrelease => '9', + :kernel => 'FreeBSD', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :facts do default_facts end + it { should contain_class("apache") } + it { should contain_class("apache::mod::fastcgi") } + it { should contain_file("fastcgi-pool-#{title}.conf").with( + :ensure => 'present', + :path => "/usr/local/etc/apache24/Includes/fastcgi-pool-#{title}.conf" + ) } + end + context "on Gentoo systems" do + let :default_facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :kernel => 'Linux', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + let :facts do default_facts end + it { should contain_class("apache") } + it { should contain_class("apache::mod::fastcgi") } + it { should contain_file("fastcgi-pool-#{title}.conf").with( + :ensure => 'present', + :path => "/etc/apache2/conf.d/fastcgi-pool-#{title}.conf" + ) } + end + end + describe 'os-independent items' do + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :lsbdistcodename => 'squeeze', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/dne', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + describe ".conf content" do + let :params do + { + :host => '127.0.0.1:9001', + :timeout => 30, + :flush => true, + :faux_path => '/var/www/php-www.fcgi', + :fcgi_alias => '/php-www.fcgi', + :file_type => 'application/x-httpd-php' + } + end + let :expected do +'FastCGIExternalServer /var/www/php-www.fcgi -idle-timeout 30 -flush -host 127.0.0.1:9001 +Alias /php-www.fcgi /var/www/php-www.fcgi +Action application/x-httpd-php /php-www.fcgi +' + end + it do + should contain_file("fastcgi-pool-www.conf").with_content(expected) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/mod_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/mod_spec.rb new file mode 100644 index 000000000..1697190a3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/mod_spec.rb @@ -0,0 +1,166 @@ +require 'spec_helper' + +describe 'apache::mod', :type => :define do + let :pre_condition do + 'include apache' + end + context "on a RedHat osfamily" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + describe "for non-special modules" do + let :title do + 'spec_m' + end + it { is_expected.to contain_class("apache::params") } + it "should manage the module load file" do + is_expected.to contain_file('spec_m.load').with({ + :path => '/etc/httpd/conf.d/spec_m.load', + :content => "LoadModule spec_m_module modules/mod_spec_m.so\n", + :owner => 'root', + :group => 'root', + :mode => '0644', + } ) + end + end + + describe "with file_mode set" do + let :pre_condition do + "class {'::apache': file_mode => '0640'}" + end + let :title do + 'spec_m' + end + it "should manage the module load file" do + is_expected.to contain_file('spec_m.load').with({ + :mode => '0640', + } ) + end + end + + describe "with shibboleth module and package param passed" do + # name/title for the apache::mod define + let :title do + 'xsendfile' + end + # parameters + let(:params) { {:package => 'mod_xsendfile'} } + + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_package('mod_xsendfile') } + end + end + + context "on a Debian osfamily" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + describe "for non-special modules" do + let :title do + 'spec_m' + end + it { is_expected.to contain_class("apache::params") } + it "should manage the module load file" do + is_expected.to contain_file('spec_m.load').with({ + :path => '/etc/apache2/mods-available/spec_m.load', + :content => "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", + :owner => 'root', + :group => 'root', + :mode => '0644', + } ) + end + it "should link the module load file" do + is_expected.to contain_file('spec_m.load symlink').with({ + :path => '/etc/apache2/mods-enabled/spec_m.load', + :target => '/etc/apache2/mods-available/spec_m.load', + :owner => 'root', + :group => 'root', + :mode => '0644', + } ) + end + end + end + + context "on a FreeBSD osfamily" do + let :facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + + describe "for non-special modules" do + let :title do + 'spec_m' + end + it { is_expected.to contain_class("apache::params") } + it "should manage the module load file" do + is_expected.to contain_file('spec_m.load').with({ + :path => '/usr/local/etc/apache24/Modules/spec_m.load', + :content => "LoadModule spec_m_module /usr/local/libexec/apache24/mod_spec_m.so\n", + :owner => 'root', + :group => 'wheel', + :mode => '0644', + } ) + end + end + end + + context "on a Gentoo osfamily" do + let :facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + + describe "for non-special modules" do + let :title do + 'spec_m' + end + it { is_expected.to contain_class("apache::params") } + it "should manage the module load file" do + is_expected.to contain_file('spec_m.load').with({ + :path => '/etc/apache2/modules.d/spec_m.load', + :content => "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", + :owner => 'root', + :group => 'wheel', + :mode => '0644', + } ) + end + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/modsec_link_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/modsec_link_spec.rb new file mode 100644 index 000000000..a5b4c5390 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/modsec_link_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +describe 'apache::security::rule_link', :type => :define do + let :pre_condition do + 'class { "apache": } + class { "apache::mod::security": activated_rules => [] } + ' + end + + let :title do + 'base_rules/modsecurity_35_bad_robots.data' + end + + context "on RedHat based systems" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + :operatingsystemrelease => '7', + :kernel => 'Linux', + :id => 'root', + :concat_basedir => '/', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + it { should contain_file('modsecurity_35_bad_robots.data').with( + :path => '/etc/httpd/modsecurity.d/activated_rules/modsecurity_35_bad_robots.data', + :target => '/usr/lib/modsecurity.d/base_rules/modsecurity_35_bad_robots.data' + ) } + end + + context "on Debian based systems" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/', + :lsbdistcodename => 'squeeze', + :id => 'root', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernel => 'Linux', + :is_pe => false, + } + end + it { should contain_file('modsecurity_35_bad_robots.data').with( + :path => '/etc/modsecurity/activated_rules/modsecurity_35_bad_robots.data', + :target => '/usr/share/modsecurity-crs/base_rules/modsecurity_35_bad_robots.data' + ) } + end + +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/vhost_custom_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/vhost_custom_spec.rb new file mode 100644 index 000000000..804be86b8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/vhost_custom_spec.rb @@ -0,0 +1,99 @@ +require 'spec_helper' + +describe 'apache::vhost::custom', :type => :define do + let :title do + 'rspec.example.com' + end + let :default_params do + { + :content => 'foobar' + } + end + describe 'os-dependent items' do + context "on RedHat based systems" do + let :default_facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :operatingsystem => 'RedHat', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + end + context "on Debian based systems" do + let :default_facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_file("apache_rspec.example.com").with( + :ensure => 'present', + :content => 'foobar', + :path => '/etc/apache2/sites-available/25-rspec.example.com.conf', + ) } + it { is_expected.to contain_file("25-rspec.example.com.conf symlink").with( + :ensure => 'link', + :path => '/etc/apache2/sites-enabled/25-rspec.example.com.conf', + :target => '/etc/apache2/sites-available/25-rspec.example.com.conf' + ) } + end + context "on FreeBSD systems" do + let :default_facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :operatingsystem => 'FreeBSD', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_file("apache_rspec.example.com").with( + :ensure => 'present', + :content => 'foobar', + :path => '/usr/local/etc/apache24/Vhosts/25-rspec.example.com.conf', + ) } + end + context "on Gentoo systems" do + let :default_facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_file("apache_rspec.example.com").with( + :ensure => 'present', + :content => 'foobar', + :path => '/etc/apache2/vhosts.d/25-rspec.example.com.conf', + ) } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/defines/vhost_spec.rb b/modules/services/unix/http/apache/module/apache/spec/defines/vhost_spec.rb new file mode 100644 index 000000000..e6456ae26 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/defines/vhost_spec.rb @@ -0,0 +1,1151 @@ +require 'spec_helper' + +describe 'apache::vhost', :type => :define do + let :pre_condition do + 'class { "apache": default_vhost => false, default_mods => false, vhost_enable_dir => "/etc/apache2/sites-enabled"}' + end + let :title do + 'rspec.example.com' + end + let :default_params do + { + :docroot => '/rspec/docroot', + :port => '84', + } + end + describe 'os-dependent items' do + context "on RedHat based systems" do + let :default_facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_class("apache") } + it { is_expected.to contain_class("apache::params") } + end + context "on Debian based systems" do + let :default_facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_class("apache") } + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_concat("25-rspec.example.com.conf").with( + :ensure => 'present', + :path => '/etc/apache2/sites-available/25-rspec.example.com.conf' + ) } + it { is_expected.to contain_file("25-rspec.example.com.conf symlink").with( + :ensure => 'link', + :path => '/etc/apache2/sites-enabled/25-rspec.example.com.conf', + :target => '/etc/apache2/sites-available/25-rspec.example.com.conf' + ) } + end + context "on FreeBSD systems" do + let :default_facts do + { + :osfamily => 'FreeBSD', + :operatingsystemrelease => '9', + :concat_basedir => '/dne', + :operatingsystem => 'FreeBSD', + :id => 'root', + :kernel => 'FreeBSD', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_class("apache") } + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_concat("25-rspec.example.com.conf").with( + :ensure => 'present', + :path => '/usr/local/etc/apache24/Vhosts/25-rspec.example.com.conf' + ) } + end + context "on Gentoo systems" do + let :default_facts do + { + :osfamily => 'Gentoo', + :operatingsystem => 'Gentoo', + :operatingsystemrelease => '3.16.1-gentoo', + :concat_basedir => '/dne', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin', + :is_pe => false, + } + end + let :params do default_params end + let :facts do default_facts end + it { is_expected.to contain_class("apache") } + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_concat("25-rspec.example.com.conf").with( + :ensure => 'present', + :path => '/etc/apache2/vhosts.d/25-rspec.example.com.conf' + ) } + end + end + describe 'os-independent items' do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :lsbdistcodename => 'squeeze', + :operatingsystem => 'Debian', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + describe 'basic assumptions' do + let :params do default_params end + it { is_expected.to contain_class("apache") } + it { is_expected.to contain_class("apache::params") } + it { is_expected.to contain_apache__listen(params[:port]) } + it { is_expected.to contain_apache__namevirtualhost("*:#{params[:port]}") } + end + context 'set everything!' do + let :params do + { + 'docroot' => '/var/www/foo', + 'manage_docroot' => false, + 'virtual_docroot' => true, + 'port' => '8080', + 'ip' => '127.0.0.1', + 'ip_based' => true, + 'add_listen' => false, + 'docroot_owner' => 'user', + 'docroot_group' => 'wheel', + 'docroot_mode' => '0664', + 'serveradmin' => 'foo@localhost', + 'ssl' => true, + 'ssl_cert' => '/ssl/cert', + 'ssl_key' => '/ssl/key', + 'ssl_chain' => '/ssl/chain', + 'ssl_crl_path' => '/ssl/crl', + 'ssl_crl' => 'foo.crl', + 'ssl_certs_dir' => '/ssl/certs', + 'ssl_protocol' => 'SSLv2', + 'ssl_cipher' => 'HIGH', + 'ssl_honorcipherorder' => 'Off', + 'ssl_verify_client' => 'optional', + 'ssl_verify_depth' => '3', + 'ssl_options' => '+ExportCertData', + 'ssl_openssl_conf_cmd' => 'DHParameters "foo.pem"', + 'ssl_proxy_verify' => 'require', + 'ssl_proxy_check_peer_cn' => 'on', + 'ssl_proxy_check_peer_name' => 'on', + 'ssl_proxyengine' => true, + + 'priority' => '30', + 'default_vhost' => true, + 'servername' => 'example.com', + 'serveraliases' => ['test-example.com'], + 'options' => ['MultiView'], + 'override' => ['All'], + 'directoryindex' => 'index.html', + 'vhost_name' => 'test', + 'logroot' => '/var/www/logs', + 'logroot_ensure' => 'directory', + 'logroot_mode' => '0600', + 'log_level' => 'crit', + 'access_log' => false, + 'access_log_file' => 'httpd_access_log', + 'access_log_syslog' => true, + 'access_log_format' => '%h %l %u %t \"%r\" %>s %b', + 'access_log_env_var' => '', + 'aliases' => '/image', + 'directories' => [ + { + 'path' => '/var/www/files', + 'provider' => 'files', + 'require' => [ 'valid-user', 'all denied', ], + }, + { + 'path' => '/var/www/files', + 'provider' => 'files', + 'require' => 'all granted', + }, + { + 'path' => '*', + 'provider' => 'proxy', + }, + { 'path' => '/var/www/files/indexed_directory', + 'directoryindex' => 'disabled', + 'options' => ['Indexes','FollowSymLinks','MultiViews'], + 'index_options' => ['FancyIndexing'], + 'index_style_sheet' => '/styles/style.css', + }, + { 'path' => '/var/www/files/output_filtered', + 'set_output_filter' => 'output_filter', + }, + ], + 'error_log' => false, + 'error_log_file' => 'httpd_error_log', + 'error_log_syslog' => true, + 'error_documents' => 'true', + 'fallbackresource' => '/index.php', + 'scriptalias' => '/usr/lib/cgi-bin', + 'scriptaliases' => [ + { + 'alias' => '/myscript', + 'path' => '/usr/share/myscript', + }, + { + 'aliasmatch' => '^/foo(.*)', + 'path' => '/usr/share/fooscripts$1', + }, + ], + 'proxy_dest' => '/', + 'proxy_pass' => [ + { + 'path' => '/a', + 'url' => 'http://backend-a/', + 'keywords' => ['noquery', 'interpolate'], + 'reverse_cookies' => [ + { + 'path' => '/a', + 'url' => 'http://backend-a/', + }, + { + 'domain' => 'foo', + 'url' => 'http://foo', + } + ], + 'params' => { + 'retry' => '0', + 'timeout' => '5' + }, + 'options' => { + 'Require' =>'valid-user', + 'AuthType' =>'Kerberos', + 'AuthName' =>'"Kerberos Login"' + }, + 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1'], + } + ], + 'proxy_pass_match' => [ + { + 'path' => '/a', + 'url' => 'http://backend-a/', + 'keywords' => ['noquery', 'interpolate'], + 'params' => { + 'retry' => '0', + 'timeout' => '5' + }, + 'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1'], + } + ], + 'suphp_addhandler' => 'foo', + 'suphp_engine' => 'on', + 'suphp_configpath' => '/var/www/html', + 'php_admin_flags' => ['foo', 'bar'], + 'php_admin_values' => ['true', 'false'], + 'no_proxy_uris' => '/foo', + 'no_proxy_uris_match' => '/foomatch', + 'proxy_preserve_host' => true, + 'proxy_error_override' => true, + 'redirect_source' => '/bar', + 'redirect_dest' => '/', + 'redirect_status' => 'temp', + 'redirectmatch_status' => ['404'], + 'redirectmatch_regexp' => ['\.git$'], + 'redirectmatch_dest' => ['http://www.example.com'], + 'rack_base_uris' => ['/rackapp1'], + 'passenger_base_uris' => ['/passengerapp1'], + 'headers' => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', + 'request_headers' => ['append MirrorID "mirror 12"'], + 'rewrites' => [ + { + 'rewrite_rule' => ['^index\.html$ welcome.html'] + } + ], + 'filters' => [ + 'FilterDeclare COMPRESS', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/css', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/plain', + 'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/xml', + 'FilterChain COMPRESS', + 'FilterProtocol COMPRESS DEFLATE change=yes;byteranges=no', + ], + 'rewrite_base' => '/', + 'rewrite_rule' => '^index\.html$ welcome.html', + 'rewrite_cond' => '%{HTTP_USER_AGENT} ^MSIE', + 'setenv' => ['FOO=/bin/true'], + 'setenvif' => 'Request_URI "\.gif$" object_is_image=gif', + 'block' => 'scm', + 'wsgi_application_group' => '%{GLOBAL}', + 'wsgi_daemon_process' => 'wsgi', + 'wsgi_daemon_process_options' => { + 'processes' => '2', + 'threads' => '15', + 'display-name' => '%{GROUP}', + }, + 'wsgi_import_script' => '/var/www/demo.wsgi', + 'wsgi_import_script_options' => { + 'process-group' => 'wsgi', + 'application-group' => '%{GLOBAL}' + }, + 'wsgi_process_group' => 'wsgi', + 'wsgi_script_aliases' => { + '/' => '/var/www/demo.wsgi' + }, + 'wsgi_pass_authorization' => 'On', + 'custom_fragment' => '#custom string', + 'itk' => { + 'user' => 'someuser', + 'group' => 'somegroup' + }, + 'wsgi_chunked_request' => 'On', + 'action' => 'foo', + 'fastcgi_server' => 'localhost', + 'fastcgi_socket' => '/tmp/fastcgi.socket', + 'fastcgi_dir' => '/tmp', + 'additional_includes' => '/custom/path/includes', + 'apache_version' => '2.4', + 'use_optional_includes' => true, + 'suexec_user_group' => 'root root', + 'allow_encoded_slashes' => 'nodecode', + 'passenger_app_root' => '/usr/share/myapp', + 'passenger_app_env' => 'test', + 'passenger_ruby' => '/usr/bin/ruby1.9.1', + 'passenger_min_instances' => '1', + 'passenger_start_timeout' => '600', + 'passenger_pre_start' => 'http://localhost/myapp', + 'add_default_charset' => 'UTF-8', + 'auth_kerb' => true, + 'krb_method_negotiate' => 'off', + 'krb_method_k5passwd' => 'off', + 'krb_authoritative' => 'off', + 'krb_auth_realms' => ['EXAMPLE.ORG','EXAMPLE.NET'], + 'krb_5keytab' => '/tmp/keytab5', + 'krb_local_user_mapping' => 'off' + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.6.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to_not contain_file('/var/www/foo') } + it { is_expected.to contain_class('apache::mod::ssl') } + it { is_expected.to contain_file('ssl.conf').with( + :content => /^\s+SSLHonorCipherOrder On$/ ) } + it { is_expected.to contain_file('ssl.conf').with( + :content => /^\s+SSLPassPhraseDialog builtin$/ ) } + it { is_expected.to contain_file('ssl.conf').with( + :content => /^\s+SSLSessionCacheTimeout 300$/ ) } + it { is_expected.to contain_class('apache::mod::mime') } + it { is_expected.to contain_class('apache::mod::vhost_alias') } + it { is_expected.to contain_class('apache::mod::wsgi') } + it { is_expected.to contain_class('apache::mod::suexec') } + it { is_expected.to contain_class('apache::mod::passenger') } + it { is_expected.to contain_file('/var/www/logs').with({ + 'ensure' => 'directory', + 'mode' => '0600', + }) + } + it { is_expected.to contain_class('apache::mod::rewrite') } + it { is_expected.to contain_class('apache::mod::alias') } + it { is_expected.to contain_class('apache::mod::proxy') } + it { is_expected.to contain_class('apache::mod::proxy_http') } + it { is_expected.to contain_class('apache::mod::passenger') } + it { is_expected.to contain_class('apache::mod::passenger') } + it { is_expected.to contain_class('apache::mod::fastcgi') } + it { is_expected.to contain_class('apache::mod::headers') } + it { is_expected.to contain_class('apache::mod::filter') } + it { is_expected.to contain_class('apache::mod::setenvif') } + it { is_expected.to contain_concat('30-rspec.example.com.conf').with({ + 'owner' => 'root', + 'mode' => '0644', + 'require' => 'Package[httpd]', + 'notify' => 'Class[Apache::Service]', + }) + } + it { is_expected.to contain_file('30-rspec.example.com.conf symlink').with({ + 'ensure' => 'link', + 'path' => '/etc/apache2/sites-enabled/30-rspec.example.com.conf', + }) + } + it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } + it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } + it { is_expected.to contain_concat__fragment('rspec.example.com-aliases') } + it { is_expected.to contain_concat__fragment('rspec.example.com-itk') } + it { is_expected.to contain_concat__fragment('rspec.example.com-fallbackresource') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Require valid-user$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Require all denied$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Require all granted$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Options\sIndexes\sFollowSymLinks\sMultiViews$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+IndexOptions\sFancyIndexing$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+IndexStyleSheet\s'\/styles\/style\.css'$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+DirectoryIndex\sdisabled$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+SetOutputFilter\soutput_filter$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-additional_includes') } + it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } + it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-access_log') } + it { is_expected.to contain_concat__fragment('rspec.example.com-action') } + it { is_expected.to contain_concat__fragment('rspec.example.com-block') } + it { is_expected.to contain_concat__fragment('rspec.example.com-error_document') } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /retry=0/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /timeout=5/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /SetEnv force-proxy-request-1.0 1/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /SetEnv proxy-nokeepalive 1/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /noquery interpolate/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /ProxyPassReverseCookiePath\s+\/a\s+http:\/\//) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /ProxyPassReverseCookieDomain\s+foo\s+http:\/\/foo/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /Require valid-user/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /AuthType Kerberos/) } + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /AuthName "Kerberos Login"/) } + + it { is_expected.to contain_concat__fragment('rspec.example.com-rack') } + it { is_expected.to contain_concat__fragment('rspec.example.com-redirect') } + it { is_expected.to contain_concat__fragment('rspec.example.com-rewrite') } + it { is_expected.to contain_concat__fragment('rspec.example.com-scriptalias') } + it { is_expected.to contain_concat__fragment('rspec.example.com-serveralias') } + it { is_expected.to contain_concat__fragment('rspec.example.com-setenv') } + it { is_expected.to contain_concat__fragment('rspec.example.com-ssl') } + it { is_expected.to contain_concat__fragment('rspec.example.com-ssl').with( + :content => /^\s+SSLOpenSSLConfCmd\s+DHParameters "foo.pem"$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } + it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( + :content => /^\s+SSLProxyEngine On$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( + :content => /^\s+SSLProxyCheckPeerCN\s+on$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy').with( + :content => /^\s+SSLProxyCheckPeerName\s+on$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-suphp') } + it { is_expected.to contain_concat__fragment('rspec.example.com-php_admin') } + it { is_expected.to contain_concat__fragment('rspec.example.com-header') } + it { is_expected.to contain_concat__fragment('rspec.example.com-filters').with( + :content => /^\s+FilterDeclare COMPRESS$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-requestheader') } + it { is_expected.to contain_concat__fragment('rspec.example.com-wsgi') } + it { is_expected.to contain_concat__fragment('rspec.example.com-custom_fragment') } + it { is_expected.to contain_concat__fragment('rspec.example.com-fastcgi') } + it { is_expected.to contain_concat__fragment('rspec.example.com-suexec') } + it { is_expected.to contain_concat__fragment('rspec.example.com-allow_encoded_slashes') } + it { is_expected.to contain_concat__fragment('rspec.example.com-passenger') } + it { is_expected.to contain_concat__fragment('rspec.example.com-charsets') } + it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbMethodNegotiate\soff$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbAuthoritative\soff$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbAuthRealms\sEXAMPLE.ORG\sEXAMPLE.NET$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+Krb5Keytab\s\/tmp\/keytab5$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbLocalUserMapping\soff$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbServiceName\sHTTP$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbSaveCredentials\soff$/)} + it { is_expected.to contain_concat__fragment('rspec.example.com-auth_kerb').with( + :content => /^\s+KrbVerifyKDC\son$/)} + end + context 'vhost with multiple ip addresses' do + let :params do + { + 'port' => '80', + 'ip' => ['127.0.0.1','::1'], + 'ip_based' => true, + 'servername' => 'example.com', + 'docroot' => '/var/www/html', + 'add_listen' => true, + 'ensure' => 'present' + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.6.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( + :content => /[.\/m]*[.\/m]*$/ ) } + it { is_expected.to contain_concat__fragment('Listen 127.0.0.1:80') } + it { is_expected.to contain_concat__fragment('Listen [::1]:80') } + it { is_expected.to_not contain_concat__fragment('NameVirtualHost 127.0.0.1:80') } + it { is_expected.to_not contain_concat__fragment('NameVirtualHost [::1]:80') } + end + + context 'vhost with ipv6 address' do + let :params do + { + 'port' => '80', + 'ip' => '::1', + 'ip_based' => true, + 'servername' => 'example.com', + 'docroot' => '/var/www/html', + 'add_listen' => true, + 'ensure' => 'present' + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.6.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( + :content => /[.\/m]*[.\/m]*$/ ) } + it { is_expected.to contain_concat__fragment('Listen [::1]:80') } + it { is_expected.to_not contain_concat__fragment('NameVirtualHost [::1]:80') } + end + + context 'vhost with wildcard ip address' do + let :params do + { + 'port' => '80', + 'ip' => '*', + 'ip_based' => true, + 'servername' => 'example.com', + 'docroot' => '/var/www/html', + 'add_listen' => true, + 'ensure' => 'present' + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.6.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header').with( + :content => /[.\/m]*[.\/m]*$/ ) } + it { is_expected.to contain_concat__fragment('Listen *:80') } + it { is_expected.to_not contain_concat__fragment('NameVirtualHost *:80') } + end + + context 'set only aliases' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'aliases' => [ + { + 'alias' => '/alias', + 'path' => '/rspec/docroot', + }, + ] + } + end + it { is_expected.to contain_class('apache::mod::alias')} + end + context 'proxy_pass_match' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'proxy_pass_match' => [ + { + 'path' => '.*', + 'url' => 'http://backend-a/', + 'params' => { 'timeout' => 300 }, + } + ], + } + end + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content( + /ProxyPassMatch .* http:\/\/backend-a\/ timeout=300/).with_content(/## Proxy rules/) } + end + context 'proxy_dest_match' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'proxy_dest_match' => '/' + } + end + it { is_expected.to contain_concat__fragment('rspec.example.com-proxy').with_content(/## Proxy rules/) } + end + context 'not everything can be set together...' do + let :params do + { + 'access_log_pipe' => '/dev/null', + 'error_log_pipe' => '/dev/null', + 'docroot' => '/var/www/foo', + 'ensure' => 'absent', + 'manage_docroot' => true, + 'logroot' => '/tmp/logroot', + 'logroot_ensure' => 'absent', + 'directories' => [ + { + 'path' => '/var/www/files', + 'provider' => 'files', + 'allow' => [ 'from 127.0.0.1', 'from 127.0.0.2', ], + 'deny' => [ 'from 127.0.0.3', 'from 127.0.0.4', ], + 'satisfy' => 'any', + }, + { + 'path' => '/var/www/foo', + 'provider' => 'files', + 'allow' => 'from 127.0.0.5', + 'deny' => 'from all', + 'order' => 'deny,allow', + }, + ], + + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.6.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to_not contain_class('apache::mod::ssl') } + it { is_expected.to_not contain_class('apache::mod::mime') } + it { is_expected.to_not contain_class('apache::mod::vhost_alias') } + it { is_expected.to_not contain_class('apache::mod::wsgi') } + it { is_expected.to_not contain_class('apache::mod::passenger') } + it { is_expected.to_not contain_class('apache::mod::suexec') } + it { is_expected.to_not contain_class('apache::mod::rewrite') } + it { is_expected.to_not contain_class('apache::mod::alias') } + it { is_expected.to_not contain_class('apache::mod::proxy') } + it { is_expected.to_not contain_class('apache::mod::proxy_http') } + it { is_expected.to_not contain_class('apache::mod::passenger') } + it { is_expected.to_not contain_class('apache::mod::headers') } + it { is_expected.to contain_file('/var/www/foo') } + it { is_expected.to contain_file('/tmp/logroot').with({ + 'ensure' => 'absent', + }) + } + it { is_expected.to contain_concat('25-rspec.example.com.conf').with({ + 'ensure' => 'absent', + }) + } + it { is_expected.to contain_concat__fragment('rspec.example.com-apache-header') } + it { is_expected.to contain_concat__fragment('rspec.example.com-docroot') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-aliases') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-itk') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-fallbackresource') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Allow from 127\.0\.0\.1$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Allow from 127\.0\.0\.2$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Allow from 127\.0\.0\.5$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Deny from 127\.0\.0\.3$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Deny from 127\.0\.0\.4$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Deny from all$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Satisfy any$/ ) } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Order deny,allow$/ ) } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-additional_includes') } + it { is_expected.to contain_concat__fragment('rspec.example.com-logging') } + it { is_expected.to contain_concat__fragment('rspec.example.com-serversignature') } + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-action') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-block') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-error_document') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-proxy') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-rack') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-redirect') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-rewrite') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-scriptalias') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-serveralias') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-setenv') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-ssl') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-sslproxy') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-suphp') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-php_admin') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-header') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-requestheader') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-wsgi') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-custom_fragment') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-fastcgi') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-suexec') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-charsets') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-limits') } + it { is_expected.to contain_concat__fragment('rspec.example.com-file_footer') } + end + context 'when not setting nor managing the docroot' do + let :params do + { + 'docroot' => false, + 'manage_docroot' => false, + } + end + it { is_expected.to compile } + it { is_expected.not_to contain_concat__fragment('rspec.example.com-docroot') } + end + context 'ssl_proxyengine without ssl' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'ssl' => false, + 'ssl_proxyengine' => true, + } + end + it { is_expected.to compile } + it { is_expected.not_to contain_concat__fragment('rspec.example.com-ssl') } + it { is_expected.to contain_concat__fragment('rspec.example.com-sslproxy') } + end + end + describe 'access logs' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'single log file' do + let(:params) do + { + 'docroot' => '/rspec/docroot', + 'access_log_file' => 'my_log_file', + } + end + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( + :content => /^\s+CustomLog.*my_log_file" combined\s*$/ + )} + end + context 'single log file with environment' do + let(:params) do + { + 'docroot' => '/rspec/docroot', + 'access_log_file' => 'my_log_file', + 'access_log_env_var' => 'prod' + } + end + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( + :content => /^\s+CustomLog.*my_log_file" combined\s+env=prod$/ + )} + end + context 'multiple log files' do + let(:params) do + { + 'docroot' => '/rspec/docroot', + 'access_logs' => [ + { 'file' => '/tmp/log1', 'env' => 'dev' }, + { 'file' => 'log2' }, + { 'syslog' => 'syslog', 'format' => '%h %l' } + ], + } + end + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( + :content => /^\s+CustomLog "\/tmp\/log1"\s+combined\s+env=dev$/ + )} + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( + :content => /^\s+CustomLog "\/var\/log\/httpd\/log2"\s+combined\s*$/ + )} + it { is_expected.to contain_concat__fragment('rspec.example.com-access_log').with( + :content => /^\s+CustomLog "syslog" "%h %l"\s*$/ + )} + end + end # access logs + describe 'validation' do + let :default_facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :is_pe => false, + } + end + context 'bad ensure' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'ensure' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad suphp_engine' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'suphp_engine' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad ip_based' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'ip_based' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad access_log' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'access_log' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad error_log' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'error_log' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad_ssl' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'ssl' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad default_vhost' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'default_vhost' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad ssl_proxyengine' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'ssl_proxyengine' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad rewrites' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'rewrites' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad rewrites 2' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'rewrites' => ['bogus'], + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'empty rewrites' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'rewrites' => [], + } + end + let :facts do default_facts end + it { is_expected.to compile } + end + context 'bad suexec_user_group' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'suexec_user_group' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad wsgi_script_alias' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'wsgi_script_alias' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad wsgi_daemon_process_options' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'wsgi_daemon_process_options' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad wsgi_import_script_alias' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'wsgi_import_script_alias' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad itk' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'itk' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad logroot_ensure' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'log_level' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad log_level' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'log_level' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'access_log_file and access_log_pipe' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'access_log_file' => 'bogus', + 'access_log_pipe' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'error_log_file and error_log_pipe' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'error_log_file' => 'bogus', + 'error_log_pipe' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad fallbackresource' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'fallbackresource' => 'bogus', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad custom_fragment' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'custom_fragment' => true, + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'bad access_logs' do + let :params do + { + 'docroot' => '/rspec/docroot', + 'access_logs' => '/var/log/somewhere', + } + end + let :facts do default_facts end + it { expect { is_expected.to compile }.to raise_error } + end + context 'default of require all granted' do + let :params do + { + 'docroot' => '/var/www/foo', + 'directories' => [ + { + 'path' => '/var/www/foo/files', + 'provider' => 'files', + }, + ], + + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.19.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to contain_concat('25-rspec.example.com.conf') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Require all granted$/ ) } + end + context 'require unmanaged' do + let :params do + { + 'docroot' => '/var/www/foo', + 'directories' => [ + { + 'path' => '/var/www/foo', + 'require' => 'unmanaged', + }, + ], + + } + end + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7', + :concat_basedir => '/dne', + :operatingsystem => 'RedHat', + :id => 'root', + :kernel => 'Linux', + :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :kernelversion => '3.19.2', + :is_pe => false, + } + end + + it { is_expected.to compile } + it { is_expected.to contain_concat('25-rspec.example.com.conf') } + it { is_expected.to contain_concat__fragment('rspec.example.com-directories') } + it { is_expected.to_not contain_concat__fragment('rspec.example.com-directories').with( + :content => /^\s+Require all granted$/ ) + } + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/spec.opts b/modules/services/unix/http/apache/module/apache/spec/spec.opts new file mode 100644 index 000000000..91cd6427e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/modules/services/unix/http/apache/module/apache/spec/spec_helper_acceptance.rb b/modules/services/unix/http/apache/module/apache/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..b6ec0b585 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/spec_helper_acceptance.rb @@ -0,0 +1,80 @@ +require 'beaker-rspec/spec_helper' +require 'beaker-rspec/helpers/serverspec' +require 'beaker/puppet_install_helper' + +run_puppet_install_helper + +RSpec.configure do |c| + # apache on Ubuntu 10.04 and 12.04 doesn't like IPv6 VirtualHosts, so we skip ipv6 tests on those systems + if fact('operatingsystem') == 'Ubuntu' and (fact('operatingsystemrelease') == '10.04' or fact('operatingsystemrelease') == '12.04') + c.filter_run_excluding :ipv6 => true + end + + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # detect the situation where PUP-5016 is triggered and skip the idempotency tests in that case + # also note how fact('puppetversion') is not available because of PUP-4359 + if fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '8' && shell('puppet --version').stdout =~ /^4\.2/ + c.filter_run_excluding :skip_pup_5016 => true + end + + # Configure all nodes in nodeset + c.before :suite do + # net-tools required for netstat utility being used by be_listening + if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' + pp = <<-EOS + package { 'net-tools': ensure => installed } + EOS + + apply_manifest_on(agents, pp, :catch_failures => false) + end + + if fact('osfamily') == 'Debian' + # Make sure snake-oil certs are installed. + shell 'apt-get install -y ssl-cert' + end + + # Install module and dependencies + hosts.each do |host| + copy_module_to(host, :source => proj_root, :module_name => 'apache') + + on host, puppet('module','install','puppetlabs-stdlib') + on host, puppet('module','install','puppetlabs-concat') + + # Required for mod_passenger tests. + if fact('osfamily') == 'RedHat' + on host, puppet('module','install','stahnma/epel') + on host, puppet('module','install','puppetlabs/inifile') + #we need epel installed, so we can get plugins, wsgi, mime ... + pp = <<-EOS + class { 'epel': } + EOS + + apply_manifest_on(host, pp, :catch_failures => true) + end + + # Required for manifest to make mod_pagespeed repository available + if fact('osfamily') == 'Debian' + on host, puppet('module','install','puppetlabs-apt') + end + + # Make sure selinux is disabled so the tests work. + on host, puppet('apply', '-e', + %{"exec { 'setenforce 0': path => '/bin:/sbin:/usr/bin:/usr/sbin', onlyif => 'which setenforce && getenforce | grep Enforcing', }"}) + end + end +end + +shared_examples "a idempotent resource" do + it 'should apply with no errors' do + apply_manifest(pp, :catch_failures => true) + end + + it 'should apply a second time without changes', :skip_pup_5016 do + apply_manifest(pp, :catch_changes => true) + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/unit/provider/a2mod/gentoo_spec.rb b/modules/services/unix/http/apache/module/apache/spec/unit/provider/a2mod/gentoo_spec.rb new file mode 100644 index 000000000..e472745e9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/unit/provider/a2mod/gentoo_spec.rb @@ -0,0 +1,182 @@ +require 'spec_helper' + +provider_class = Puppet::Type.type(:a2mod).provider(:gentoo) + +describe provider_class do + before :each do + provider_class.clear + end + + [:conf_file, :instances, :modules, :initvars, :conf_file, :clear].each do |method| + it "should respond to the class method #{method}" do + expect(provider_class).to respond_to(method) + end + end + + describe "when fetching modules" do + before do + @filetype = mock() + end + + it "should return a sorted array of the defined parameters" do + @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) + provider_class.expects(:filetype).returns(@filetype) + + expect(provider_class.modules).to eq(%w{bar baz foo}) + end + + it "should cache the module list" do + @filetype.expects(:read).once.returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) + provider_class.expects(:filetype).once.returns(@filetype) + + 2.times { expect(provider_class.modules).to eq(%w{bar baz foo}) } + end + + it "should normalize parameters" do + @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAR"\n}) + provider_class.expects(:filetype).returns(@filetype) + + expect(provider_class.modules).to eq(%w{bar foo}) + end + end + + describe "when prefetching" do + it "should match providers to resources" do + provider = mock("ssl_provider", :name => "ssl") + resource = mock("ssl_resource") + resource.expects(:provider=).with(provider) + + provider_class.expects(:instances).returns([provider]) + provider_class.prefetch("ssl" => resource) + end + end + + describe "when flushing" do + before :each do + @filetype = mock() + @filetype.stubs(:backup) + provider_class.expects(:filetype).at_least_once.returns(@filetype) + + @info = mock() + @info.stubs(:[]).with(:name).returns("info") + @info.stubs(:provider=) + + @mpm = mock() + @mpm.stubs(:[]).with(:name).returns("mpm") + @mpm.stubs(:provider=) + + @ssl = mock() + @ssl.stubs(:[]).with(:name).returns("ssl") + @ssl.stubs(:provider=) + end + + it "should add modules whose ensure is present" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) + @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO"}) + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + + provider_class.flush + end + + it "should remove modules whose ensure is present" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO"}) + @filetype.expects(:write).with(%Q{APACHE2_OPTS=""}) + + @info.stubs(:should).with(:ensure).returns(:absent) + @info.stubs(:provider=) + provider_class.prefetch("info" => @info) + + provider_class.flush + end + + it "should not modify providers without resources" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO -D MPM"}) + @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D MPM -D SSL"}) + + @info.stubs(:should).with(:ensure).returns(:absent) + provider_class.prefetch("info" => @info) + + @ssl.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("ssl" => @ssl) + + provider_class.flush + end + + it "should write the modules in sorted order" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) + @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO -D MPM -D SSL"}) + + @mpm.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("mpm" => @mpm) + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + @ssl.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("ssl" => @ssl) + + provider_class.flush + end + + it "should write the records back once" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) + @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + + @ssl.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("ssl" => @ssl) + + provider_class.flush + end + + it "should only modify the line containing APACHE2_OPTS" do + @filetype.expects(:read).at_least_once.returns(%Q{# Comment\nAPACHE2_OPTS=""\n# Another comment}) + @filetype.expects(:write).once.with(%Q{# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment}) + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + provider_class.flush + end + + it "should restore any arbitrary arguments" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-Y -D MPM -X"}) + @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-Y -X -D INFO -D MPM"}) + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + provider_class.flush + end + + it "should backup the file once if changes were made" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) + @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + + @ssl.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("ssl" => @ssl) + + @filetype.unstub(:backup) + @filetype.expects(:backup) + provider_class.flush + end + + it "should not write the file or run backups if no changes were made" do + @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-X -D INFO -D SSL -Y"}) + @filetype.expects(:write).never + + @info.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("info" => @info) + + @ssl.stubs(:should).with(:ensure).returns(:present) + provider_class.prefetch("ssl" => @ssl) + + @filetype.unstub(:backup) + @filetype.expects(:backup).never + provider_class.flush + end + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb new file mode 100644 index 000000000..19d35e592 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/bool2httpd_spec.rb @@ -0,0 +1,53 @@ +require 'spec_helper' + +describe "the bool2httpd function" do + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + it "should exist" do + expect(Puppet::Parser::Functions.function("bool2httpd")).to eq("function_bool2httpd") + end + + it "should raise a ParseError if there is less than 1 arguments" do + expect { scope.function_bool2httpd([]) }.to( raise_error(Puppet::ParseError)) + end + + it "should convert true to 'On'" do + result = scope.function_bool2httpd([true]) + expect(result).to(eq('On')) + end + + it "should convert true to a string" do + result = scope.function_bool2httpd([true]) + expect(result.class).to(eq(String)) + end + + it "should convert false to 'Off'" do + result = scope.function_bool2httpd([false]) + expect(result).to(eq('Off')) + end + + it "should convert false to a string" do + result = scope.function_bool2httpd([false]) + expect(result.class).to(eq(String)) + end + + it "should accept (and return) any string" do + result = scope.function_bool2httpd(["mail"]) + expect(result).to(eq('mail')) + end + + it "should accept a nil value (and return Off)" do + result = scope.function_bool2httpd([nil]) + expect(result).to(eq('Off')) + end + + it "should accept an undef value (and return 'Off')" do + result = scope.function_bool2httpd([:undef]) + expect(result).to(eq('Off')) + end + + it "should return a default value on non-matches" do + result = scope.function_bool2httpd(['foo']) + expect(result).to(eq('foo')) + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb new file mode 100644 index 000000000..b162127d0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/enclose_ipv6_spec.rb @@ -0,0 +1,69 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' + +describe "the enclose_ipv6 function" do + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + it "should exist" do + expect(Puppet::Parser::Functions.function("enclose_ipv6")).to eq("function_enclose_ipv6") + end + + it "should raise a ParseError if there is less than 1 arguments" do + expect { scope.function_enclose_ipv6([]) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError if there is more than 1 arguments" do + expect { scope.function_enclose_ipv6(['argument1','argument2']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError when given garbage" do + expect { scope.function_enclose_ipv6(['garbage']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError when given something else than a string or an array" do + expect { scope.function_enclose_ipv6([['1' => '127.0.0.1']]) }.to( raise_error(Puppet::ParseError) ) + end + + it "should not raise a ParseError when given a single ip string" do + expect { scope.function_enclose_ipv6(['127.0.0.1']) }.to_not raise_error + end + + it "should not raise a ParseError when given * as ip string" do + expect { scope.function_enclose_ipv6(['*']) }.to_not raise_error + end + + it "should not raise a ParseError when given an array of ip strings" do + expect { scope.function_enclose_ipv6([['127.0.0.1','fe80::1']]) }.to_not raise_error + end + + it "should not raise a ParseError when given differently notations of ip addresses" do + expect { scope.function_enclose_ipv6([['127.0.0.1','fe80::1','[fe80::1]']]) }.to_not raise_error + end + + it "should raise a ParseError when given a wrong ipv4 address" do + expect { scope.function_enclose_ipv6(['127..0.0.1']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError when given a ipv4 address with square brackets" do + expect { scope.function_enclose_ipv6(['[127.0.0.1]']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError when given a wrong ipv6 address" do + expect { scope.function_enclose_ipv6(['fe80:::1']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should embrace ipv6 adresses within an array of ip addresses" do + result = scope.function_enclose_ipv6([['127.0.0.1','fe80::1','[fe80::2]']]) + expect(result).to(eq(['127.0.0.1','[fe80::1]','[fe80::2]'])) + end + + it "should embrace a single ipv6 adresse" do + result = scope.function_enclose_ipv6(['fe80::1']) + expect(result).to(eq(['[fe80::1]'])) + end + + it "should not embrace a single ipv4 adresse" do + result = scope.function_enclose_ipv6(['127.0.0.1']) + expect(result).to(eq(['127.0.0.1'])) + end +end diff --git a/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb new file mode 100644 index 000000000..dfef66eea --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/spec/unit/puppet/parser/functions/validate_apache_log_level.rb @@ -0,0 +1,39 @@ +#! /usr/bin/env ruby -S rspec +require 'spec_helper' + +describe "the validate_apache_log_level function" do + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + it "should exist" do + expect(Puppet::Parser::Functions.function("validate_apache_log_level")).to eq("function_validate_apache_log_level") + end + + it "should raise a ParseError if there is less than 1 arguments" do + expect { scope.function_validate_apache_log_level([]) }.to( raise_error(Puppet::ParseError) ) + end + + it "should raise a ParseError when given garbage" do + expect { scope.function_validate_apache_log_level(['garbage']) }.to( raise_error(Puppet::ParseError) ) + end + + it "should not raise a ParseError when given a plain log level" do + expect { scope.function_validate_apache_log_level(['info']) }.to_not raise_error + end + + it "should not raise a ParseError when given a log level and module log level" do + expect { scope.function_validate_apache_log_level(['warn ssl:info']) }.to_not raise_error + end + + it "should not raise a ParseError when given a log level and module log level" do + expect { scope.function_validate_apache_log_level(['warn mod_ssl.c:info']) }.to_not raise_error + end + + it "should not raise a ParseError when given a log level and module log level" do + expect { scope.function_validate_apache_log_level(['warn ssl_module:info']) }.to_not raise_error + end + + it "should not raise a ParseError when given a trace level" do + expect { scope.function_validate_apache_log_level(['trace4']) }.to_not raise_error + end + +end diff --git a/modules/services/unix/http/apache/module/apache/templates/confd/no-accf.conf.erb b/modules/services/unix/http/apache/module/apache/templates/confd/no-accf.conf.erb new file mode 100644 index 000000000..10e51644c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/confd/no-accf.conf.erb @@ -0,0 +1,4 @@ + + AcceptFilter http none + AcceptFilter https none + diff --git a/modules/services/unix/http/apache/module/apache/templates/fastcgi/server.erb b/modules/services/unix/http/apache/module/apache/templates/fastcgi/server.erb new file mode 100644 index 000000000..9cb25b76e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/fastcgi/server.erb @@ -0,0 +1,3 @@ +FastCGIExternalServer <%= @faux_path %> -idle-timeout <%= @timeout %> <%= if @flush then '-flush' end %> -host <%= @host %> +Alias <%= @fcgi_alias %> <%= @faux_path %> +Action <%= @file_type %> <%= @fcgi_alias %> diff --git a/modules/services/unix/http/apache/module/apache/templates/httpd.conf.erb b/modules/services/unix/http/apache/module/apache/templates/httpd.conf.erb new file mode 100644 index 000000000..9c854cfc3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/httpd.conf.erb @@ -0,0 +1,138 @@ +# Security +ServerTokens <%= @server_tokens %> +ServerSignature <%= scope.function_bool2httpd([@server_signature]) %> +TraceEnable <%= scope.function_bool2httpd([@trace_enable]) %> + +ServerName "<%= @servername %>" +ServerRoot "<%= @server_root %>" +PidFile <%= @pidfile %> +Timeout <%= @timeout %> +KeepAlive <%= @keepalive %> +MaxKeepAliveRequests <%= @max_keepalive_requests %> +KeepAliveTimeout <%= @keepalive_timeout %> +LimitRequestFieldSize <%= @limitreqfieldsize %> + +<%- if @rewrite_lock and scope.function_versioncmp([@apache_version, '2.2']) <= 0 -%> +RewriteLock <%= @rewrite_lock %> +<%- end -%> + +User <%= @user %> +Group <%= @group %> + +AccessFileName .htaccess + +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all denied +<%- else -%> + Order allow,deny + Deny from all + Satisfy all +<%- end -%> + + + + Options FollowSymLinks + AllowOverride None + + +<% if @default_charset -%> +AddDefaultCharset <%= @default_charset %> +<% end -%> + +<%- if scope.function_versioncmp([@apache_version, '2.4']) < 0 -%> +DefaultType <%= @default_type %> +<%- end -%> +HostnameLookups Off +ErrorLog "<%= @logroot %>/<%= @error_log %>" +LogLevel <%= @log_level %> +EnableSendfile <%= @sendfile %> +<%- if @allow_encoded_slashes -%> +AllowEncodedSlashes <%= @allow_encoded_slashes %> +<%- end -%> + +#Listen 80 + +<% if @apxs_workaround -%> +# Workaround: without this hack apxs would be confused about where to put +# LoadModule directives and fail entire procedure of apache package +# installation/reinstallation. This problem was observed on FreeBSD (apache22). +#LoadModule fake_module libexec/apache22/mod_fake.so +<% end -%> + +Include "<%= @mod_load_dir %>/*.load" +<% if @mod_load_dir != @confd_dir and @mod_load_dir != @vhost_load_dir -%> +Include "<%= @mod_load_dir %>/*.conf" +<% end -%> +Include "<%= @ports_file %>" + +<% unless @log_formats.has_key?('combined') -%> +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +<% end -%> +<% unless @log_formats.has_key?('common') -%> +LogFormat "%h %l %u %t \"%r\" %>s %b" common +<% end -%> +<% unless @log_formats.has_key?('referer') -%> +LogFormat "%{Referer}i -> %U" referer +<% end -%> +<% unless @log_formats.has_key?('agent') -%> +LogFormat "%{User-agent}i" agent +<% end -%> +<% unless @log_formats.has_key?('forwarded') -%> +LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" forwarded +<% end -%> +<% if @log_formats and !@log_formats.empty? -%> + <%- @log_formats.sort.each do |nickname,format| -%> +LogFormat "<%= format -%>" <%= nickname %> + <%- end -%> +<% end -%> + +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> +IncludeOptional "<%= @confd_dir %>/*.conf" +<%- else -%> +Include "<%= @confd_dir %>/*.conf" +<%- end -%> +<% if @vhost_load_dir != @confd_dir -%> +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> +IncludeOptional "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" +<%- else -%> +Include "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" +<%- end -%> +<% end -%> + +<% if @error_documents -%> +# /usr/share/apache2/error on debian +Alias /error/ "<%= @error_documents_path %>/" + +"> + AllowOverride None + Options IncludesNoExec + AddOutputFilter Includes html + AddHandler type-map var +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all granted +<%- else -%> + Order allow,deny + Allow from all +<%- end -%> + LanguagePriority en cs de es fr it nl sv pt-br ro + ForceLanguagePriority Prefer Fallback + + +ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +ErrorDocument 410 /error/HTTP_GONE.html.var +ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/listen.erb b/modules/services/unix/http/apache/module/apache/templates/listen.erb new file mode 100644 index 000000000..8fc871b0a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/listen.erb @@ -0,0 +1,6 @@ +<%# Listen should always be one of: + - + - : + - [ +-%> +Listen <%= @listen_addr_port %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/alias.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/alias.conf.erb new file mode 100644 index 000000000..2056476e8 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/alias.conf.erb @@ -0,0 +1,13 @@ + +Alias /icons/ "<%= @icons_path %>/" +"> + Options <%= @icons_options %> + AllowOverride None +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all granted +<%- else -%> + Order allow,deny + Allow from all +<%- end -%> + + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/auth_cas.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/auth_cas.conf.erb new file mode 100644 index 000000000..926bd65f5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/auth_cas.conf.erb @@ -0,0 +1,40 @@ +CASCookiePath <%= @cas_cookie_path %> +CASLoginURL <%= @cas_login_url %> +CASValidateURL <%= @cas_validate_url %> + +CASVersion <%= @cas_version %> +CASDebug <%= @cas_debug %> + +<% if @cas_certificate_path -%> +CASCertificatePath <%= @cas_certificate_path %> +<% end -%> +<% if @cas_proxy_validate_url -%> +CASProxyValidateURL <%= @cas_proxy_validate_url %> +<% end -%> +<% if @cas_validate_depth -%> +CASValidateDepth <%= @cas_validate_depth %> +<% end -%> +<% if @cas_root_proxied_as -%> +CASRootProxiedAs <%= @cas_root_proxied_as %> +<% end -%> +<% if @cas_cookie_entropy -%> +CASCookieEntropy <%= @cas_cookie_entropy %> +<% end -%> +<% if @cas_timeout -%> +CASTimeout <%= @cas_timeout %> +<% end -%> +<% if @cas_idle_timeout -%> +CASIdleTimeout <%= @cas_idle_timeout %> +<% end -%> +<% if @cas_cache_clean_interval -%> +CASCacheCleanInterval <%= @cas_cache_clean_interval %> +<% end -%> +<% if @cas_cookie_domain -%> +CASCookieDomain <%= @cas_cookie_domain %> +<% end -%> +<% if @cas_cookie_http_only -%> +CASCookieHttpOnly <%= @cas_cookie_http_only %> +<% end -%> +<% if @cas_authoritative -%> +CASAuthoritative <%= @cas_authoritative %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/auth_mellon.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/auth_mellon.conf.erb new file mode 100644 index 000000000..e36a73390 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/auth_mellon.conf.erb @@ -0,0 +1,21 @@ +<%- if @mellon_cache_size -%> +MellonCacheSize <%= @mellon_cache_size %> +<%- end -%> +<%- if @mellon_cache_entry_size -%> +MellonCacheEntrySize <%= @mellon_cache_entry_size %> +<%- end -%> +<%- if @mellon_lock_file -%> +MellonLockFile "<%= @mellon_lock_file %>" +<%- end -%> +<%- if @mellon_post_directory -%> +MellonPostDirectory "<%= @mellon_post_directory %>" +<%- end -%> +<%- if @mellon_post_ttl -%> +MellonPostTTL <%= @mellon_post_ttl %> +<%- end -%> +<%- if @mellon_post_size -%> +MellonPostSize <%= @mellon_post_size %> +<%- end -%> +<%- if @mellon_post_count -%> +MellonPostCount <%= @mellon_post_count %> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/authnz_ldap.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/authnz_ldap.conf.erb new file mode 100644 index 000000000..565fcf0df --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/authnz_ldap.conf.erb @@ -0,0 +1,5 @@ +<% if @verifyServerCert == true -%> +LDAPVerifyServerCert On +<% else -%> +LDAPVerifyServerCert Off +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/autoindex.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/autoindex.conf.erb new file mode 100644 index 000000000..ef6bbebea --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/autoindex.conf.erb @@ -0,0 +1,56 @@ +IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8 +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2 + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif /core +AddIcon (SND,/icons/sound2.gif) .ogg +AddIcon (VID,/icons/movie.gif) .ogm + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +AddIcon /icons/odf6odt-20x22.png .odt +AddIcon /icons/odf6ods-20x22.png .ods +AddIcon /icons/odf6odp-20x22.png .odp +AddIcon /icons/odf6odg-20x22.png .odg +AddIcon /icons/odf6odc-20x22.png .odc +AddIcon /icons/odf6odf-20x22.png .odf +AddIcon /icons/odf6odb-20x22.png .odb +AddIcon /icons/odf6odi-20x22.png .odi +AddIcon /icons/odf6odm-20x22.png .odm + +AddIcon /icons/odf6ott-20x22.png .ott +AddIcon /icons/odf6ots-20x22.png .ots +AddIcon /icons/odf6otp-20x22.png .otp +AddIcon /icons/odf6otg-20x22.png .otg +AddIcon /icons/odf6otc-20x22.png .otc +AddIcon /icons/odf6otf-20x22.png .otf +AddIcon /icons/odf6oti-20x22.png .oti +AddIcon /icons/odf6oth-20x22.png .oth + +DefaultIcon /icons/unknown.gif +ReadmeName README.html +HeaderName HEADER.html + +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/cgid.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/cgid.conf.erb new file mode 100644 index 000000000..5f82d7424 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/cgid.conf.erb @@ -0,0 +1 @@ +ScriptSock "<%= @cgisock_path %>" diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/dav_fs.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/dav_fs.conf.erb new file mode 100644 index 000000000..3c53e9e14 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/dav_fs.conf.erb @@ -0,0 +1 @@ +DAVLockDB "<%= @dav_lock %>" diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/deflate.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/deflate.conf.erb new file mode 100644 index 000000000..ede8b2e76 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/deflate.conf.erb @@ -0,0 +1,7 @@ +<%- @types.sort.each do |type| -%> +AddOutputFilterByType DEFLATE <%= type %> +<%- end -%> + +<%- @notes.sort.each do |type,note| -%> +DeflateFilterNote <%= type %> <%=note %> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/dir.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/dir.conf.erb new file mode 100644 index 000000000..741f6ae03 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/dir.conf.erb @@ -0,0 +1 @@ +DirectoryIndex <%= @indexes.join(' ') %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/disk_cache.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/disk_cache.conf.erb new file mode 100644 index 000000000..b1b460e52 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/disk_cache.conf.erb @@ -0,0 +1,4 @@ +CacheEnable disk / +CacheRoot "<%= @_cache_root %>" +CacheDirLevels 2 +CacheDirLength 1 diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/event.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/event.conf.erb new file mode 100644 index 000000000..970ce088c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/event.conf.erb @@ -0,0 +1,13 @@ + + ServerLimit <%= @serverlimit %> + StartServers <%= @startservers %> + MaxClients <%= @maxclients %> + MinSpareThreads <%= @minsparethreads %> + MaxSpareThreads <%= @maxsparethreads %> + ThreadsPerChild <%= @threadsperchild %> + MaxRequestsPerChild <%= @maxrequestsperchild %> + ThreadLimit <%= @threadlimit %> + ListenBacklog <%= @listenbacklog %> + MaxRequestWorkers <%= @maxrequestworkers %> + MaxConnectionsPerChild <%= @maxconnectionsperchild %> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/expires.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/expires.conf.erb new file mode 100644 index 000000000..7660cfcd0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/expires.conf.erb @@ -0,0 +1,11 @@ +ExpiresActive <%= scope.function_bool2httpd([@expires_active]) %> +<%- if ! @expires_default.nil? and ! @expires_default.empty? -%> +ExpiresDefault "<%= @expires_default %>" +<%- end -%> +<%- if ! @expires_by_type.nil? and ! @expires_by_type.empty? -%> +<%- [@expires_by_type].flatten.each do |line| -%> +<%- line.map do |type, seconds| -%> +ExpiresByType <%= type %> "<%= seconds -%>" +<%- end -%> +<%- end -%> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/ext_filter.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/ext_filter.conf.erb new file mode 100644 index 000000000..67f98fd4c --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/ext_filter.conf.erb @@ -0,0 +1,6 @@ +# mod_ext_filter definitions +<%- if @ext_filter_define.length >= 1 -%> +<%- @ext_filter_define.keys.sort.each do |name| -%> +ExtFilterDefine <%= name %> <%= @ext_filter_define[name] %> +<%- end -%> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/fastcgi.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/fastcgi.conf.erb new file mode 100644 index 000000000..93c8d86ab --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/fastcgi.conf.erb @@ -0,0 +1,8 @@ +# The Fastcgi Apache module configuration file is being +# managed by Puppet and changes will be overwritten. + + + SetHandler fastcgi-script + + FastCgiIpcDir "<%= @fastcgi_lib_path %>" + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/geoip.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/geoip.conf.erb new file mode 100644 index 000000000..00e61d98b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/geoip.conf.erb @@ -0,0 +1,25 @@ +GeoIPEnable <%= scope.function_bool2httpd([@enable]) %> + +<%- if @db_file and ! [ false, 'false', '' ].include?(@db_file) -%> + <%- if @db_file.kind_of?(Array) -%> + <%- Array(@db_file).each do |file| -%> +GeoIPDBFile <%= file %> <%= @flag %> + <%- end -%> + <%- else -%> +GeoIPDBFile <%= @db_file %> <%= @flag %> + <%- end -%> +<%- end -%> +GeoIPOutput <%= @output %> +<% if ! @enable_utf8.nil? -%> +GeoIPEnableUTF8 <%= scope.function_bool2httpd([@enable_utf8]) %> +<% end -%> +<% if ! @scan_proxy_headers.nil? -%> +GeoIPScanProxyHeaders <%= scope.function_bool2httpd([@scan_proxy_headers]) %> +<% end -%> +<% if ! @scan_proxy_header_field.nil? -%> +GeoIPScanProxyHeaderField <%= @scan_proxy_header_field %> +<% end -%> +<% if ! @use_last_xforwarededfor_ip.nil? -%> +GeoIPUseLastXForwardedForIP <%= scope.function_bool2httpd([@use_last_xforwarededfor_ip]) %> +<% end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/info.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/info.conf.erb new file mode 100644 index 000000000..1a025b7a6 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/info.conf.erb @@ -0,0 +1,19 @@ + + SetHandler server-info +<%- if @restrict_access -%> + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip <%= Array(@allow_from).join(" ") %> + <%- else -%> + Order deny,allow + Deny from all + <%- if @allow_from and ! @allow_from.empty? -%> + <%- @allow_from.each do |allowed| -%> + Allow from <%= allowed %> + <%- end -%> + <%- else -%> + Allow from 127.0.0.1 + Allow from ::1 + <%- end -%> + <%- end -%> +<%- end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/itk.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/itk.conf.erb new file mode 100644 index 000000000..f45f2b35d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/itk.conf.erb @@ -0,0 +1,8 @@ + + StartServers <%= @startservers %> + MinSpareServers <%= @minspareservers %> + MaxSpareServers <%= @maxspareservers %> + ServerLimit <%= @serverlimit %> + MaxClients <%= @maxclients %> + MaxRequestsPerChild <%= @maxrequestsperchild %> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/ldap.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/ldap.conf.erb new file mode 100644 index 000000000..fbb4b9213 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/ldap.conf.erb @@ -0,0 +1,14 @@ + + SetHandler ldap-status + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip 127.0.0.1 ::1 + <%- else -%> + Order deny,allow + Deny from all + Allow from 127.0.0.1 ::1 + Satisfy all + <%- end -%> + +<% if @ldap_trusted_global_cert_file -%> +LDAPTrustedGlobalCert <%= @ldap_trusted_global_cert_type %> <%= @ldap_trusted_global_cert_file %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/load.erb b/modules/services/unix/http/apache/module/apache/templates/mod/load.erb new file mode 100644 index 000000000..51f45edb2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/load.erb @@ -0,0 +1,7 @@ +<% if @loadfiles -%> +<% Array(@loadfiles).each do |loadfile| -%> +LoadFile <%= loadfile %> +<% end -%> + +<% end -%> +LoadModule <%= @_id %> <%= @_path %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/mime.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/mime.conf.erb new file mode 100644 index 000000000..8101cf031 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/mime.conf.erb @@ -0,0 +1,38 @@ +TypesConfig <%= @mime_types_config %> + +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType application/x-bzip2 .bz2 + +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +<%- @mime_types_additional.sort.each do |add_mime, config| -%> + <%- config.each do |type, extension| %> +<%= add_mime %> <%= type %> <%= extension%> + <%- end -%> +<% end %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/mime_magic.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/mime_magic.conf.erb new file mode 100644 index 000000000..1ce1bc3c1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/mime_magic.conf.erb @@ -0,0 +1 @@ +MIMEMagicFile "<%= @magic_file %>" diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/mpm_event.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/mpm_event.conf.erb new file mode 100644 index 000000000..eb6f1ff5f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/mpm_event.conf.erb @@ -0,0 +1,9 @@ + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 0 + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/negotiation.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/negotiation.conf.erb new file mode 100644 index 000000000..2fb4700d6 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/negotiation.conf.erb @@ -0,0 +1,2 @@ +LanguagePriority <%= Array(@language_priority).join(' ') %> +ForceLanguagePriority <%= Array(@force_language_priority).join(' ') %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/nss.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/nss.conf.erb new file mode 100644 index 000000000..b6ea50487 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/nss.conf.erb @@ -0,0 +1,228 @@ +# +# This is the Apache server configuration file providing SSL support using. +# the mod_nss plugin. It contains the configuration directives to instruct +# the server how to serve pages over an https connection. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# + +#LoadModule nss_module modules/libmodnss.so + +# +# When we also provide SSL we have to listen to the +# standard HTTP port (see above) and to the HTTPS port +# +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:8443" and "Listen 0.0.0.0:443" +# +Listen <%= @port %> + +## +## SSL Global Context +## +## All SSL configuration in this context applies both to +## the main server and all SSL-enabled virtual hosts. +## + +# +# Some MIME-types for downloading Certificates and CRLs +# +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl + +# Pass Phrase Dialog: +# Configure the pass phrase gathering process. +# The filtering dialog program (`builtin' is a internal +# terminal dialog) has to provide the pass phrase on stdout. +<% if @passwd_file -%> +NSSPassPhraseDialog "file:<%= @passwd_file %>" +<% else -%> +NSSPassPhraseDialog builtin +<% end -%> + +# Pass Phrase Helper: +# This helper program stores the token password pins between +# restarts of Apache. +NSSPassPhraseHelper /usr/sbin/nss_pcache + +# Configure the SSL Session Cache. +# NSSSessionCacheSize is the number of entries in the cache. +# NSSSessionCacheTimeout is the SSL2 session timeout (in seconds). +# NSSSession3CacheTimeout is the SSL3/TLS session timeout (in seconds). +NSSSessionCacheSize 10000 +NSSSessionCacheTimeout 100 +NSSSession3CacheTimeout 86400 + +# +# Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. Those platforms usually also provide a non-blocking +# device, /dev/urandom, which may be used instead. +# +# This does not support seeding the RNG with each connection. + +NSSRandomSeed startup builtin +#NSSRandomSeed startup file:/dev/random 512 +#NSSRandomSeed startup file:/dev/urandom 512 + +# +# TLS Negotiation configuration under RFC 5746 +# +# Only renegotiate if the peer's hello bears the TLS renegotiation_info +# extension. Default off. +NSSRenegotiation off + +# Peer must send Signaling Cipher Suite Value (SCSV) or +# Renegotiation Info (RI) extension in ALL handshakes. Default: off +NSSRequireSafeNegotiation off + +## +## SSL Virtual Host Context +## + +> + +# General setup for the virtual host +#DocumentRoot "/etc/httpd/htdocs" +#ServerName www.example.com:8443 +#ServerAdmin you@example.com + +# mod_nss can log to separate log files, you can choose to do that if you'd like +# LogLevel is not inherited from httpd.conf. +ErrorLog "<%= @error_log %>" +TransferLog "<%= @transfer_log %>" +LogLevel warn + +# SSL Engine Switch: +# Enable/Disable SSL for this virtual host. +NSSEngine on + +# SSL Cipher Suite: +# List the ciphers that the client is permitted to negotiate. +# See the mod_nss documentation for a complete list. + +# SSL 3 ciphers. SSL 2 is disabled by default. +NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha + +# SSL 3 ciphers + ECC ciphers. SSL 2 is disabled by default. +# +# Comment out the NSSCipherSuite line above and use the one below if you have +# ECC enabled NSS and mod_nss and want to use Elliptical Curve Cryptography +#NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha,-ecdh_ecdsa_null_sha,+ecdh_ecdsa_rc4_128_sha,+ecdh_ecdsa_3des_sha,+ecdh_ecdsa_aes_128_sha,+ecdh_ecdsa_aes_256_sha,-ecdhe_ecdsa_null_sha,+ecdhe_ecdsa_rc4_128_sha,+ecdhe_ecdsa_3des_sha,+ecdhe_ecdsa_aes_128_sha,+ecdhe_ecdsa_aes_256_sha,-ecdh_rsa_null_sha,+ecdh_rsa_128_sha,+ecdh_rsa_3des_sha,+ecdh_rsa_aes_128_sha,+ecdh_rsa_aes_256_sha,-echde_rsa_null,+ecdhe_rsa_rc4_128_sha,+ecdhe_rsa_3des_sha,+ecdhe_rsa_aes_128_sha,+ecdhe_rsa_aes_256_sha + +# SSL Protocol: +# Cryptographic protocols that provide communication security. +# NSS handles the specified protocols as "ranges", and automatically +# negotiates the use of the strongest protocol for a connection starting +# with the maximum specified protocol and downgrading as necessary to the +# minimum specified protocol that can be used between two processes. +# Since all protocol ranges are completely inclusive, and no protocol in the +# middle of a range may be excluded, the entry "NSSProtocol SSLv3,TLSv1.1" +# is identical to the entry "NSSProtocol SSLv3,TLSv1.0,TLSv1.1". +NSSProtocol SSLv3,TLSv1.0,TLSv1.1 + +# SSL Certificate Nickname: +# The nickname of the RSA server certificate you are going to use. +NSSNickname Server-Cert + +# SSL Certificate Nickname: +# The nickname of the ECC server certificate you are going to use, if you +# have an ECC-enabled version of NSS and mod_nss +#NSSECCNickname Server-Cert-ecc + +# Server Certificate Database: +# The NSS security database directory that holds the certificates and +# keys. The database consists of 3 files: cert8.db, key3.db and secmod.db. +# Provide the directory that these files exist. +NSSCertificateDatabase "<%= @httpd_dir -%>/alias" + +# Database Prefix: +# In order to be able to store multiple NSS databases in one directory +# they need unique names. This option sets the database prefix used for +# cert8.db and key3.db. +#NSSDBPrefix my-prefix- + +# Client Authentication (Type): +# Client certificate verification type. Types are none, optional and +# require. +#NSSVerifyClient none + +# +# Online Certificate Status Protocol (OCSP). +# Verify that certificates have not been revoked before accepting them. +#NSSOCSP off + +# +# Use a default OCSP responder. If enabled this will be used regardless +# of whether one is included in a client certificate. Note that the +# server certificate is verified during startup. +# +# NSSOCSPDefaultURL defines the service URL of the OCSP responder +# NSSOCSPDefaultName is the nickname of the certificate to trust to +# sign the OCSP responses. +#NSSOCSPDefaultResponder on +#NSSOCSPDefaultURL http://example.com/ocsp/status +#NSSOCSPDefaultName ocsp-nickname + +# Access Control: +# With SSLRequire you can do per-directory access control based +# on arbitrary complex boolean expressions containing server +# variable checks and other lookup directives. The syntax is a +# mixture between C and Perl. See the mod_nss documentation +# for more details. +# +#NSSRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ +# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ +# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ +# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ +# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ +# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ +# + +# SSL Engine Options: +# Set various options for the SSL engine. +# o FakeBasicAuth: +# Translate the client X.509 into a Basic Authorisation. This means that +# the standard Auth/DBMAuth methods can be used for access control. The +# user name is the `one line' version of the client's X.509 certificate. +# Note that no password is obtained from the user. Every entry in the user +# file needs this password: `xxj31ZMTZzkVA'. +# o ExportCertData: +# This exports two additional environment variables: SSL_CLIENT_CERT and +# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the +# server (always existing) and the client (only existing when client +# authentication is used). This can be used to import the certificates +# into CGI scripts. +# o StdEnvVars: +# This exports the standard SSL/TLS related `SSL_*' environment variables. +# Per default this exportation is switched off for performance reasons, +# because the extraction step is an expensive operation and is usually +# useless for serving static content. So one usually enables the +# exportation for CGI and SSI requests only. +# o StrictRequire: +# This denies access when "NSSRequireSSL" or "NSSRequire" applied even +# under a "Satisfy any" situation, i.e. when it applies access is denied +# and no other module can change it. +# o OptRenegotiate: +# This enables optimized SSL connection renegotiation handling when SSL +# directives are used in per-directory context. +#NSSOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire + + NSSOptions +StdEnvVars + + + NSSOptions +StdEnvVars + + +# Per-Server Logging: +# The home of a custom SSL log file. Use this when you want a +# compact non-error SSL logfile on a virtual host basis. +#CustomLog /home/rcrit/redhat/apache/logs/ssl_request_log \ +# "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/pagespeed.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/pagespeed.conf.erb new file mode 100644 index 000000000..051cf5bed --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/pagespeed.conf.erb @@ -0,0 +1,102 @@ +ModPagespeed on + +ModPagespeedInheritVHostConfig <%= @inherit_vhost_config %> +AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html +<% if @filter_xhtml -%> +AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER application/xhtml+xml +<% end -%> +ModPagespeedFileCachePath "<%= @cache_path %>" +ModPagespeedLogDir "<%= @log_dir %>" + +<% @memcache_servers.each do |server| -%> +ModPagespeedMemcachedServers <%= server %> +<% end -%> + +ModPagespeedRewriteLevel <%= @rewrite_level -%> + +<% @disable_filters.each do |filter| -%> +ModPagespeedDisableFilters <%= filter %> +<% end -%> + +<% @enable_filters.each do |filter| -%> +ModPagespeedEnableFilters <%= filter %> +<% end -%> + +<% @forbid_filters.each do |filter| -%> +ModPagespeedForbidFilters <%= filter %> +<% end -%> + +ModPagespeedRewriteDeadlinePerFlushMs <%= @rewrite_deadline_per_flush_ms %> + +<% if @additional_domains -%> +ModPagespeedDomain <%= @additional_domains -%> +<% end -%> + +ModPagespeedFileCacheSizeKb <%= @file_cache_size_kb %> +ModPagespeedFileCacheCleanIntervalMs <%= @file_cache_clean_interval_ms %> +ModPagespeedLRUCacheKbPerProcess <%= @lru_cache_per_process %> +ModPagespeedLRUCacheByteLimit <%= @lru_cache_byte_limit %> +ModPagespeedCssFlattenMaxBytes <%= @css_flatten_max_bytes %> +ModPagespeedCssInlineMaxBytes <%= @css_inline_max_bytes %> +ModPagespeedCssImageInlineMaxBytes <%= @css_image_inline_max_bytes %> +ModPagespeedImageInlineMaxBytes <%= @image_inline_max_bytes %> +ModPagespeedJsInlineMaxBytes <%= @js_inline_max_bytes %> +ModPagespeedCssOutlineMinBytes <%= @css_outline_min_bytes %> +ModPagespeedJsOutlineMinBytes <%= @js_outline_min_bytes %> + + +ModPagespeedFileCacheInodeLimit <%= @inode_limit %> +ModPagespeedImageMaxRewritesAtOnce <%= @image_max_rewrites_at_once %> + +ModPagespeedNumRewriteThreads <%= @num_rewrite_threads %> +ModPagespeedNumExpensiveRewriteThreads <%= @num_expensive_rewrite_threads %> + +ModPagespeedStatistics <%= @collect_statistics %> + + + # You may insert other "Allow from" lines to add hosts you want to + # allow to look at generated statistics. Another possibility is + # to comment out the "Order" and "Allow" options from the config + # file, to allow any client that can reach your server to examine + # statistics. This might be appropriate in an experimental setup or + # if the Apache server is protected by a reverse proxy that will + # filter URLs in some fashion. + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> + <%- else -%> + Order allow,deny + Allow from 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> + <%- end -%> + SetHandler mod_pagespeed_statistics + + +ModPagespeedStatisticsLogging <%= @statistics_logging %> + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> + <%- else -%> + Order allow,deny + Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> + <%- end -%> + SetHandler pagespeed_console + + +ModPagespeedMessageBufferSize <%= @message_buffer_size %> + + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> + <%- else -%> + Order allow,deny + Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> + <%- end -%> + SetHandler mod_pagespeed_message + + +<% if @additional_configuration.is_a? Array -%> +<%= @additional_configuration.join('\n') %> +<% else -%> +<% @additional_configuration.each_pair do |key, value| -%> +<%= key %> <%= value %> +<% end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/passenger.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/passenger.conf.erb new file mode 100644 index 000000000..8a3e9d4f3 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/passenger.conf.erb @@ -0,0 +1,52 @@ +# The Passenger Apache module configuration file is being +# managed by Puppet and changes will be overwritten. + + <%- if @passenger_root -%> + PassengerRoot "<%= @passenger_root %>" + <%- end -%> + <%- if @passenger_ruby -%> + PassengerRuby "<%= @passenger_ruby %>" + <%- end -%> + <%- if @passenger_default_ruby -%> + PassengerDefaultRuby "<%= @passenger_default_ruby %>" + <%- end -%> + <%- if @passenger_high_performance -%> + PassengerHighPerformance <%= @passenger_high_performance %> + <%- end -%> + <%- if @passenger_max_pool_size -%> + PassengerMaxPoolSize <%= @passenger_max_pool_size %> + <%- end -%> + <%- if @passenger_min_instances -%> + PassengerMinInstances <%= @passenger_min_instances %> + <%- end -%> + <%- if @passenger_pool_idle_time -%> + PassengerPoolIdleTime <%= @passenger_pool_idle_time %> + <%- end -%> + <%- if @passenger_max_request_queue_size -%> + PassengerMaxRequestQueueSize <%= @passenger_max_request_queue_size %> + <%- end -%> + <%- if @passenger_max_requests -%> + PassengerMaxRequests <%= @passenger_max_requests %> + <%- end -%> + <%- if @passenger_spawn_method -%> + PassengerSpawnMethod <%= @passenger_spawn_method %> + <%- end -%> + <%- if @passenger_stat_throttle_rate -%> + PassengerStatThrottleRate <%= @passenger_stat_throttle_rate %> + <%- end -%> + <%- if @rack_autodetect -%> + RackAutoDetect <%= @rack_autodetect %> + <%- end -%> + <%- if @rails_autodetect -%> + RailsAutoDetect <%= @rails_autodetect %> + <%- end -%> + <%- if @passenger_use_global_queue -%> + PassengerUseGlobalQueue <%= @passenger_use_global_queue %> + <%- end -%> + <%- if @passenger_app_env -%> + PassengerAppEnv <%= @passenger_app_env %> + <%- end -%> + <%- if @passenger_log_file -%> + PassengerLogFile <%= @passenger_log_file %> + <%- end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/peruser.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/peruser.conf.erb new file mode 100644 index 000000000..13c8d708d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/peruser.conf.erb @@ -0,0 +1,12 @@ + + MinSpareProcessors <%= @minspareprocessors %> + MinProcessors <%= @minprocessors %> + MaxProcessors <%= @maxprocessors %> + MaxClients <%= @maxclients %> + MaxRequestsPerChild <%= @maxrequestsperchild %> + IdleTimeout <%= @idletimeout %> + ExpireTimeout <%= @expiretimeout %> + KeepAlive <%= @keepalive %> + Include "<%= @mod_dir %>/peruser/multiplexers/*.conf" + Include "<%= @mod_dir %>/peruser/processors/*.conf" + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/php5.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/php5.conf.erb new file mode 100644 index 000000000..3fd100039 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/php5.conf.erb @@ -0,0 +1,31 @@ +# +# PHP is an HTML-embedded scripting language which attempts to make it +# easy for developers to write dynamically generated webpages. +# +# +# LoadModule php5_module modules/libphp5.so +# +# +# # Use of the "ZTS" build with worker is experimental, and no shared +# # modules are supported. +# LoadModule php5_module modules/libphp5-zts.so +# + +# +# Cause the PHP interpreter to handle files with a .php extension. +# +)$"> + SetHandler php5-script + + +# +# Add index.php to the list of files that will be served as directory +# indexes. +# +DirectoryIndex index.php + +# +# Uncomment the following line to allow PHP to pretty-print .phps +# files as PHP source code: +# +#AddType application/x-httpd-php-source .phps diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/prefork.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/prefork.conf.erb new file mode 100644 index 000000000..aabfdf7b2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/prefork.conf.erb @@ -0,0 +1,8 @@ + + StartServers <%= @startservers %> + MinSpareServers <%= @minspareservers %> + MaxSpareServers <%= @maxspareservers %> + ServerLimit <%= @serverlimit %> + MaxClients <%= @maxclients %> + MaxRequestsPerChild <%= @maxrequestsperchild %> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/proxy.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/proxy.conf.erb new file mode 100644 index 000000000..5ea829eeb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/proxy.conf.erb @@ -0,0 +1,27 @@ +# +# Proxy Server directives. Uncomment the following lines to +# enable the proxy server: +# + + # Do not enable proxying with ProxyRequests until you have secured your + # server. Open proxy servers are dangerous both to your network and to the + # Internet at large. + ProxyRequests <%= @proxy_requests %> + + <% if @proxy_requests != 'Off' or ( @allow_from and ! @allow_from.empty? ) -%> + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip <%= Array(@allow_from).join(" ") %> + <%- else -%> + Order deny,allow + Deny from all + Allow from <%= Array(@allow_from).join(" ") %> + <%- end -%> + + <% end -%> + + # Enable/disable the handling of HTTP/1.1 "Via:" headers. + # ("Full" adds the server version; "Block" removes all outgoing Via: headers) + # Set to one of: Off | On | Full | Block + ProxyVia On + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/proxy_html.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/proxy_html.conf.erb new file mode 100644 index 000000000..fea15f393 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/proxy_html.conf.erb @@ -0,0 +1,18 @@ +ProxyHTMLLinks a href +ProxyHTMLLinks area href +ProxyHTMLLinks link href +ProxyHTMLLinks img src longdesc usemap +ProxyHTMLLinks object classid codebase data usemap +ProxyHTMLLinks q cite +ProxyHTMLLinks blockquote cite +ProxyHTMLLinks ins cite +ProxyHTMLLinks del cite +ProxyHTMLLinks form action +ProxyHTMLLinks input src usemap +ProxyHTMLLinks head profileProxyHTMLLinks base href +ProxyHTMLLinks script src for + +ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \ + onmouseover onmousemove onmouseout onkeypress \ + onkeydown onkeyup onfocus onblur onload \ + onunload onsubmit onreset onselect onchange diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/remoteip.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/remoteip.conf.erb new file mode 100644 index 000000000..b4518f9b0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/remoteip.conf.erb @@ -0,0 +1,23 @@ +# Declare the header field which should be parsed for useragent IP addresses +RemoteIPHeader <%= @header %> + +<%- if @proxy_ips -%> +# Declare client intranet IP addresses trusted to present +# the RemoteIPHeader value +<%- [@proxy_ips].flatten.each do |proxy| -%> +RemoteIPInternalProxy <%= proxy %> +<%- end -%> +<%- end -%> + +<%- if @proxies_header -%> +# Declare the header field which will record all intermediate IP addresses +RemoteIPProxiesHeader <%= @proxies_header %> +<%- end -%> + +<%- if @trusted_proxy_ips -%> +# Declare client intranet IP addresses trusted to present +# the RemoteIPHeader value + <%- [@trusted_proxy_ips].flatten.each do |proxy| -%> +RemoteIPTrustedProxy <%= proxy %> + <%- end -%> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/reqtimeout.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/reqtimeout.conf.erb new file mode 100644 index 000000000..6ffc5ffe2 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/reqtimeout.conf.erb @@ -0,0 +1,3 @@ +<% Array(@timeouts).each do |timeout| -%> +RequestReadTimeout <%= timeout %> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/rpaf.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/rpaf.conf.erb new file mode 100644 index 000000000..56e2398b5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/rpaf.conf.erb @@ -0,0 +1,15 @@ +# Enable reverse proxy add forward +RPAFenable On +# RPAFsethostname will, when enabled, take the incoming X-Host header and +# update the virtual host settings accordingly. This allows to have the same +# hostnames as in the "real" configuration for the forwarding proxy. +<% if @sethostname -%> +RPAFsethostname On +<% else -%> +RPAFsethostname Off +<% end -%> +# Which IPs are forwarding requests to us +RPAFproxy_ips <%= Array(@proxy_ips).join(" ") %> +# Setting RPAFheader allows you to change the header name to parse from the +# default X-Forwarded-For to something of your choice. +RPAFheader <%= @header %> diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/security.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/security.conf.erb new file mode 100644 index 000000000..7b2da7613 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/security.conf.erb @@ -0,0 +1,71 @@ + + # ModSecurity Core Rules Set configuration +<%- if scope.function_versioncmp([scope.lookupvar('::apache::apache_version'), '2.4']) >= 0 -%> + IncludeOptional <%= @modsec_dir %>/*.conf + IncludeOptional <%= @modsec_dir %>/activated_rules/*.conf +<%- else -%> + Include <%= @modsec_dir %>/*.conf + Include <%= @modsec_dir %>/activated_rules/*.conf +<%- end -%> + + # Default recommended configuration + SecRuleEngine <%= @modsec_secruleengine %> + SecRequestBodyAccess On + SecRule REQUEST_HEADERS:Content-Type "text/xml" \ + "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML" + SecRequestBodyLimit 13107200 + SecRequestBodyNoFilesLimit 131072 + SecRequestBodyInMemoryLimit 131072 + SecRequestBodyLimitAction Reject + SecRule REQBODY_ERROR "!@eq 0" \ + "id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2" + SecRule MULTIPART_STRICT_ERROR "!@eq 0" \ + "id:'200002',phase:2,t:none,log,deny,status:44,msg:'Multipart request body failed strict validation: \ + PE %{REQBODY_PROCESSOR_ERROR}, \ + BQ %{MULTIPART_BOUNDARY_QUOTED}, \ + BW %{MULTIPART_BOUNDARY_WHITESPACE}, \ + DB %{MULTIPART_DATA_BEFORE}, \ + DA %{MULTIPART_DATA_AFTER}, \ + HF %{MULTIPART_HEADER_FOLDING}, \ + LF %{MULTIPART_LF_LINE}, \ + SM %{MULTIPART_MISSING_SEMICOLON}, \ + IQ %{MULTIPART_INVALID_QUOTING}, \ + IP %{MULTIPART_INVALID_PART}, \ + IH %{MULTIPART_INVALID_HEADER_FOLDING}, \ + FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'" + + SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \ + "id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'" + + SecPcreMatchLimit 1000 + SecPcreMatchLimitRecursion 1000 + + SecRule TX:/^MSC_/ "!@streq 0" \ + "id:'200004',phase:2,t:none,deny,msg:'ModSecurity internal error flagged: %{MATCHED_VAR_NAME}'" + + SecResponseBodyAccess Off + SecResponseBodyMimeType text/plain text/html text/xml + SecResponseBodyLimit 524288 + SecResponseBodyLimitAction ProcessPartial + SecDebugLogLevel 0 + SecAuditEngine RelevantOnly + SecAuditLogRelevantStatus "^(?:5|4(?!04))" + SecAuditLogParts ABIJDEFHZ + SecAuditLogType Serial + SecArgumentSeparator & + SecCookieFormat 0 +<%- if scope.lookupvar('::osfamily') == 'Debian' -%> + SecDebugLog /var/log/apache2/modsec_debug.log + SecAuditLog /var/log/apache2/modsec_audit.log + SecTmpDir /var/cache/modsecurity + SecDataDir /var/cache/modsecurity + SecUploadDir /var/cache/modsecurity +<% else -%> + SecDebugLog /var/log/httpd/modsec_debug.log + SecAuditLog /var/log/httpd/modsec_audit.log + SecTmpDir /var/lib/mod_security + SecDataDir /var/lib/mod_security + SecUploadDir /var/lib/mod_security +<% end -%> + SecUploadKeepFiles Off + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/security_crs.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/security_crs.conf.erb new file mode 100644 index 000000000..016efc797 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/security_crs.conf.erb @@ -0,0 +1,428 @@ +# --------------------------------------------------------------- +# Core ModSecurity Rule Set ver.2.2.6 +# Copyright (C) 2006-2012 Trustwave All rights reserved. +# +# The OWASP ModSecurity Core Rule Set is distributed under +# Apache Software License (ASL) version 2 +# Please see the enclosed LICENCE file for full details. +# --------------------------------------------------------------- + + +# +# -- [[ Recommended Base Configuration ]] ------------------------------------------------- +# +# The configuration directives/settings in this file are used to control +# the OWASP ModSecurity CRS. These settings do **NOT** configure the main +# ModSecurity settings such as: +# +# - SecRuleEngine +# - SecRequestBodyAccess +# - SecAuditEngine +# - SecDebugLog +# +# You should use the modsecurity.conf-recommended file that comes with the +# ModSecurity source code archive. +# +# Ref: http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/modsecurity.conf-recommended +# + + +# +# -- [[ Rule Version ]] ------------------------------------------------------------------- +# +# Rule version data is added to the "Producer" line of Section H of the Audit log: +# +# - Producer: ModSecurity for Apache/2.7.0-rc1 (http://www.modsecurity.org/); OWASP_CRS/2.2.4. +# +# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecComponentSignature +# +SecComponentSignature "OWASP_CRS/2.2.6" + + +# +# -- [[ Modes of Operation: Self-Contained vs. Collaborative Detection ]] ----------------- +# +# Each detection rule uses the "block" action which will inherit the SecDefaultAction +# specified below. Your settings here will determine which mode of operation you use. +# +# -- [[ Self-Contained Mode ]] -- +# Rules inherit the "deny" disruptive action. The first rule that matches will block. +# +# -- [[ Collaborative Detection Mode ]] -- +# This is a "delayed blocking" mode of operation where each matching rule will inherit +# the "pass" action and will only contribute to anomaly scores. Transactional blocking +# can be applied +# +# -- [[ Alert Logging Control ]] -- +# You have three options - +# +# - To log to both the Apache error_log and ModSecurity audit_log file use: "log" +# - To log *only* to the ModSecurity audit_log file use: "nolog,auditlog" +# - To log *only* to the Apache error_log file use: "log,noauditlog" +# +# Ref: http://blog.spiderlabs.com/2010/11/advanced-topic-of-the-week-traditional-vs-anomaly-scoring-detection-modes.html +# Ref: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecDefaultAction +# +SecDefaultAction "phase:1,deny,log" + + +# +# -- [[ Collaborative Detection Severity Levels ]] ---------------------------------------- +# +# These are the default scoring points for each severity level. You may +# adjust these to you liking. These settings will be used in macro expansion +# in the rules to increment the anomaly scores when rules match. +# +# These are the default Severity ratings (with anomaly scores) of the individual rules - +# +# - 2: Critical - Anomaly Score of 5. +# Is the highest severity level possible without correlation. It is +# normally generated by the web attack rules (40 level files). +# - 3: Error - Anomaly Score of 4. +# Is generated mostly from outbound leakage rules (50 level files). +# - 4: Warning - Anomaly Score of 3. +# Is generated by malicious client rules (35 level files). +# - 5: Notice - Anomaly Score of 2. +# Is generated by the Protocol policy and anomaly files. +# +SecAction \ + "id:'900001', \ + phase:1, \ + t:none, \ + setvar:tx.critical_anomaly_score=5, \ + setvar:tx.error_anomaly_score=4, \ + setvar:tx.warning_anomaly_score=3, \ + setvar:tx.notice_anomaly_score=2, \ + nolog, \ + pass" + + +# +# -- [[ Collaborative Detection Scoring Threshold Levels ]] ------------------------------ +# +# These variables are used in macro expansion in the 49 inbound blocking and 59 +# outbound blocking files. +# +# **MUST HAVE** ModSecurity v2.5.12 or higher to use macro expansion in numeric +# operators. If you have an earlier version, edit the 49/59 files directly to +# set the appropriate anomaly score levels. +# +# You should set the score to the proper threshold you would prefer. If set to "5" +# it will work similarly to previous Mod CRS rules and will create an event in the error_log +# file if there are any rules that match. If you would like to lessen the number of events +# generated in the error_log file, you should increase the anomaly score threshold to +# something like "20". This would only generate an event in the error_log file if +# there are multiple lower severity rule matches or if any 1 higher severity item matches. +# +SecAction \ + "id:'900002', \ + phase:1, \ + t:none, \ + setvar:tx.inbound_anomaly_score_level=5, \ + nolog, \ + pass" + + +SecAction \ + "id:'900003', \ + phase:1, \ + t:none, \ + setvar:tx.outbound_anomaly_score_level=4, \ + nolog, \ + pass" + + +# +# -- [[ Collaborative Detection Blocking ]] ----------------------------------------------- +# +# This is a collaborative detection mode where each rule will increment an overall +# anomaly score for the transaction. The scores are then evaluated in the following files: +# +# Inbound anomaly score - checked in the modsecurity_crs_49_inbound_blocking.conf file +# Outbound anomaly score - checked in the modsecurity_crs_59_outbound_blocking.conf file +# +# If you want to use anomaly scoring mode, then uncomment this line. +# +#SecAction \ + "id:'900004', \ + phase:1, \ + t:none, \ + setvar:tx.anomaly_score_blocking=on, \ + nolog, \ + pass" + + +# +# -- [[ GeoIP Database ]] ----------------------------------------------------------------- +# +# There are some rulesets that need to inspect the GEO data of the REMOTE_ADDR data. +# +# You must first download the MaxMind GeoIP Lite City DB - +# +# http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz +# +# You then need to define the proper path for the SecGeoLookupDb directive +# +# Ref: http://blog.spiderlabs.com/2010/10/detecting-malice-with-modsecurity-geolocation-data.html +# Ref: http://blog.spiderlabs.com/2010/11/detecting-malice-with-modsecurity-ip-forensics.html +# +#SecGeoLookupDb /opt/modsecurity/lib/GeoLiteCity.dat + +# +# -- [[ Regression Testing Mode ]] -------------------------------------------------------- +# +# If you are going to run the regression testing mode, you should uncomment the +# following rule. It will enable DetectionOnly mode for the SecRuleEngine and +# will enable Response Header tagging so that the client testing script can see +# which rule IDs have matched. +# +# You must specify the your source IP address where you will be running the tests +# from. +# +#SecRule REMOTE_ADDR "@ipMatch 192.168.1.100" \ + "id:'900005', \ + phase:1, \ + t:none, \ + ctl:ruleEngine=DetectionOnly, \ + setvar:tx.regression_testing=1, \ + nolog, \ + pass" + + +# +# -- [[ HTTP Policy Settings ]] ---------------------------------------------------------- +# +# Set the following policy settings here and they will be propagated to the 23 rules +# file (modsecurity_common_23_request_limits.conf) by using macro expansion. +# If you run into false positives, you can adjust the settings here. +# +# Only the max number of args is uncommented by default as there are a high rate +# of false positives. Uncomment the items you wish to set. +# +# +# -- Maximum number of arguments in request limited +SecAction \ + "id:'900006', \ + phase:1, \ + t:none, \ + setvar:tx.max_num_args=255, \ + nolog, \ + pass" + +# +# -- Limit argument name length +#SecAction \ + "id:'900007', \ + phase:1, \ + t:none, \ + setvar:tx.arg_name_length=100, \ + nolog, \ + pass" + +# +# -- Limit value name length +#SecAction \ + "id:'900008', \ + phase:1, \ + t:none, \ + setvar:tx.arg_length=400, \ + nolog, \ + pass" + +# +# -- Limit arguments total length +#SecAction \ + "id:'900009', \ + phase:1, \ + t:none, \ + setvar:tx.total_arg_length=64000, \ + nolog, \ + pass" + +# +# -- Individual file size is limited +#SecAction \ + "id:'900010', \ + phase:1, \ + t:none, \ + setvar:tx.max_file_size=1048576, \ + nolog, \ + pass" + +# +# -- Combined file size is limited +#SecAction \ + "id:'900011', \ + phase:1, \ + t:none, \ + setvar:tx.combined_file_sizes=1048576, \ + nolog, \ + pass" + + +# +# Set the following policy settings here and they will be propagated to the 30 rules +# file (modsecurity_crs_30_http_policy.conf) by using macro expansion. +# If you run into false positves, you can adjust the settings here. +# +SecAction \ + "id:'900012', \ + phase:1, \ + t:none, \ + setvar:'tx.allowed_methods=<%= @allowed_methods -%>', \ + setvar:'tx.allowed_request_content_type=<%= @content_types -%>', \ + setvar:'tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1', \ + setvar:'tx.restricted_extensions=<%= @restricted_extensions -%>', \ + setvar:'tx.restricted_headers=<%= @restricted_headers -%>', \ + nolog, \ + pass" + + +# +# -- [[ Content Security Policy (CSP) Settings ]] ----------------------------------------- +# +# The purpose of these settings is to send CSP response headers to +# Mozilla FireFox users so that you can enforce how dynamic content +# is used. CSP usage helps to prevent XSS attacks against your users. +# +# Reference Link: +# +# https://developer.mozilla.org/en/Security/CSP +# +# Uncomment this SecAction line if you want use CSP enforcement. +# You need to set the appropriate directives and settings for your site/domain and +# and activate the CSP file in the experimental_rules directory. +# +# Ref: http://blog.spiderlabs.com/2011/04/modsecurity-advanced-topic-of-the-week-integrating-content-security-policy-csp.html +# +#SecAction \ + "id:'900013', \ + phase:1, \ + t:none, \ + setvar:tx.csp_report_only=1, \ + setvar:tx.csp_report_uri=/csp_violation_report, \ + setenv:'csp_policy=allow \'self\'; img-src *.yoursite.com; media-src *.yoursite.com; style-src *.yoursite.com; frame-ancestors *.yoursite.com; script-src *.yoursite.com; report-uri %{tx.csp_report_uri}', \ + nolog, \ + pass" + + +# +# -- [[ Brute Force Protection ]] --------------------------------------------------------- +# +# If you are using the Brute Force Protection rule set, then uncomment the following +# lines and set the following variables: +# - Protected URLs: resources to protect (e.g. login pages) - set to your login page +# - Burst Time Slice Interval: time interval window to monitor for bursts +# - Request Threshold: request # threshold to trigger a burst +# - Block Period: temporary block timeout +# +#SecAction \ + "id:'900014', \ + phase:1, \ + t:none, \ + setvar:'tx.brute_force_protected_urls=/login.jsp /partner_login.php', \ + setvar:'tx.brute_force_burst_time_slice=60', \ + setvar:'tx.brute_force_counter_threshold=10', \ + setvar:'tx.brute_force_block_timeout=300', \ + nolog, \ + pass" + + +# +# -- [[ DoS Protection ]] ---------------------------------------------------------------- +# +# If you are using the DoS Protection rule set, then uncomment the following +# lines and set the following variables: +# - Burst Time Slice Interval: time interval window to monitor for bursts +# - Request Threshold: request # threshold to trigger a burst +# - Block Period: temporary block timeout +# +#SecAction \ + "id:'900015', \ + phase:1, \ + t:none, \ + setvar:'tx.dos_burst_time_slice=60', \ + setvar:'tx.dos_counter_threshold=100', \ + setvar:'tx.dos_block_timeout=600', \ + nolog, \ + pass" + + +# +# -- [[ Check UTF enconding ]] ----------------------------------------------------------- +# +# We only want to apply this check if UTF-8 encoding is actually used by the site, otherwise +# it will result in false positives. +# +# Uncomment this line if your site uses UTF8 encoding +#SecAction \ + "id:'900016', \ + phase:1, \ + t:none, \ + setvar:tx.crs_validate_utf8_encoding=1, \ + nolog, \ + pass" + + +# +# -- [[ Enable XML Body Parsing ]] ------------------------------------------------------- +# +# The rules in this file will trigger the XML parser upon an XML request +# +# Initiate XML Processor in case of xml content-type +# +SecRule REQUEST_HEADERS:Content-Type "text/xml" \ + "id:'900017', \ + phase:1, \ + t:none,t:lowercase, \ + nolog, \ + pass, \ + chain" + SecRule REQBODY_PROCESSOR "!@streq XML" \ + "ctl:requestBodyProcessor=XML" + + +# +# -- [[ Global and IP Collections ]] ----------------------------------------------------- +# +# Create both Global and IP collections for rules to use +# There are some CRS rules that assume that these two collections +# have already been initiated. +# +SecRule REQUEST_HEADERS:User-Agent "^(.*)$" \ + "id:'900018', \ + phase:1, \ + t:none,t:sha1,t:hexEncode, \ + setvar:tx.ua_hash=%{matched_var}, \ + nolog, \ + pass" + + +SecRule REQUEST_HEADERS:x-forwarded-for "^\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b" \ + "id:'900019', \ + phase:1, \ + t:none, \ + capture, \ + setvar:tx.real_ip=%{tx.1}, \ + nolog, \ + pass" + + +SecRule &TX:REAL_IP "!@eq 0" \ + "id:'900020', \ + phase:1, \ + t:none, \ + initcol:global=global, \ + initcol:ip=%{tx.real_ip}_%{tx.ua_hash}, \ + nolog, \ + pass" + + +SecRule &TX:REAL_IP "@eq 0" \ + "id:'900021', \ + phase:1, \ + t:none, \ + initcol:global=global, \ + initcol:ip=%{remote_addr}_%{tx.ua_hash}, \ + nolog, \ + pass" diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/setenvif.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/setenvif.conf.erb new file mode 100644 index 000000000..d31c79fe5 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/setenvif.conf.erb @@ -0,0 +1,34 @@ +# +# The following directives modify normal HTTP response behavior to +# handle known problems with browser implementations. +# +BrowserMatch "Mozilla/2" nokeepalive +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 +BrowserMatch "RealPlayer 4\.0" force-response-1.0 +BrowserMatch "Java/1\.0" force-response-1.0 +BrowserMatch "JDK/1\.0" force-response-1.0 + +# +# The following directive disables redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with Microsoft WebFolders which does not appropriately handle +# redirects for folders with DAV methods. +# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. +# +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^gvfs/1" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully +BrowserMatch " Konqueror/4" redirect-carefully + + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/ssl.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/ssl.conf.erb new file mode 100644 index 000000000..96b80b003 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/ssl.conf.erb @@ -0,0 +1,31 @@ + + SSLRandomSeed startup builtin + SSLRandomSeed startup file:/dev/urandom <%= @ssl_random_seed_bytes %> + SSLRandomSeed connect builtin + SSLRandomSeed connect file:/dev/urandom <%= @ssl_random_seed_bytes %> + + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + SSLPassPhraseDialog <%= @ssl_pass_phrase_dialog %> + SSLSessionCache "shmcb:<%= @session_cache %>" + SSLSessionCacheTimeout <%= @ssl_sessioncachetimeout %> +<% if @ssl_compression -%> + SSLCompression On +<% end -%> + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Mutex <%= @ssl_mutex %> + <%- else -%> + SSLMutex <%= @ssl_mutex %> + <%- end -%> + SSLCryptoDevice <%= @ssl_cryptodevice %> + SSLHonorCipherOrder <%= @ssl_honorcipherorder %> + SSLCipherSuite <%= @ssl_cipher %> + SSLProtocol <%= @ssl_protocol.compact.join(' ') %> +<% if @ssl_options -%> + SSLOptions <%= @ssl_options.compact.join(' ') %> +<% end -%> +<%- if @ssl_openssl_conf_cmd -%> + SSLOpenSSLConfCmd <%= @ssl_openssl_conf_cmd %> +<%- end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/status.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/status.conf.erb new file mode 100644 index 000000000..f02ed156f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/status.conf.erb @@ -0,0 +1,16 @@ +> + SetHandler server-status + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require ip <%= Array(@allow_from).join(" ") %> + <%- else -%> + Order deny,allow + Deny from all + Allow from <%= Array(@allow_from).join(" ") %> + <%- end -%> + +ExtendedStatus <%= @extended_status %> + + + # Show Proxy LoadBalancer status in mod_status + ProxyStatus On + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/suphp.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/suphp.conf.erb new file mode 100644 index 000000000..95fbf97c7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/suphp.conf.erb @@ -0,0 +1,19 @@ + + AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml + suPHP_AddHandler application/x-httpd-suphp + + + suPHP_Engine on + + + # By default, disable suPHP for debian packaged web applications as files + # are owned by root and cannot be executed by suPHP because of min_uid. + + suPHP_Engine off + + +# # Use a specific php config file (a dir which contains a php.ini file) +# suPHP_ConfigPath /etc/php4/cgi/suphp/ +# # Tells mod_suphp NOT to handle requests with the type . +# suPHP_RemoveHandler + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/unixd_fcgid.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/unixd_fcgid.conf.erb new file mode 100644 index 000000000..a82bc30df --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/unixd_fcgid.conf.erb @@ -0,0 +1,5 @@ + +<% @options.sort_by {|key, value| key}.each do |key, value| -%> + <%= key %> <%= value %> +<% end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/userdir.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/userdir.conf.erb new file mode 100644 index 000000000..83263c3d0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/userdir.conf.erb @@ -0,0 +1,27 @@ + +<% if @disable_root -%> + UserDir disabled root +<% end -%> + UserDir <%= @home %>/*/<%= @dir %> + + /*/<%= @dir %>"> + AllowOverride FileInfo AuthConfig Limit Indexes + Options <%= @options.join(' ') %> + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all granted + <%- else -%> + Order allow,deny + Allow from all + <%- end -%> + + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all granted + <%- else -%> + Order allow,deny + Allow from all + <%- end -%> + + + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/worker.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/worker.conf.erb new file mode 100644 index 000000000..ad2bc4461 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/worker.conf.erb @@ -0,0 +1,11 @@ + + ServerLimit <%= @serverlimit %> + StartServers <%= @startservers %> + MaxClients <%= @maxclients %> + MinSpareThreads <%= @minsparethreads %> + MaxSpareThreads <%= @maxsparethreads %> + ThreadsPerChild <%= @threadsperchild %> + MaxRequestsPerChild <%= @maxrequestsperchild %> + ThreadLimit <%= @threadlimit %> + ListenBacklog <%= @listenbacklog %> + diff --git a/modules/services/unix/http/apache/module/apache/templates/mod/wsgi.conf.erb b/modules/services/unix/http/apache/module/apache/templates/mod/wsgi.conf.erb new file mode 100644 index 000000000..18752d2c4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/mod/wsgi.conf.erb @@ -0,0 +1,13 @@ +# The WSGI Apache module configuration file is being +# managed by Puppet an changes will be overwritten. + + <%- if @wsgi_socket_prefix -%> + WSGISocketPrefix <%= @wsgi_socket_prefix %> + <%- end -%> + <%- if @wsgi_python_home -%> + WSGIPythonHome "<%= @wsgi_python_home %>" + <%- end -%> + <%- if @wsgi_python_path -%> + WSGIPythonPath "<%= @wsgi_python_path %>" + <%- end -%> + diff --git a/modules/services/unix/http/apache/module/apache/templates/namevirtualhost.erb b/modules/services/unix/http/apache/module/apache/templates/namevirtualhost.erb new file mode 100644 index 000000000..cf767680f --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/namevirtualhost.erb @@ -0,0 +1,8 @@ +<%# NameVirtualHost should always be one of: + - * + - *: + - _default_: + - + - : +-%> +NameVirtualHost <%= @addr_port %> diff --git a/modules/services/unix/http/apache/module/apache/templates/ports_header.erb b/modules/services/unix/http/apache/module/apache/templates/ports_header.erb new file mode 100644 index 000000000..4908db4ad --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/ports_header.erb @@ -0,0 +1,5 @@ +# ************************************ +# Listen & NameVirtualHost resources in module puppetlabs-apache +# Managed by Puppet +# ************************************ + diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_access_log.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_access_log.erb new file mode 100644 index 000000000..d1ec426a4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_access_log.erb @@ -0,0 +1,21 @@ +<% @_access_logs.each do |log| -%> +<% env ||= "env=#{log['env']}" if log['env'] -%> +<% env ||= '' -%> +<% format ||= "\"#{log['format']}\"" if log['format'] -%> +<% format ||= 'combined' -%> +<% if log['file'] -%> +<% if log['file'].chars.first == '/' -%> +<% destination = "#{log['file']}" -%> +<% else -%> +<% destination = "#{@logroot}/#{log['file']}" -%> +<% end -%> +<% elsif log['syslog'] -%> +<% destination = "syslog" -%> +<% elsif log['pipe'] -%> +<% destination = log['pipe'] -%> +<% else -%> +<% destination ||= "#{@logroot}/#{@name}_access_ssl.log" if @ssl -%> +<% destination ||= "#{@logroot}/#{@name}_access.log" -%> +<% end -%> + CustomLog "<%= destination %>" <%= format %> <%= env %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_action.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_action.erb new file mode 100644 index 000000000..8a0229059 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_action.erb @@ -0,0 +1,4 @@ +<% if @action -%> + + Action <%= @action %> /cgi-bin virtual +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_additional_includes.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_additional_includes.erb new file mode 100644 index 000000000..a07bb8112 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_additional_includes.erb @@ -0,0 +1,9 @@ +<% Array(@additional_includes).each do |include| -%> + + ## Load additional static includes +<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 && @use_optional_includes -%> + IncludeOptional "<%= include %>" +<%- else -%> + Include "<%= include %>" +<%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_aliases.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_aliases.erb new file mode 100644 index 000000000..f9771bc72 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_aliases.erb @@ -0,0 +1,16 @@ +<% if @aliases and ! @aliases.empty? -%> + ## Alias declarations for resources outside the DocumentRoot + <%- [@aliases].flatten.compact.each do |alias_statement| -%> + <%- if alias_statement["path"] != '' -%> + <%- if alias_statement["alias"] and alias_statement["alias"] != '' -%> + Alias <%= alias_statement["alias"] %> "<%= alias_statement["path"] %>" + <%- elsif alias_statement["aliasmatch"] and alias_statement["aliasmatch"] != '' -%> + AliasMatch <%= alias_statement["aliasmatch"] %> "<%= alias_statement["path"] %>" + <%- elsif alias_statement["scriptalias"] and alias_statement["scriptalias"] != '' -%> + ScriptAlias <%= alias_statement["scriptalias"] %> "<%= alias_statement["path"] %>" + <%- elsif alias_statement["scriptaliasmatch"] and alias_statement["scriptaliasmatch"] != '' -%> + ScriptAliasMatch <%= alias_statement["scriptaliasmatch"] %> "<%= alias_statement["path"] %>" + <%- end -%> + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_allow_encoded_slashes.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_allow_encoded_slashes.erb new file mode 100644 index 000000000..40c73433b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_allow_encoded_slashes.erb @@ -0,0 +1,4 @@ +<%- if @allow_encoded_slashes -%> + + AllowEncodedSlashes <%= @allow_encoded_slashes %> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_auth_kerb.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_auth_kerb.erb new file mode 100644 index 000000000..97f4c1fc6 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_auth_kerb.erb @@ -0,0 +1,32 @@ +<% if @auth_kerb -%> + + ## Kerberos directives + <%- if @krb_method_negotiate -%> + KrbMethodNegotiate <%= @krb_method_negotiate %> + <%- end -%> + <%- if @krb_method_k5passwd -%> + KrbMethodK5Passwd <%= @krb_method_k5passwd %> + <%- end -%> + <%- if @krb_authoritative -%> + KrbAuthoritative <%= @krb_authoritative %> + <%- end -%> + <%- if @krb_auth_realms and @krb_auth_realms.length >= 1 -%> + KrbAuthRealms <%= @krb_auth_realms.join(' ') %> + <%- end -%> + <%- if @krb_5keytab -%> + Krb5Keytab <%= @krb_5keytab %> + <%- end -%> + <%- if @krb_local_user_mapping -%> + KrbLocalUserMapping <%= @krb_local_user_mapping %> + <%- end -%> + <%- if @krb_verify_kdc -%> + KrbVerifyKDC <%= @krb_verify_kdc %> + <%- end -%> + <%- if @krb_servicename -%> + KrbServiceName <%= @krb_servicename %> + <%- end -%> + <%- if @krb_save_credentials -%> + KrbSaveCredentials <%= @krb_save_credentials -%> + <%- end -%> + +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_block.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_block.erb new file mode 100644 index 000000000..d0776829d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_block.erb @@ -0,0 +1,14 @@ +<% if @block and ! @block.empty? -%> + + ## Block access statements +<% if @block.include? 'scm' -%> + # Block access to SCM directories. + + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all denied + <%- else -%> + Deny From All + <%- end -%> + +<% end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_charsets.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_charsets.erb new file mode 100644 index 000000000..ef83def4b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_charsets.erb @@ -0,0 +1,4 @@ +<% if @add_default_charset -%> + + AddDefaultCharset <%= @add_default_charset %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_custom_fragment.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_custom_fragment.erb new file mode 100644 index 000000000..35c264adb --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_custom_fragment.erb @@ -0,0 +1,5 @@ +<% if @custom_fragment -%> + + ## Custom fragment + <%= @custom_fragment %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_directories.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_directories.erb new file mode 100644 index 000000000..49a9bd901 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_directories.erb @@ -0,0 +1,300 @@ +<% if @_directories and ! @_directories.empty? -%> + + ## Directories, there should at least be a declaration for <%= @docroot %> + <%- [@_directories].flatten.compact.each do |directory| -%> + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> + <%- scope.function_warning(["Apache::Vhost: Using allow is deprecated in your Apache version"]) -%> + <%- end -%> + <%- if directory['deny'] and ! [ false, 'false', '' ].include?(directory['deny']) -%> + <%- scope.function_warning(["Apache::Vhost: Using deny is deprecated in your Apache version"]) -%> + <%- end -%> + <%- if directory['order'] and ! [ false, 'false', '' ].include?(directory['order']) -%> + <%- scope.function_warning(["Apache::Vhost: Using order is deprecated in your Apache version"]) -%> + <%- end -%> + <%- if directory['satisfy'] and ! [ false, 'false', '' ].include?(directory['satisfy']) -%> + <%- scope.function_warning(["Apache::Vhost: Using satisfy is deprecated in your Apache version"]) -%> + <%- end -%> + <%- end -%> + <%- if directory['path'] and directory['path'] != '' -%> + <%- if directory['provider'] and directory['provider'].match('(directory|location|files|proxy)') -%> + <%- if /^(.*)match$/ =~ directory['provider'] -%> + <%- provider = $1.capitalize + 'Match' -%> + <%- else -%> + <%- provider = directory['provider'].capitalize -%> + <%- end -%> + <%- else -%> + <%- provider = 'Directory' -%> + <%- end -%> + <%- path = directory['path'] -%> + + <<%= provider %> "<%= path %>"> + <%- if directory['headers'] -%> + <%- Array(directory['headers']).each do |header| -%> + Header <%= header %> + <%- end -%> + <%- end -%> + <%- if ! directory['geoip_enable'].nil? -%> + GeoIPEnable <%= scope.function_bool2httpd([directory['geoip_enable']]) %> + <%- end -%> + <%- if directory['options'] -%> + Options <%= Array(directory['options']).join(' ') %> + <%- end -%> + <%- if provider == 'Directory' -%> + <%- if directory['index_options'] -%> + IndexOptions <%= Array(directory['index_options']).join(' ') %> + <%- end -%> + <%- if directory['index_order_default'] -%> + IndexOrderDefault <%= Array(directory['index_order_default']).join(' ') %> + <%- end -%> + <%- if directory['index_style_sheet'] -%> + IndexStyleSheet '<%= directory['index_style_sheet'] %>' + <%- end -%> + <%- if directory['allow_override'] -%> + AllowOverride <%= Array(directory['allow_override']).join(' ') %> + <%- elsif provider == 'Directory' -%> + AllowOverride None + <%- end -%> + <%- end -%> + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + <%- if directory['require'] && directory['require'] != '' && directory['require'] !~ /unmanaged/i -%> + <%- Array(directory['require']).each do |req| -%> + Require <%= req %> + <%- end -%> + <%- end -%> + <%- if directory['auth_require'] -%> + Require <%= directory['auth_require'] %> + <%- end -%> + <%- if !(directory['require'] && directory['require'] != '') && directory['require'] !~ /unmanaged/i && !(directory['auth_require']) -%> + Require all granted + <%- end -%> + <%- else -%> + <%- if directory['auth_require'] -%> + Require <%= directory['auth_require'] %> + <%- end -%> + <%- if directory['order'] and directory['order'] != '' -%> + Order <%= Array(directory['order']).join(',') %> + <%- else -%> + Order allow,deny + <%- end -%> + <%- if directory['deny'] and ! [ false, 'false', '' ].include?(directory['deny']) -%> + <%- if directory['deny'].kind_of?(Array) -%> + <%- Array(directory['deny']).each do |restrict| -%> + Deny <%= restrict %> + <%- end -%> + <%- else -%> + Deny <%= directory['deny'] %> + <%- end -%> + <%- end -%> + <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> + <%- if directory['allow'].kind_of?(Array) -%> + <%- Array(directory['allow']).each do |access| -%> + Allow <%= access %> + <%- end -%> + <%- else -%> + Allow <%= directory['allow'] %> + <%- end -%> + <%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%> + <%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%> + Deny from all + <%- else -%> + Allow from all + <%- end -%> + <%- if directory['satisfy'] and directory['satisfy'] != '' -%> + Satisfy <%= directory['satisfy'] %> + <%- end -%> + <%- end -%> + <%- if directory['addhandlers'] and ! directory['addhandlers'].empty? -%> + <%- [directory['addhandlers']].flatten.compact.each do |addhandler| -%> + )$"> + SetHandler <%= addhandler['handler'] %> + + <%- end -%> + <%- end -%> + <%- if directory['sethandler'] and directory['sethandler'] != '' -%> + SetHandler <%= directory['sethandler'] %> + <%- end -%> + <%- if directory['passenger_enabled'] and directory['passenger_enabled'] != '' -%> + PassengerEnabled <%= directory['passenger_enabled'] %> + <%- end -%> + <%- if directory['php_flags'] and ! directory['php_flags'].empty? -%> + <%- directory['php_flags'].sort.each do |flag,value| -%> + <%- value = if value =~ /true|yes|on|1/i then 'on' else 'off' end -%> + php_flag <%= "#{flag} #{value}" %> + <%- end -%> + <%- end -%> + <%- if directory['php_values'] and ! directory['php_values'].empty? -%> + <%- directory['php_values'].sort.each do |key,value| -%> + php_value <%= "#{key} #{value}" %> + <%- end -%> + <%- end -%> + <%- if directory['php_admin_flags'] and ! directory['php_admin_flags'].empty? -%> + <%- directory['php_admin_flags'].sort.each do |flag,value| -%> + <%- value = if value =~ /true|yes|on|1/i then 'on' else 'off' end -%> + php_admin_flag <%= "#{flag} #{value}" %> + <%- end -%> + <%- end -%> + <%- if directory['php_admin_values'] and ! directory['php_admin_values'].empty? -%> + <%- directory['php_admin_values'].sort.each do |key,value| -%> + php_admin_value <%= "#{key} #{value}" %> + <%- end -%> + <%- end -%> + <%- if directory['directoryindex'] and directory['directoryindex'] != '' -%> + DirectoryIndex <%= directory['directoryindex'] %> + <%- end -%> + <%- if directory['error_documents'] and ! directory['error_documents'].empty? -%> + <%- [directory['error_documents']].flatten.compact.each do |error_document| -%> + ErrorDocument <%= error_document['error_code'] %> <%= error_document['document'] %> + <%- end -%> + <%- end -%> + <%- if directory['auth_type'] -%> + AuthType <%= directory['auth_type'] %> + <%- end -%> + <%- if directory['auth_name'] -%> + AuthName "<%= directory['auth_name'] %>" + <%- end -%> + <%- if directory['auth_digest_algorithm'] -%> + AuthDigestAlgorithm <%= directory['auth_digest_algorithm'] %> + <%- end -%> + <%- if directory['auth_digest_domain'] -%> + AuthDigestDomain <%= Array(directory['auth_digest_domain']).join(' ') %> + <%- end -%> + <%- if directory['auth_digest_nonce_lifetime'] -%> + AuthDigestNonceLifetime <%= directory['auth_digest_nonce_lifetime'] %> + <%- end -%> + <%- if directory['auth_digest_provider'] -%> + AuthDigestProvider <%= directory['auth_digest_provider'] %> + <%- end -%> + <%- if directory['auth_digest_qop'] -%> + AuthDigestQop <%= directory['auth_digest_qop'] %> + <%- end -%> + <%- if directory['auth_digest_shmem_size'] -%> + AuthDigestShmemSize <%= directory['auth_digest_shmem_size'] %> + <%- end -%> + <%- if directory['auth_basic_authoritative'] -%> + AuthBasicAuthoritative <%= directory['auth_basic_authoritative'] %> + <%- end -%> + <%- if directory['auth_basic_fake'] -%> + AuthBasicFake <%= directory['auth_basic_fake'] %> + <%- end -%> + <%- if directory['auth_basic_provider'] -%> + AuthBasicProvider <%= directory['auth_basic_provider'] %> + <%- end -%> + <%- if directory['auth_user_file'] -%> + AuthUserFile <%= directory['auth_user_file'] %> + <%- end -%> + <%- if directory['auth_group_file'] -%> + AuthGroupFile <%= directory['auth_group_file'] %> + <%- end -%> + <%- if directory['fallbackresource'] -%> + FallbackResource <%= directory['fallbackresource'] %> + <%- end -%> + <%- if directory['expires_active'] -%> + ExpiresActive <%= directory['expires_active'] %> + <%- end -%> + <%- if directory['expires_default'] -%> + ExpiresDefault <%= directory['expires_default'] %> + <%- end -%> + <%- if directory['expires_by_type'] -%> + <%- Array(directory['expires_by_type']).each do |rule| -%> + ExpiresByType <%= rule %> + <%- end -%> + <%- end -%> + <%- if directory['ext_filter_options'] -%> + ExtFilterOptions <%= directory['ext_filter_options'] %> + <%- end -%> + <%- if directory['force_type'] -%> + ForceType <%= directory['force_type'] %> + <%- end -%> + <%- if directory['ssl_options'] -%> + SSLOptions <%= Array(directory['ssl_options']).join(' ') %> + <%- end -%> + <%- if directory['suphp'] and @suphp_engine == 'on' -%> + suPHP_UserGroup <%= directory['suphp']['user'] %> <%= directory['suphp']['group'] %> + <%- end -%> + <%- if directory['fcgiwrapper'] -%> + FcgidWrapper <%= directory['fcgiwrapper']['command'] %> <%= directory['fcgiwrapper']['suffix'] %> <%= directory['fcgiwrapper']['virtual'] %> + <%- end -%> + <%- if directory['rewrites'] -%> + # Rewrite rules + RewriteEngine On + <%- directory['rewrites'].flatten.compact.each do |rewrite_details| -%> + <%- if rewrite_details['comment'] -%> + #<%= rewrite_details['comment'] %> + <%- end -%> + <%- if rewrite_details['rewrite_base'] -%> + RewriteBase <%= rewrite_details['rewrite_base'] %> + <%- end -%> + <%- if rewrite_details['rewrite_cond'] -%> + <%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> + <%- Array(commands).each do |command| -%> + RewriteCond <%= command %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> + <%- Array(commands).each do |command| -%> + RewriteRule <%= command %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- end -%> + <%- if directory['setenv'] -%> + <%- Array(directory['setenv']).each do |setenv| -%> + SetEnv <%= setenv %> + <%- end -%> + <%- end -%> + <%- if directory['set_output_filter'] -%> + SetOutputFilter <%= directory['set_output_filter'] %> + <%- end -%> + <%- if @shibboleth_enabled -%> + <%- if directory['shib_require_session'] and ! directory['shib_require_session'].empty? -%> + ShibRequireSession <%= directory['shib_require_session'] %> + <%- end -%> + <%- if directory['shib_request_settings'] and ! directory['shib_request_settings'].empty? -%> + <%- directory['shib_request_settings'].each do |key,value| -%> + ShibRequestSetting <%= key %> <%= value %> + <%- end -%> + <%- end -%> + <%- if directory['shib_use_headers'] and ! directory['shib_use_headers'].empty? -%> + ShibUseHeaders <%= directory['shib_use_headers'] %> + <%- end -%> + <%- end -%> + <%- if directory['mellon_enable'] -%> + MellonEnable "<%= directory['mellon_enable'] %>" + <%- if directory['mellon_endpoint_path'] -%> + MellonEndpointPath "<%= directory['mellon_endpoint_path'] %>" + <%- end -%> + <%- if directory['mellon_sp_private_key_file'] -%> + MellonSPPrivateKeyFile "<%= directory['mellon_sp_private_key_file'] %>" + <%- end -%> + <%- if directory['mellon_sp_cert_file'] -%> + MellonSPCertFile "<%= directory['mellon_sp_cert_file'] %>" + <%- end -%> + <%- if directory['mellon_idp_metadata_file'] -%> + MellonIDPMetadataFile "<%= directory['mellon_idp_metadata_file'] %>" + <%- end -%> + <%- if directory['mellon_set_env_no_prefix'] -%> + <%- directory['mellon_set_env_no_prefix'].each do |key, value| -%> + MellonSetEnvNoPrefix "<%= key %>" "<%= value %>" + <%- end -%> + <%- end -%> + <%- if directory['mellon_user'] -%> + MellonUser "<%= directory['mellon_user'] %>" + <%- end -%> + <%- if directory['mellon_saml_response_dump'] -%> + MellonSamlResponseDump "<%= directory['mellon_saml_response_dump'] %>" + <%- end -%> + <%- if directory['mellon_cond'] -%> + <%- Array(directory['mellon_cond']).each do |cond| -%> + MellonCond <%= cond %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- if directory['custom_fragment'] -%> + <%= directory['custom_fragment'] %> + <%- end -%> + > + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_docroot.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_docroot.erb new file mode 100644 index 000000000..b67998b4b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_docroot.erb @@ -0,0 +1,7 @@ + + ## Vhost docroot +<% if @virtual_docroot -%> + VirtualDocumentRoot "<%= @virtual_docroot %>" +<% elsif @docroot -%> + DocumentRoot "<%= @docroot %>" +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_error_document.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_error_document.erb new file mode 100644 index 000000000..654e72c67 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_error_document.erb @@ -0,0 +1,7 @@ +<% if @error_documents and ! @error_documents.empty? -%> + <%- [@error_documents].flatten.compact.each do |error_document| -%> + <%- if error_document["error_code"] != '' and error_document["document"] != '' -%> + ErrorDocument <%= error_document["error_code"] %> <%= error_document["document"] %> + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_fallbackresource.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_fallbackresource.erb new file mode 100644 index 000000000..f1e4c35dc --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_fallbackresource.erb @@ -0,0 +1,4 @@ +<% if @fallbackresource -%> + + FallbackResource <%= @fallbackresource %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_fastcgi.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_fastcgi.erb new file mode 100644 index 000000000..3a2baa559 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_fastcgi.erb @@ -0,0 +1,22 @@ +<% if @fastcgi_server -%> + + FastCgiExternalServer <%= @fastcgi_server %> -socket <%= @fastcgi_socket %> +<% end -%> +<% if @fastcgi_dir -%> + + "> + Options +ExecCGI + AllowOverride All + SetHandler fastcgi-script + <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + Require all granted + <%- else -%> + Order allow,deny + Allow From All + <%- end -%> + AuthBasicAuthoritative Off + + + AllowEncodedSlashes On + ServerSignature Off +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_file_footer.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_file_footer.erb new file mode 100644 index 000000000..84035efa4 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_file_footer.erb @@ -0,0 +1 @@ + diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_file_header.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_file_header.erb new file mode 100644 index 000000000..5fd636a1e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_file_header.erb @@ -0,0 +1,12 @@ +# ************************************ +# Vhost template in module puppetlabs-apache +# Managed by Puppet +# ************************************ + +> +<% if @servername -%> + ServerName <%= @servername %> +<% end -%> +<% if @serveradmin -%> + ServerAdmin <%= @serveradmin %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_filters.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_filters.erb new file mode 100644 index 000000000..b86259734 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_filters.erb @@ -0,0 +1,10 @@ +<% if @filters and ! @filters.empty? -%> + + ## Filter module rules + ## as per http://httpd.apache.org/docs/2.2/mod/mod_filter.html + <%- Array(@filters).each do |filter| -%> + <%- if filter != '' -%> + <%= filter %> + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_header.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_header.erb new file mode 100644 index 000000000..c0f68c825 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_header.erb @@ -0,0 +1,10 @@ +<% if @headers and ! @headers.empty? -%> + + ## Header rules + ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header + <%- Array(@headers).each do |header_statement| -%> + <%- if header_statement != '' -%> + Header <%= header_statement %> + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_itk.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_itk.erb new file mode 100644 index 000000000..803a73db7 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_itk.erb @@ -0,0 +1,29 @@ +<% if @itk and ! @itk.empty? -%> + + ## ITK statement + + <%- if @itk["user"] and @itk["group"] -%> + AssignUserId <%= @itk["user"] %> <%= @itk["group"] %> + <%- end -%> + <%- if @itk["assignuseridexpr"] -%> + AssignUserIdExpr <%= @itk["assignuseridexpr"] %> + <%- end -%> + <%- if @itk["assigngroupidexpr"] -%> + AssignGroupIdExpr <%= @itk["assigngroupidexpr"] %> + <%- end -%> + <%- if @itk["maxclientvhost"] -%> + MaxClientsVHost <%= @itk["maxclientvhost"] %> + <%- end -%> + <%- if @itk["nice"] -%> + NiceValue <%= @itk["nice"] %> + <%- end -%> + <%- if @kernelversion >= '3.5.0' -%> + <%- if @itk["limituidrange"] -%> + LimitUIDRange <%= @itk["limituidrange"] %> + <%- end -%> + <%- if @itk["limitgidrange"] -%> + LimitGIDRange <%= @itk["limitgidrange"] %> + <%- end -%> + <%- end -%> + +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_logging.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_logging.erb new file mode 100644 index 000000000..35a924d29 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_logging.erb @@ -0,0 +1,10 @@ +<% if @error_log or @log_level -%> + + ## Logging +<% end -%> +<% if @error_log -%> + ErrorLog "<%= @error_log_destination %>" +<% end -%> +<% if @log_level -%> + LogLevel <%= @log_level %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger.erb new file mode 100644 index 000000000..130e76935 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger.erb @@ -0,0 +1,18 @@ +<% if @passenger_app_root -%> + PassengerAppRoot <%= @passenger_app_root %> +<% end -%> +<% if @passenger_app_env -%> + PassengerAppEnv <%= @passenger_app_env %> +<% end -%> +<% if @passenger_ruby -%> + PassengerRuby <%= @passenger_ruby %> +<% end -%> +<% if @passenger_min_instances -%> + PassengerMinInstances <%= @passenger_min_instances %> +<% end -%> +<% if @passenger_start_timeout -%> + PassengerStartTimeout <%= @passenger_start_timeout %> +<% end -%> +<% if @passenger_pre_start -%> + PassengerPreStart <%= @passenger_pre_start %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger_base_uris.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger_base_uris.erb new file mode 100644 index 000000000..f3ef5aa0a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_passenger_base_uris.erb @@ -0,0 +1,7 @@ +<% if @passenger_base_uris -%> + + ## Enable passenger base uris +<% Array(@passenger_base_uris).each do |uri| -%> + PassengerBaseURI <%= uri %> +<% end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_php.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_php.erb new file mode 100644 index 000000000..369fdb7f9 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_php.erb @@ -0,0 +1,12 @@ +<% if @php_values and not @php_values.empty? -%> + <%- @php_values.sort.each do |key,value| -%> + php_value <%= key %> <%= value %> + <%- end -%> +<% end -%> +<% if @php_flags and not @php_flags.empty? -%> + <%- @php_flags.sort.each do |key,flag| -%> + <%-# normalize flag -%> + <%- if flag =~ /true|yes|on|1/i then flag = 'on' else flag = 'off' end -%> + php_flag <%= key %> <%= flag %> + <%- end -%> +<% end -%> \ No newline at end of file diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_php_admin.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_php_admin.erb new file mode 100644 index 000000000..c0c8dd60a --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_php_admin.erb @@ -0,0 +1,12 @@ +<% if @php_admin_values and not @php_admin_values.empty? -%> + <%- @php_admin_values.sort.each do |key,value| -%> + php_admin_value <%= key %> <%= value %> + <%- end -%> +<% end -%> +<% if @php_admin_flags and not @php_admin_flags.empty? -%> + <%- @php_admin_flags.sort.each do |key,flag| -%> + <%-# normalize flag -%> + <%- if flag =~ /true|yes|on|1/i then flag = 'on' else flag = 'off' end -%> + php_admin_flag <%= key %> <%= flag %> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_proxy.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_proxy.erb new file mode 100644 index 000000000..4e36361ca --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_proxy.erb @@ -0,0 +1,84 @@ +<% if @proxy_dest or @proxy_pass or @proxy_pass_match or @proxy_dest_match -%> + + ## Proxy rules + ProxyRequests Off +<%- end -%> +<% if @proxy_preserve_host -%> + ProxyPreserveHost On +<% else -%> + ProxyPreserveHost Off +<%- end -%> +<% if @proxy_error_override -%> + ProxyErrorOverride On +<%- end -%> +<%- [@proxy_pass].flatten.compact.each do |proxy| -%> + ProxyPass <%= proxy['path'] %> <%= proxy['url'] -%> + <%- if proxy['params'] -%> + <%- proxy['params'].keys.sort.each do |key| -%> <%= key %>=<%= proxy['params'][key] -%> + <%- end -%> + <%- end -%> + <%- if proxy['keywords'] %> <%= proxy['keywords'].join(' ') -%> + <%- end %> + <%- if not proxy['reverse_cookies'].nil? -%> + <%- Array(proxy['reverse_cookies']).each do |reverse_cookies| -%> + <%- if reverse_cookies['path'] -%> + ProxyPassReverseCookiePath <%= reverse_cookies['path'] %> <%= reverse_cookies['url'] %> + <%- end -%> + <%- if reverse_cookies['domain'] -%> + ProxyPassReverseCookieDomain <%= reverse_cookies['domain'] %> <%= reverse_cookies['url'] %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- if proxy['reverse_urls'].nil? -%> + ProxyPassReverse <%= proxy['path'] %> <%= proxy['url'] %> + <%- else -%> + <%- Array(proxy['reverse_urls']).each do |reverse_url| -%> + ProxyPassReverse <%= proxy['path'] %> <%= reverse_url %> + <%- end -%> + <%- end -%> + <%- if proxy['setenv'] -%> + <%- Array(proxy['setenv']).each do |setenv_var| -%> + SetEnv <%= setenv_var %> + <%- end -%> + <%- end -%> + <%- if proxy['options'] -%> + <%- proxy['options'].keys.sort.each do |key| -%> + <%= key %> <%= proxy['options'][key] %> + <%- end -%> + <%- end -%> +<% end -%> +<% [@proxy_pass_match].flatten.compact.each do |proxy| %> + ProxyPassMatch <%= proxy['path'] %> <%= proxy['url'] -%> + <%- if proxy['params'] -%> + <%- proxy['params'].keys.sort.each do |key| -%> <%= key %>=<%= proxy['params'][key] -%> + <%- end -%> + <%- end -%> + <%- if proxy['keywords'] %> <%= proxy['keywords'].join(' ') -%> + <%- end %> + <%- if proxy['reverse_urls'].nil? -%> + ProxyPassReverse <%= proxy['path'] %> <%= proxy['url'] %> + <%- else -%> + <%- Array(proxy['reverse_urls']).each do |reverse_url| -%> + ProxyPassReverse <%= proxy['path'] %> <%= reverse_url %> + <%- end -%> + <%- end -%> + <%- if proxy['setenv'] -%> + <%- Array(proxy['setenv']).each do |setenv_var| -%> + SetEnv <%= setenv_var %> + <%- end -%> + <%- end -%> +<% end -%> +<% if @proxy_dest -%> +<%- Array(@no_proxy_uris).each do |uri| -%> + ProxyPass <%= uri %> ! +<% end -%> + ProxyPass / <%= @proxy_dest %>/ + ProxyPassReverse / <%= @proxy_dest %>/ +<% end -%> +<% if @proxy_dest_match -%> +<%- Array(@no_proxy_uris_match).each do |uri| -%> + ProxyPassMatch <%= uri %> ! +<% end -%> + ProxyPassMatch / <%= @proxy_dest_match %>/ + ProxyPassReverse / <%= @proxy_dest_reverse_match %>/ +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_rack.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_rack.erb new file mode 100644 index 000000000..4a5b5f1cd --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_rack.erb @@ -0,0 +1,7 @@ +<% if @rack_base_uris -%> + + ## Enable rack +<% Array(@rack_base_uris).each do |uri| -%> + RackBaseURI <%= uri %> +<% end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_redirect.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_redirect.erb new file mode 100644 index 000000000..69bbfd09d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_redirect.erb @@ -0,0 +1,25 @@ +<% if @redirect_source and @redirect_dest -%> +<% @redirect_dest_a = Array(@redirect_dest) -%> +<% @redirect_source_a = Array(@redirect_source) -%> +<% @redirect_status_a = Array(@redirect_status) -%> + + ## Redirect rules + <%- @redirect_source_a.each_with_index do |source, i| -%> +<% @redirect_dest_a[i] ||= @redirect_dest_a[0] -%> +<% @redirect_status_a[i] ||= @redirect_status_a[0] -%> + Redirect <%= "#{@redirect_status_a[i]} " %><%= source %> <%= @redirect_dest_a[i] %> + <%- end -%> +<% end -%> +<%- if @redirectmatch_status and @redirectmatch_regexp and @redirectmatch_dest -%> +<% @redirectmatch_status_a = Array(@redirectmatch_status) -%> +<% @redirectmatch_regexp_a = Array(@redirectmatch_regexp) -%> +<% @redirectmatch_dest_a = Array(@redirectmatch_dest) -%> + + ## RedirectMatch rules + <%- @redirectmatch_status_a.each_with_index do |status, i| -%> +<% @redirectmatch_status_a[i] ||= @redirectmatch_status_a[0] -%> +<% @redirectmatch_regexp_a[i] ||= @redirectmatch_regexp_a[0] -%> +<% @redirectmatch_dest_a[i] ||= @redirectmatch_dest_a[0] -%> + RedirectMatch <%= "#{@redirectmatch_status_a[i]} " %> <%= @redirectmatch_regexp_a[i] %> <%= @redirectmatch_dest_a[i] %> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_requestheader.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_requestheader.erb new file mode 100644 index 000000000..9f175052b --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_requestheader.erb @@ -0,0 +1,10 @@ +<% if @request_headers and ! @request_headers.empty? -%> + + ## Request header rules + ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader + <%- Array(@request_headers).each do |request_statement| -%> + <%- if request_statement != '' -%> + RequestHeader <%= request_statement %> + <%- end -%> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_rewrite.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_rewrite.erb new file mode 100644 index 000000000..81e3bc467 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_rewrite.erb @@ -0,0 +1,50 @@ +<%- if @rewrites -%> + ## Rewrite rules + RewriteEngine On + <%- if @rewrite_base -%> + RewriteBase <%= @rewrite_base %> + <%- end -%> + + <%- [@rewrites].flatten.compact.each do |rewrite_details| -%> + <%- if rewrite_details['comment'] -%> + #<%= rewrite_details['comment'] %> + <%- end -%> + <%- if rewrite_details['rewrite_base'] -%> + RewriteBase <%= rewrite_details['rewrite_base'] %> + <%- end -%> + <%- if rewrite_details['rewrite_cond'] -%> + <%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> + <%- Array(commands).each do |command| -%> + RewriteCond <%= command %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- if rewrite_details['rewrite_map'] -%> + <%- Array(rewrite_details['rewrite_map']).each do |commands| -%> + <%- Array(commands).each do |command| -%> + RewriteMap <%= command %> + <%- end -%> + <%- end -%> + <%- end -%> + <%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> + <%- Array(commands).each do |command| -%> + RewriteRule <%= command %> + <%- end -%> + + <%- end -%> + <%- end -%> +<%- end -%> +<%# reverse compatibility -%> +<% if @rewrite_rule and !@rewrites -%> + ## Rewrite rules + RewriteEngine On + <%- if @rewrite_base -%> + RewriteBase <%= @rewrite_base %> + <%- end -%> + <%- if @rewrite_cond -%> + <%- Array(@rewrite_cond).each do |cond| -%> + RewriteCond <%= cond %> + <%- end -%> + <%- end -%> + RewriteRule <%= @rewrite_rule %> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_scriptalias.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_scriptalias.erb new file mode 100644 index 000000000..bb4f6b316 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_scriptalias.erb @@ -0,0 +1,24 @@ +<%- if @scriptaliases.is_a?(Array) -%> +<%- aliases = @scriptaliases -%> +<%- elsif @scriptaliases.is_a?(Hash) -%> +<%- aliases = [@scriptaliases] -%> +<%- else -%> +<%- # Nothing to do with any other data type -%> +<%- aliases = [] -%> +<%- end -%> +<%- if @scriptalias or !aliases.empty? -%> + ## Script alias directives +<%# Combine scriptalais and scriptaliases into a single data structure -%> +<%# for backward compatibility and ease of implementation -%> +<%- aliases << { 'alias' => '/cgi-bin', 'path' => @scriptalias } if @scriptalias -%> +<%- aliases.flatten.compact! -%> +<%- aliases.each do |salias| -%> + <%- if salias["path"] != '' -%> + <%- if salias["alias"] and salias["alias"] != '' -%> + ScriptAlias <%= salias['alias'] %> "<%= salias['path'] %>" + <%- elsif salias["aliasmatch"] and salias["aliasmatch"] != '' -%> + ScriptAliasMatch <%= salias['aliasmatch'] %> "<%= salias['path'] %>" + <%- end -%> + <%- end -%> +<%- end -%> +<%- end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_security.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_security.erb new file mode 100644 index 000000000..5ab0a5b5d --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_security.erb @@ -0,0 +1,20 @@ +<% if @modsec_disable_vhost -%> + SecRuleEngine Off +<% end -%> +<% if @_modsec_disable_ids.is_a?(Hash) -%> +<% @_modsec_disable_ids.each do |location,rules| -%> + > +<% Array(rules).each do |rule| -%> + SecRuleRemoveById <%= rule %> +<% end -%> + +<% end -%> +<% end -%> +<% ips = Array(@modsec_disable_ips).join(',') %> +<% if ips != '' %> + SecRule REMOTE_ADDR "<%= ips %>" "nolog,allow,id:1234123455" + SecAction "phase:2,pass,nolog,id:1234123456" +<% end -%> +<% if @modsec_body_limit -%> + SecRequestBodyLimit <%= @modsec_body_limit %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_serveralias.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_serveralias.erb new file mode 100644 index 000000000..e08a55e32 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_serveralias.erb @@ -0,0 +1,7 @@ +<% if @serveraliases and ! @serveraliases.empty? -%> + + ## Server aliases + <%- Array(@serveraliases).each do |serveralias| -%> + ServerAlias <%= serveralias %> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_serversignature.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_serversignature.erb new file mode 100644 index 000000000..ff13aaf45 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_serversignature.erb @@ -0,0 +1 @@ + ServerSignature Off diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_setenv.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_setenv.erb new file mode 100644 index 000000000..ce1fa955e --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_setenv.erb @@ -0,0 +1,12 @@ +<% if @setenv and ! @setenv.empty? -%> + + ## SetEnv/SetEnvIf for environment variables + <%- Array(@setenv).each do |envvar| -%> + SetEnv <%= envvar %> + <%- end -%> +<% end -%> +<% if @setenvif and ! @setenvif.empty? -%> + <%- Array(@setenvif).each do |envifvar| -%> + SetEnvIf <%= envifvar %> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_ssl.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_ssl.erb new file mode 100644 index 000000000..797435cc1 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_ssl.erb @@ -0,0 +1,46 @@ +<% if @ssl -%> + + ## SSL directives + SSLEngine on + SSLCertificateFile "<%= @ssl_cert %>" + SSLCertificateKeyFile "<%= @ssl_key %>" + <%- if @ssl_chain -%> + SSLCertificateChainFile "<%= @ssl_chain %>" + <%- end -%> + <%- if @ssl_certs_dir && @ssl_certs_dir != '' -%> + SSLCACertificatePath "<%= @ssl_certs_dir %>" + <%- end -%> + <%- if @ssl_ca -%> + SSLCACertificateFile "<%= @ssl_ca %>" + <%- end -%> + <%- if @ssl_crl_path -%> + SSLCARevocationPath "<%= @ssl_crl_path %>" + <%- end -%> + <%- if @ssl_crl -%> + SSLCARevocationFile "<%= @ssl_crl %>" + <%- end -%> + <%- if @ssl_crl_check && scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> + SSLCARevocationCheck "<%= @ssl_crl_check %>" + <%- end -%> + <%- if @ssl_protocol -%> + SSLProtocol <%= [@ssl_protocol].flatten.compact.join(' ') %> + <%- end -%> + <%- if @ssl_cipher -%> + SSLCipherSuite <%= @ssl_cipher %> + <%- end -%> + <%- if @ssl_honorcipherorder -%> + SSLHonorCipherOrder <%= @ssl_honorcipherorder %> + <%- end -%> + <%- if @ssl_verify_client -%> + SSLVerifyClient <%= @ssl_verify_client %> + <%- end -%> + <%- if @ssl_verify_depth -%> + SSLVerifyDepth <%= @ssl_verify_depth %> + <%- end -%> + <%- if @ssl_options -%> + SSLOptions <%= Array(@ssl_options).join(' ') %> + <%- end -%> + <%- if @ssl_openssl_conf_cmd -%> + SSLOpenSSLConfCmd <%= @ssl_openssl_conf_cmd %> + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_sslproxy.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_sslproxy.erb new file mode 100644 index 000000000..568d9d1d0 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_sslproxy.erb @@ -0,0 +1,17 @@ +<% if @ssl_proxyengine -%> + + # SSL Proxy directives + SSLProxyEngine On + <%- if @ssl_proxy_verify -%> + SSLProxyVerify <%= @ssl_proxy_verify %> + <%- end -%> + <%- if @ssl_proxy_check_peer_cn -%> + SSLProxyCheckPeerCN <%= @ssl_proxy_check_peer_cn %> + <%- end -%> + <%- if @ssl_proxy_check_peer_name -%> + SSLProxyCheckPeerName <%= @ssl_proxy_check_peer_name %> + <%- end -%> + <%- if @ssl_proxy_machine_cert -%> + SSLProxyMachineCertificateFile "<%= @ssl_proxy_machine_cert %>" + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_suexec.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_suexec.erb new file mode 100644 index 000000000..8a7ae0f17 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_suexec.erb @@ -0,0 +1,4 @@ +<% if @suexec_user_group -%> + + SuexecUserGroup <%= @suexec_user_group %> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_suphp.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_suphp.erb new file mode 100644 index 000000000..e394b6f94 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_suphp.erb @@ -0,0 +1,11 @@ +<% if @suphp_engine == 'on' -%> + <%- if @suphp_addhandler -%> + suPHP_AddHandler <%= @suphp_addhandler %> + <%- end -%> + <%- if @suphp_engine -%> + suPHP_Engine <%= @suphp_engine %> + <%- end -%> + <%- if @suphp_configpath -%> + suPHP_ConfigPath "<%= @suphp_configpath %>" + <%- end -%> +<% end -%> diff --git a/modules/services/unix/http/apache/module/apache/templates/vhost/_wsgi.erb b/modules/services/unix/http/apache/module/apache/templates/vhost/_wsgi.erb new file mode 100644 index 000000000..9f01d4091 --- /dev/null +++ b/modules/services/unix/http/apache/module/apache/templates/vhost/_wsgi.erb @@ -0,0 +1,27 @@ +<% if @wsgi_application_group -%> + WSGIApplicationGroup <%= @wsgi_application_group %> +<% end -%> +<% if @wsgi_daemon_process and @wsgi_daemon_process_options -%> + WSGIDaemonProcess <%= @wsgi_daemon_process %> <%= @wsgi_daemon_process_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> +<% elsif @wsgi_daemon_process and !@wsgi_daemon_process_options -%> + WSGIDaemonProcess <%= @wsgi_daemon_process %> +<% end -%> +<% if @wsgi_import_script and @wsgi_import_script_options -%> + WSGIImportScript <%= @wsgi_import_script %> <%= @wsgi_import_script_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> +<% end -%> +<% if @wsgi_process_group -%> + WSGIProcessGroup <%= @wsgi_process_group %> +<% end -%> +<% if @wsgi_script_aliases and ! @wsgi_script_aliases.empty? -%> + <%- @wsgi_script_aliases.keys.sort.each do |key| -%> + <%- if key != '' and @wsgi_script_aliases[key] != ''-%> + WSGIScriptAlias <%= key %> "<%= @wsgi_script_aliases[key] %>" + <%- end -%> + <%- end -%> +<% end -%> +<% if @wsgi_pass_authorization -%> + WSGIPassAuthorization <%= @wsgi_pass_authorization %> +<% end -%> +<% if @wsgi_chunked_request -%> + WSGIChunkedRequest <%= @wsgi_chunked_request %> +<% end -%> From 386810cab4f28cce3916031c17b841d6b16064c6 Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Sat, 26 Mar 2016 19:45:13 +0000 Subject: [PATCH 07/13] Relates to SG-11 : Now able to generate a full wordpress site (Apache / SQL / Wordpress) --- config/scenario.xml | 4 +- lib/templates/vagrantbase.erb | 11 +- .../unix/wordpress/module/wordpress/CHANGELOG | 73 ++++++ .../unix/wordpress/module/wordpress/Gemfile | 19 ++ .../wordpress/module/wordpress/Modulefile | 13 ++ .../module/wordpress/README.markdown | 212 ++++++++++++++++++ .../unix/wordpress/module/wordpress/Rakefile | 1 + .../wordpress/module/wordpress/checksums.json | 32 +++ .../module/wordpress/manifests/app.pp | 46 ++++ .../module/wordpress/manifests/db.pp | 17 ++ .../module/wordpress/manifests/init.pp | 134 +++++++++++ .../module/wordpress/manifests/instance.pp | 130 +++++++++++ .../wordpress/manifests/instance/app.pp | 137 +++++++++++ .../module/wordpress/manifests/instance/db.pp | 30 +++ .../wordpress/module/wordpress/metadata.json | 16 ++ .../acceptance/nodesets/centos-6-vcloud.yml | 15 ++ .../acceptance/nodesets/centos-64-x64-pe.yml | 12 + .../acceptance/nodesets/centos-64-x64.yml | 10 + .../acceptance/nodesets/centos-65-x64.yml | 10 + .../spec/acceptance/nodesets/default.yml | 10 + .../acceptance/nodesets/fedora-18-x64.yml | 10 + .../spec/acceptance/nodesets/sles-11-x64.yml | 10 + .../nodesets/ubuntu-server-10044-x64.yml | 10 + .../nodesets/ubuntu-server-12042-x64.yml | 10 + .../spec/acceptance/wordpress_spec.rb | 102 +++++++++ .../wordpress/spec/classes/wordpress_spec.rb | 36 +++ .../wordpress/spec/defines/wordpress_spec.rb | 45 ++++ .../wordpress/module/wordpress/spec/spec.opts | 4 + .../module/wordpress/spec/spec_helper.rb | 1 + .../wordpress/spec/spec_helper_acceptance.rb | 35 +++ .../wordpress/templates/wp-config.php.erb | 110 +++++++++ .../wordpress/templates/wp-keysalts.php.erb | 21 ++ .../wordpress/module/wordpress/tests/init.pp | 7 + modules/build/unix/wordpress/wordpress.pp | 1 + .../unix/ftp/secure_ftp/secgen_metadata.xml | 8 +- .../unix/http/apache/secgen_metadata.xml | 5 + modules/services/unix/mysql/mysql/mysql.pp | 1 + .../unix/mysql/mysql/secgen_metadata.xml | 5 + xml/bases.xml | 2 +- 39 files changed, 1347 insertions(+), 8 deletions(-) create mode 100644 modules/build/unix/wordpress/module/wordpress/CHANGELOG create mode 100644 modules/build/unix/wordpress/module/wordpress/Gemfile create mode 100644 modules/build/unix/wordpress/module/wordpress/Modulefile create mode 100644 modules/build/unix/wordpress/module/wordpress/README.markdown create mode 100644 modules/build/unix/wordpress/module/wordpress/Rakefile create mode 100644 modules/build/unix/wordpress/module/wordpress/checksums.json create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/app.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/db.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/init.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/instance.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/instance/app.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/manifests/instance/db.pp create mode 100644 modules/build/unix/wordpress/module/wordpress/metadata.json create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-6-vcloud.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64-pe.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-65-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/default.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/fedora-18-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/sles-11-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/acceptance/wordpress_spec.rb create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/classes/wordpress_spec.rb create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/defines/wordpress_spec.rb create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/spec.opts create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/spec_helper.rb create mode 100644 modules/build/unix/wordpress/module/wordpress/spec/spec_helper_acceptance.rb create mode 100644 modules/build/unix/wordpress/module/wordpress/templates/wp-config.php.erb create mode 100644 modules/build/unix/wordpress/module/wordpress/templates/wp-keysalts.php.erb create mode 100644 modules/build/unix/wordpress/module/wordpress/tests/init.pp create mode 100644 modules/build/unix/wordpress/wordpress.pp create mode 100644 modules/services/unix/mysql/mysql/mysql.pp create mode 100644 modules/services/unix/mysql/mysql/secgen_metadata.xml diff --git a/config/scenario.xml b/config/scenario.xml index 03df98216..6e7e07dfa 100644 --- a/config/scenario.xml +++ b/config/scenario.xml @@ -1,12 +1,12 @@ - + - + --> diff --git a/lib/templates/vagrantbase.erb b/lib/templates/vagrantbase.erb index 4d2bd9a62..4ab7e94ab 100644 --- a/lib/templates/vagrantbase.erb +++ b/lib/templates/vagrantbase.erb @@ -17,7 +17,10 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| <% end %> <%= systems.id %>.vm.synced_folder "<%= MOUNT_DIR %>", "/mount" end - config.vm.provision :shell, :inline => "sed -i 's/squeeze/wheezy/g' /etc/apt/sources.list" + config.vm.provision :shell, :inline => "apt-get --yes --force-yes install ruby " + config.vm.provision :shell, :inline => "gem uninstall puppet" + config.vm.provision :shell, :inline => "gem install puppet -v '3.5.1'" + config.vm.provision :shell, :inline => "apt-get update --fix-missing" @@ -50,6 +53,12 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| <% end %> + config.vm.provision "puppet" do |wordpress| + wordpress.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" + wordpress.manifests_path = "<%="#{ROOT_DIR}/mount/puppet/manifest"%>" + wordpress.manifest_file = "wordpress.pp" + end + # clean up script which clears history from the VMs and clobs files together config.vm.provision "puppet" do |cleanup| cleanup.module_path = "<%="#{ROOT_DIR}/mount/puppet/module"%>" diff --git a/modules/build/unix/wordpress/module/wordpress/CHANGELOG b/modules/build/unix/wordpress/module/wordpress/CHANGELOG new file mode 100644 index 000000000..50c8e26b0 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/CHANGELOG @@ -0,0 +1,73 @@ +2014-10-15 Release 1.0.0 +Features +- Multiple instances ability via wordpress::instance +- New wp_debug, wp_debug_log, and wp_debug_display parameters for debug output +- New wp_config_content parameter for custom configuration + +Bugfixes: +- Convert rspec-system tests to beaker-rspec tests +- Updated readme + +2014-01-16 Release 0.6.0 +Features: +- Add `wordpress::wp_additional_config` parameter for custom template +fragments. +- Add `wordpress::wp_table_prefix` to customize the table prefix in mysql. + +Bugfixes: +- Fix idempotency for `mysql_grant` privileges. + +2013-12-17 Release 0.5.1 +Features: +- Update default version of wordpress to install to 3.8 +- Add `wordpress::wp_proxy_host` and `wordpress::wp_proxy_port` for proxying +plugin installation. +- Add `wordpress::wp_mulitsite` and `wordpress::wp_multisite` to enable +multisite support +- Update to work with latest 2.x puppetlabs-mysql +- Update to work with latest 1.x puppetlabs-concat +- Add rspec-system integration testing, travis testing, and autopublish + +Bugfixes: +- Fix ownership during installation to reduce log output and increase +idempotency. + +2013-12-17 Release 0.5.0 +This release is invalid and was removed. + +2013-09-19 Release 0.4.2 +Bugfixes: +- Correct Modulefile module name + +2013-09-19 Release 0.4.1 +Bugfixes: +- Escape \'s in the salt + +2013-06-17 Release 0.4.0 +Features: +- Add `wordpress::wp_lang` parameter +- Add `wordpress::wp_plugin_dir` parameter + +Bugfixes: +- Add class anchors +- Conditionalize directory management +- Fix `@db_host` template variable + +2012-12-31 Release 0.2.3 +Changes: +- Remove Apache php configuration; that responsibility falls outside of this module. + +2012-12-28 Release 0.2.2 +Bugfixes: +- Pass required parameters + +2012-12-28 Release 0.2.1 +Bugfixes: +- Remove extraneous files from module. + +2012-12-28 Release 0.2.0 +Changes: +- Add `install_url` parameter to download tarball from other location + +2012-12-28 Release 0.1.0 +- Initial rewrite from jonhadfield/master diff --git a/modules/build/unix/wordpress/module/wordpress/Gemfile b/modules/build/unix/wordpress/module/wordpress/Gemfile new file mode 100644 index 000000000..7a906ff0b --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/Gemfile @@ -0,0 +1,19 @@ +source 'https://rubygems.org' + +group :development, :test do + gem 'rake', :require => false + gem 'rspec-puppet', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'beaker-rspec', :require => false + gem 'puppet-lint', :require => false + gem 'pry', :require => false + gem 'simplecov', :require => false +end + +if puppetversion = ENV['PUPPET_GEM_VERSION'] + gem 'puppet', puppetversion, :require => false +else + gem 'puppet', :require => false +end + +# vim:ft=ruby diff --git a/modules/build/unix/wordpress/module/wordpress/Modulefile b/modules/build/unix/wordpress/module/wordpress/Modulefile new file mode 100644 index 000000000..3394ac6a3 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/Modulefile @@ -0,0 +1,13 @@ +name 'hunner-wordpress' +version '1.0.0' +source 'https://github.com/hunner/puppet-wordpress' +author 'Hunter Haugen' +license 'Apache2' +summary 'Puppet module to set up an instance of wordpress' +description 'Installs wordpress and required mysql db/user.' +project_page 'https://github.com/hunner/puppet-wordpress' + +## Add dependencies, if any: +dependency 'puppetlabs/concat', '>= 1.0.0' +dependency 'puppetlabs/mysql', '>= 2.1.0' +dependency 'puppetlabs/stdlib', '>= 2.3.1' diff --git a/modules/build/unix/wordpress/module/wordpress/README.markdown b/modules/build/unix/wordpress/module/wordpress/README.markdown new file mode 100644 index 000000000..1f868cb43 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/README.markdown @@ -0,0 +1,212 @@ +# WordPress Module + +## Overview + +This will set up one or more installations of Wordpress 3.8 on Debian and Redhat style distributions. + +## Capabilities + +#### Installation includes: + +- Configuration of WordPress DB connection parameters +- Generate secure keys and salts for `wp-config.php`. +- Optional creation of MySQL database/user/permissions. + +#### Requires: + +- Configuration of php-enabled webserver +- Configuration MySQL server +- PHP 5.3 or greater +- User specified by `wp_owner` must exist + +## Parameters + +### Class wordpress + +* `install_dir`
+ Specifies the directory into which wordpress should be installed. Default: `/opt/wordpress` + +* `install_url`
+ Specifies the url from which the wordpress tarball should be downloaded. Default: `http://wordpress.org` + +* `version`
+ Specifies the version of wordpress to install. Default: `3.8` + +* `create_db`
+ Specifies whether to create the db or not. Default: `true` + +* `create_db_user`
+ Specifies whether to create the db user or not. Default: `true` + +* `db_name`
+ Specifies the database name which the wordpress module should be configured to use. Default: `wordpress` + +* `db_host`
+ Specifies the database host to connect to. Default: `localhost` + +* `db_user`
+ Specifies the database user. Default: `wordpress` + +* `db_password`
+ Specifies the database user's password in plaintext. Default: `password` + +* `wp_owner`
+ Specifies the owner of the wordpress files. You must ensure this user exists as this module does not attempt to create it if missing. Default: `root` + +* `wp_group`
+ Specifies the group of the wordpress files. Default: `0` (\*BSD/Darwin compatible GID) + +* `wp_lang`
+ WordPress Localized Language. Default: '' + +* `wp_plugin_dir`
+ WordPress Plugin Directory. Full path, no trailing slash. Default: WordPress Default + +* `wp_additional_config`
+ Specifies a template to include near the end of the wp-config.php file to add additional options. Default: '' + +* `wp_config_content`
+ Specifies the entire content for wp-config.php. This causes many of the other parameters to be ignored and allows an entirely custom config to be passed. It is recommended to use `wp_additional_config` instead of this parameter when possible. + +* `wp_table_prefix`
+ Specifies the database table prefix. Default: wp_ + +* `wp_proxy_host`
+ Specifies a Hostname or IP of a proxy server for Wordpress to use to install updates, plugins, etc. Default: '' + +* `wp_proxy_port`
+ Specifies the port to use with the proxy host. Default: '' + +* `wp_multisite`
+ Specifies whether to enable the multisite feature. Requires `wp_site_domain` to also be passed. Default: `false` + +* `wp_site_domain`
+ Specifies the `DOMAIN_CURRENT_SITE` value that will be used when configuring multisite. Typically this is the address of the main wordpress instance. Default: '' + +* `wp_debug`
+ Specifies the `WP_DEBUG` value that will control debugging. This must be true if you use the next two debug extensions. Default: 'false' + +* `wp_debug_log`
+ Specifies the `WP_DEBUG_LOG` value that extends debugging to cause all errors to also be saved to a debug.log logfile insdie the /wp-content/ directory. Default: 'false' + +* `wp_debug_display`
+ Specifies the `WP_DEBUG_DISPLAY` value that extends debugging to cause debug messages to be shown inline, in HTML pages. Default: 'false' + +### Define wordpress::instance + +* The parameters for `wordpress::instance` is exactly the same as the class `wordpress` except as noted below. +* The title will be used as the default value for `install_dir` unless otherwise specified. +* The `db_name` and `db_user` parameters are required. + +### Other classes and defines + +The classes `wordpress::app` and `wordpress::db` and defines `wordpress::instance::app` and `wordpress::instance::db` are technically private, but any PRs which add documentation and tests so that they may be made public for multi-node deployments are welcome! + +## Example Usage + +Default single deployment (insecure; default passwords and installed as root): + +```puppet +class { 'wordpress': } +``` + +Basic deployment (secure database password, installed as `wordpress` user/group. NOTE: in this example you must ensure the `wordpress` user already exists): + +```puppet +class { 'wordpress': + wp_owner => 'wordpress', + wp_group => 'wordpress', + db_user => 'wordpress', + db_password => 'hvyH(S%t(\"0\"16', +} +``` + +Basic deployment of multiple instances (secure database password, installed as `wordpress` user/group): + +```puppet +wordpress::instance { '/opt/wordpress1': + wp_owner => 'wordpress1', + wp_group => 'wordpress1', + db_user => 'wordpress1', + db_name => 'wordpress1', + db_password => 'hvyH(S%t(\"0\"16', +} +wordpress::instance { '/opt/wordpress2': + wp_owner => 'wordpress2', + wp_group => 'wordpress2', + db_user => 'wordpress2', + db_name => 'wordpress2', + db_password => 'bb69381b4b9de3a232', +} +``` + +Externally hosted MySQL DB: + +```puppet +class { 'wordpress': + db_user => 'wordpress', + db_password => 'hvyH(S%t(\"0\"16', + db_host => 'db.example.com', +} +``` + +Disable module's database/user creation (the database and db user must still exist with correct permissions): + +```puppet +class { 'wordpress': + db_user => 'wordpress', + db_password => 'hvyH(S%t(\"0\"16', + create_db => false, + create_db_user => false, +} +``` + +Install specific version of WordPress: + +```puppet +class { 'wordpress': + version => '3.4', +} +``` + +Install WordPress to a specific directory: + +```puppet +class { 'wordpress': + install_dir => '/var/www/wordpress', +} +``` + +Download `wordpress-${version}.tar.gz` from an internal server: + +```puppet +class { 'wordpress': + install_url => 'http://internal.example.com/software', +} +``` + +Configure wordpress to download updates and plugins through a proxy: + +```puppet +class { 'wordpress': + proxy_host => 'http://my.proxy.corp.com', + proxy_port => '8080', +} +``` + +Enable the multisite wordpress feature: + +```puppet +class { 'wordpress': + wp_multisite => true, + wp_site_domain => 'blog.domain.com', +} +``` + +Add custom configuration to wp-config.php: + +```puppet +class { 'wordpress': + wp_additional_config => 'foo/wp-config-extra.php.erb', +} +``` diff --git a/modules/build/unix/wordpress/module/wordpress/Rakefile b/modules/build/unix/wordpress/module/wordpress/Rakefile new file mode 100644 index 000000000..cd3d37995 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/Rakefile @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/rake_tasks' diff --git a/modules/build/unix/wordpress/module/wordpress/checksums.json b/modules/build/unix/wordpress/module/wordpress/checksums.json new file mode 100644 index 000000000..0bdf56ac6 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/checksums.json @@ -0,0 +1,32 @@ +{ + "CHANGELOG": "ba576a0ae6f161e2e819c13a15dff5fd", + "Gemfile": "bdda4a55669a2bf8916f49d490a61771", + "Modulefile": "68f682f55645a6fcd737a4363efeea60", + "README.markdown": "b6657a19dc019a402c9dced8d79bde57", + "Rakefile": "0254db5d3fc38c67a2c160d7296a24f8", + "manifests/app.pp": "da4bf0828c6560ae23f7e59fd4950ead", + "manifests/db.pp": "ff3db53cd7fb2525e9387fc84ff9a6a6", + "manifests/init.pp": "f13b68c2c8344dd27e84ab1884e842b0", + "manifests/instance/app.pp": "35e091c60721ca8506e4bc1d307fbcfd", + "manifests/instance/db.pp": "fe0188226adb4958584f65d3e65e39a2", + "manifests/instance.pp": "a00ac7d6cf83eae37db20eebe9c4863d", + "metadata.json": "595d4419cdca855211fec50f2c704183", + "spec/acceptance/nodesets/centos-6-vcloud.yml": "bdf9ce9d3b0f0b4995666ae9d64d878d", + "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", + "spec/acceptance/nodesets/centos-64-x64.yml": "092dd2c588a9f87fa1fb12997c0723ef", + "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/default.yml": "092dd2c588a9f87fa1fb12997c0723ef", + "spec/acceptance/nodesets/fedora-18-x64.yml": "80e41b1ee16ea489f53164bfdae58855", + "spec/acceptance/nodesets/sles-11-x64.yml": "44e4c6c15c018333bfa9840a5e702f66", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", + "spec/acceptance/wordpress_spec.rb": "3efdf1b9a64dde0eef24c70b9cf06756", + "spec/classes/wordpress_spec.rb": "678d8ef399e31af535b999f4306aaf0a", + "spec/defines/wordpress_spec.rb": "0b7d8b2ca62c9734410ecbe2b3705500", + "spec/spec.opts": "c407193b3d9028941ef59edd114f5968", + "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", + "spec/spec_helper_acceptance.rb": "c042c527f40d5b1417b0228531082ded", + "templates/wp-config.php.erb": "3922ceee6b79943f3d0c92e72ee4477d", + "templates/wp-keysalts.php.erb": "e48447c1a47e8b66bc823ff1d49e0da7", + "tests/init.pp": "4086340a435b8b5b3fbbdb2b119c42e4" +} \ No newline at end of file diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/app.pp b/modules/build/unix/wordpress/module/wordpress/manifests/app.pp new file mode 100644 index 000000000..b9f42ccb8 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/app.pp @@ -0,0 +1,46 @@ +class wordpress::app ( + $install_dir, + $install_url, + $version, + $db_name, + $db_host, + $db_user, + $db_password, + $wp_owner, + $wp_group, + $wp_lang, + $wp_config_content, + $wp_plugin_dir, + $wp_additional_config, + $wp_table_prefix, + $wp_proxy_host, + $wp_proxy_port, + $wp_multisite, + $wp_site_domain, + $wp_debug, + $wp_debug_log, + $wp_debug_display, +) { + wordpress::instance::app { $install_dir: + install_dir => $install_dir, + install_url => $install_url, + version => $version, + db_name => $db_name, + db_host => $db_host, + db_user => $db_user, + db_password => $db_password, + wp_owner => $wp_owner, + wp_group => $wp_group, + wp_lang => $wp_lang, + wp_plugin_dir => $wp_plugin_dir, + wp_additional_config => $wp_additional_config, + wp_table_prefix => $wp_table_prefix, + wp_proxy_host => $wp_proxy_host, + wp_proxy_port => $wp_proxy_port, + wp_multisite => $wp_multisite, + wp_site_domain => $wp_site_domain, + wp_debug => $wp_debug, + wp_debug_log => $wp_debug_log, + wp_debug_display => $wp_debug_display, + } +} diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/db.pp b/modules/build/unix/wordpress/module/wordpress/manifests/db.pp new file mode 100644 index 000000000..39cfd63f1 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/db.pp @@ -0,0 +1,17 @@ +class wordpress::db ( + $create_db, + $create_db_user, + $db_name, + $db_host, + $db_user, + $db_password, +) { + wordpress::instance::db { "${db_host}/${db_name}": + create_db => $create_db, + create_db_user => $create_db_user, + db_name => $db_name, + db_host => $db_host, + db_user => $db_user, + db_password => $db_password, + } +} diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/init.pp b/modules/build/unix/wordpress/module/wordpress/manifests/init.pp new file mode 100644 index 000000000..4ba78c161 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/init.pp @@ -0,0 +1,134 @@ +# == Class: wordpress +# +# This module manages wordpress +# +# === Parameters +# +# [*install_dir*] +# Specifies the directory into which wordpress should be installed. Default: +# /opt/wordpress +# +# [*install_url*] +# Specifies the url from which the wordpress tarball should be downloaded. +# Default: http://wordpress.org +# +# [*version*] +# Specifies the version of wordpress to install. Default: 3.8 +# +# [*create_db*] +# Specifies whether to create the db or not. Default: true +# +# [*create_db_user*] +# Specifies whether to create the db user or not. Default: true +# +# [*db_name*] +# Specifies the database name which the wordpress module should be configured +# to use. Default: wordpress +# +# [*db_host*] +# Specifies the database host to connect to. Default: localhost +# +# [*db_user*] +# Specifies the database user. Default: wordpress +# +# [*db_password*] +# Specifies the database user's password in plaintext. Default: password +# +# [*wp_owner*] +# Specifies the owner of the wordpress files. You must ensure this user +# exists as this module does not attempt to create it if missing. Default: +# root +# +# [*wp_group*] +# Specifies the group of the wordpress files. Default: 0 (*BSD/Darwin +# compatible GID) +# +# [*wp_lang*] +# WordPress Localized Language. Default: '' +# +# +# [*wp_plugin_dir*] +# WordPress Plugin Directory. Full path, no trailing slash. Default: WordPress Default +# +# [*wp_additional_config*] +# Specifies a template to include near the end of the wp-config.php file to add additional options. Default: '' +# +# [*wp_table_prefix*] +# Specifies the database table prefix. Default: wp_ +# +# [*wp_proxy_host*] +# Specifies a Hostname or IP of a proxy server for Wordpress to use to install updates, plugins, etc. Default: '' +# +# [*wp_proxy_port*] +# Specifies the port to use with the proxy host. Default: '' +# +# [*wp_multisite*] +# Specifies whether to enable the multisite feature. Requires `wp_site_domain` to also be passed. Default: `false` +# +# [*wp_site_domain*] +# Specifies the `DOMAIN_CURRENT_SITE` value that will be used when configuring multisite. Typically this is the address of the main wordpress instance. Default: '' +# +# [*wp_debug*] +# Specifies the `WP_DEBUG` value that will control debugging. This must be true if you use the next two debug extensions. Default: 'false' +# +# [*wp_debug_log*] +# Specifies the `WP_DEBUG_LOG` value that extends debugging to cause all errors to also be saved to a debug.log logfile insdie the /wp-content/ directory. Default: 'false' +# +# [*wp_debug_display*] +# Specifies the `WP_DEBUG_DISPLAY` value that extends debugging to cause debug messages to be shown inline, in HTML pages. Default: 'false' +# +# === Requires +# +# === Examples +# +class wordpress ( + $install_dir = '/opt/wordpress', + $install_url = 'http://wordpress.org', + $version = '3.8', + $create_db = true, + $create_db_user = true, + $db_name = 'wordpress', + $db_host = 'localhost', + $db_user = 'wordpress', + $db_password = 'password', + $wp_owner = 'root', + $wp_group = '0', + $wp_lang = '', + $wp_config_content = undef, + $wp_plugin_dir = 'DEFAULT', + $wp_additional_config = 'DEFAULT', + $wp_table_prefix = 'wp_', + $wp_proxy_host = '', + $wp_proxy_port = '', + $wp_multisite = false, + $wp_site_domain = '', + $wp_debug = false, + $wp_debug_log = false, + $wp_debug_display = false, +) { + wordpress::instance { $install_dir: + install_dir => $install_dir, + install_url => $install_url, + version => $version, + create_db => $create_db, + create_db_user => $create_db_user, + db_name => $db_name, + db_host => $db_host, + db_user => $db_user, + db_password => $db_password, + wp_owner => $wp_owner, + wp_group => $wp_group, + wp_lang => $wp_lang, + wp_config_content => $wp_config_content, + wp_plugin_dir => $wp_plugin_dir, + wp_additional_config => $wp_additional_config, + wp_table_prefix => $wp_table_prefix, + wp_proxy_host => $wp_proxy_host, + wp_proxy_port => $wp_proxy_port, + wp_multisite => $wp_multisite, + wp_site_domain => $wp_site_domain, + wp_debug => $wp_debug, + wp_debug_log => $wp_debug_log, + wp_debug_display => $wp_debug_display, + } +} diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/instance.pp b/modules/build/unix/wordpress/module/wordpress/manifests/instance.pp new file mode 100644 index 000000000..bd4c0a8d8 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/instance.pp @@ -0,0 +1,130 @@ +# == Definition: wordpress::instance +# +# This module manages wordpress +# +# === Parameters +# +# [*install_dir*] +# Specifies the directory into which wordpress should be installed. Default: +# /opt/wordpress +# +# [*install_url*] +# Specifies the url from which the wordpress tarball should be downloaded. +# Default: http://wordpress.org +# +# [*version*] +# Specifies the version of wordpress to install. Default: 3.8 +# +# [*create_db*] +# Specifies whether to create the db or not. Default: true +# +# [*create_db_user*] +# Specifies whether to create the db user or not. Default: true +# +# [*db_name*] +# Specifies the database name which the wordpress module should be configured +# to use. Required. +# +# [*db_host*] +# Specifies the database host to connect to. Default: localhost +# +# [*db_user*] +# Specifies the database user. Required. +# +# [*db_password*] +# Specifies the database user's password in plaintext. Default: password +# +# [*wp_owner*] +# Specifies the owner of the wordpress files. Default: root +# +# [*wp_group*] +# Specifies the group of the wordpress files. Default: 0 (*BSD/Darwin +# compatible GID) +# +# [*wp_lang*] +# WordPress Localized Language. Default: '' +# +# +# [*wp_plugin_dir*] +# WordPress Plugin Directory. Full path, no trailing slash. Default: WordPress Default +# +# [*wp_additional_config*] +# Specifies a template to include near the end of the wp-config.php file to add additional options. Default: '' +# +# [*wp_table_prefix*] +# Specifies the database table prefix. Default: wp_ +# +# [*wp_proxy_host*] +# Specifies a Hostname or IP of a proxy server for Wordpress to use to install updates, plugins, etc. Default: '' +# +# [*wp_proxy_port*] +# Specifies the port to use with the proxy host. Default: '' +# +# [*wp_multisite*] +# Specifies whether to enable the multisite feature. Requires `wp_site_domain` to also be passed. Default: `false` +# +# [*wp_site_domain*] +# Specifies the `DOMAIN_CURRENT_SITE` value that will be used when configuring multisite. Typically this is the address of the main wordpress instance. Default: '' +# +# === Requires +# +# === Examples +# +define wordpress::instance ( + $db_name, + $db_user, + $install_dir = $title, + $install_url = 'http://wordpress.org', + $version = '3.8', + $create_db = true, + $create_db_user = true, + $db_host = 'localhost', + $db_password = 'password', + $wp_owner = 'root', + $wp_group = '0', + $wp_lang = '', + $wp_config_content = undef, + $wp_plugin_dir = 'DEFAULT', + $wp_additional_config = 'DEFAULT', + $wp_table_prefix = 'wp_', + $wp_proxy_host = '', + $wp_proxy_port = '', + $wp_multisite = false, + $wp_site_domain = '', + $wp_debug = false, + $wp_debug_log = false, + $wp_debug_display = false, +) { + wordpress::instance::app { $install_dir: + install_dir => $install_dir, + install_url => $install_url, + version => $version, + db_name => $db_name, + db_host => $db_host, + db_user => $db_user, + db_password => $db_password, + wp_owner => $wp_owner, + wp_group => $wp_group, + wp_lang => $wp_lang, + wp_config_content => $wp_config_content, + wp_plugin_dir => $wp_plugin_dir, + wp_additional_config => $wp_additional_config, + wp_table_prefix => $wp_table_prefix, + wp_proxy_host => $wp_proxy_host, + wp_proxy_port => $wp_proxy_port, + wp_multisite => $wp_multisite, + wp_site_domain => $wp_site_domain, + wp_debug => $wp_debug, + wp_debug_log => $wp_debug_log, + wp_debug_display => $wp_debug_display, + } + + wordpress::instance::db { "${db_host}/${db_name}": + create_db => $create_db, + create_db_user => $create_db_user, + db_name => $db_name, + db_host => $db_host, + db_user => $db_user, + db_password => $db_password, + } +} diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/instance/app.pp b/modules/build/unix/wordpress/module/wordpress/manifests/instance/app.pp new file mode 100644 index 000000000..43e66f6d7 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/instance/app.pp @@ -0,0 +1,137 @@ +define wordpress::instance::app ( + $install_dir, + $install_url, + $version, + $db_name, + $db_host, + $db_user, + $db_password, + $wp_owner, + $wp_group, + $wp_lang, + $wp_config_content, + $wp_plugin_dir, + $wp_additional_config, + $wp_table_prefix, + $wp_proxy_host, + $wp_proxy_port, + $wp_multisite, + $wp_site_domain, + $wp_debug, + $wp_debug_log, + $wp_debug_display, +) { + validate_string($install_dir,$install_url,$version,$db_name,$db_host,$db_user,$db_password,$wp_owner,$wp_group, $wp_lang, $wp_plugin_dir,$wp_additional_config,$wp_table_prefix,$wp_proxy_host,$wp_proxy_port,$wp_site_domain) + validate_bool($wp_multisite, $wp_debug, $wp_debug_log, $wp_debug_display) + validate_absolute_path($install_dir) + + if $wp_config_content and ($wp_lang or $wp_debug or $wp_debug_log or $wp_debug_display or $wp_proxy_host or $wp_proxy_port or $wp_multisite or $wp_site_domain) { + warning('When $wp_config_content is set, the following parameters are ignored: $wp_table_prefix, $wp_lang, $wp_debug, $wp_debug_log, $wp_debug_display, $wp_plugin_dir, $wp_proxy_host, $wp_proxy_port, $wp_multisite, $wp_site_domain, $wp_additional_config') + } + + if $wp_multisite and ! $wp_site_domain { + fail('wordpress class requires `wp_site_domain` parameter when `wp_multisite` is true') + } + + if $wp_debug_log and ! $wp_debug { + fail('wordpress class requires `wp_debug` parameter to be true, when `wp_debug_log` is true') + } + + if $wp_debug_display and ! $wp_debug { + fail('wordpress class requires `wp_debug` parameter to be true, when `wp_debug_display` is true') + } + + ## Resource defaults + File { + owner => $wp_owner, + group => $wp_group, + mode => '0644', + } + Exec { + path => ['/bin','/sbin','/usr/bin','/usr/sbin'], + cwd => $install_dir, + logoutput => 'on_failure', + } + + ## Installation directory + if ! defined(File[$install_dir]) { + file { $install_dir: + ensure => directory, + recurse => true, + } + } else { + notice("Warning: cannot manage the permissions of ${install_dir}, as another resource (perhaps apache::vhost?) is managing it.") + } + + ## Download and extract + exec { "Download wordpress ${install_url}/wordpress-${version}.tar.gz to ${install_dir}": + command => "wget ${install_url}/wordpress-${version}.tar.gz --no-check-certificate", + creates => "${install_dir}/wordpress-${version}.tar.gz", + require => File[$install_dir], + user => $wp_owner, + group => $wp_group, + } + -> exec { "Extract wordpress ${install_dir}": + command => "tar zxvf ./wordpress-${version}.tar.gz --strip-components=1", + creates => "${install_dir}/index.php", + user => $wp_owner, + group => $wp_group, + } + ~> exec { "Change ownership ${install_dir}": + command => "chown -R ${wp_owner}:${wp_group} ${install_dir}", + refreshonly => true, + user => $wp_owner, + group => $wp_group, + } + + ## Configure wordpress + # + concat { "${install_dir}/wp-config.php": + owner => $wp_owner, + group => $wp_group, + mode => '0755', + require => Exec["Extract wordpress ${install_dir}"], + } + if $wp_config_content { + concat::fragment { "${install_dir}/wp-config.php body": + target => "${install_dir}/wp-config.php", + content => $wp_config_content, + order => '20', + } + } else { + # Template uses no variables + file { "${install_dir}/wp-keysalts.php": + ensure => present, + content => template('wordpress/wp-keysalts.php.erb'), + replace => false, + require => Exec["Extract wordpress ${install_dir}"], + } + concat::fragment { "${install_dir}/wp-config.php keysalts": + target => "${install_dir}/wp-config.php", + source => "${install_dir}/wp-keysalts.php", + order => '10', + require => File["${install_dir}/wp-keysalts.php"], + } + # Template uses: + # - $db_name + # - $db_user + # - $db_password + # - $db_host + # - $wp_table_prefix + # - $wp_lang + # - $wp_plugin_dir + # - $wp_proxy_host + # - $wp_proxy_port + # - $wp_multisite + # - $wp_site_domain + # - $wp_additional_config + # - $wp_debug + # - $wp_debug_log + # - $wp_debug_display + concat::fragment { "${install_dir}/wp-config.php body": + target => "${install_dir}/wp-config.php", + content => template('wordpress/wp-config.php.erb'), + order => '20', + } + } +} diff --git a/modules/build/unix/wordpress/module/wordpress/manifests/instance/db.pp b/modules/build/unix/wordpress/module/wordpress/manifests/instance/db.pp new file mode 100644 index 000000000..29672d0c3 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/manifests/instance/db.pp @@ -0,0 +1,30 @@ +define wordpress::instance::db ( + $create_db, + $create_db_user, + $db_name, + $db_host, + $db_user, + $db_password, +) { + validate_bool($create_db,$create_db_user) + validate_string($db_name,$db_host,$db_user,$db_password) + + ## Set up DB using puppetlabs-mysql defined type + if $create_db { + mysql_database { "${db_host}/${db_name}": + name => $db_name, + charset => 'utf8', + } + } + if $create_db_user { + mysql_user { "${db_user}@${db_host}": + password_hash => mysql_password($db_password), + } + mysql_grant { "${db_user}@${db_host}/${db_name}.*": + table => "${db_name}.*", + user => "${db_user}@${db_host}", + privileges => ['ALL'], + } + } + +} diff --git a/modules/build/unix/wordpress/module/wordpress/metadata.json b/modules/build/unix/wordpress/module/wordpress/metadata.json new file mode 100644 index 000000000..d93ebd251 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/metadata.json @@ -0,0 +1,16 @@ +{ + "name": "hunner-wordpress", + "version": "1.0.0", + "author": "Hunter Haugen", + "summary": "Puppet module to set up an instance of wordpress", + "license": "Apache2", + "source": "https://github.com/hunner/puppet-wordpress", + "project_page": "https://github.com/hunner/puppet-wordpress", + "issues_url": "https://github.com/hunner/puppet-wordpress/issues", + "description": "Installs wordpress and required mysql db/user.", + "dependencies": [ + {"name":"puppetlabs/concat","version_requirement":">= 1.0.0"}, + {"name":"puppetlabs/mysql","version_requirement":">= 2.1.0"}, + {"name":"puppetlabs/stdlib","version_requirement":">= 2.3.1"} + ] +} diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-6-vcloud.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-6-vcloud.yml new file mode 100644 index 000000000..ca9c1d329 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-6-vcloud.yml @@ -0,0 +1,15 @@ +HOSTS: + 'centos-6-vcloud': + roles: + - master + platform: el-6-x86_64 + hypervisor: vcloud + template: centos-6-x86_64 +CONFIG: + type: foss + ssh: + keys: "~/.ssh/id_rsa-acceptance" + datastore: instance0 + folder: Delivery/Quality Assurance/Enterprise/Dynamic + resourcepool: delivery/Quality Assurance/Enterprise/Dynamic + pooling_api: http://vcloud.delivery.puppetlabs.net/ diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64-pe.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 000000000..7d9242f1b --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64.yml new file mode 100644 index 000000000..05540ed8c --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-64-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-65-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/default.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..05540ed8c --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/default.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-64-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/fedora-18-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..136164983 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/sles-11-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/sles-11-x64.yml new file mode 100644 index 000000000..41abe2135 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/sles-11-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11-x64.local: + roles: + - master + platform: sles-11-x64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5ca1514e4 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..d065b304f --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/build/unix/wordpress/module/wordpress/spec/acceptance/wordpress_spec.rb b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/wordpress_spec.rb new file mode 100644 index 000000000..6bdd060b9 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/acceptance/wordpress_spec.rb @@ -0,0 +1,102 @@ +require 'spec_helper_acceptance' + +describe "setting up a wordpress instance" do + it 'deploys a wordpress instance' do + pp = %{ + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::php': } + class { 'mysql::server': } + class { 'mysql::bindings': php_enable => true, } + host { 'wordpress.localdomain': ip => '127.0.0.1', } + + apache::vhost { 'wordpress.localdomain': + docroot => '/opt/wordpress', + port => '80', + } + + class { 'wordpress': + install_dir => '/opt/wordpress/blog', + require => Class['mysql::server'], + } + } + + expect(apply_manifest(pp, :catch_failures => true).stderr).to eq("") + expect(apply_manifest(pp, :catch_changes => true).stderr).to eq("") + + expect(shell("/usr/bin/curl wordpress.localdomain:80/blog/wp-admin/install.php").stdout).to match(/Install WordPress/) + end + + it 'deploys two wordpress instances' do + pp = %{ + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::php': } + class { 'mysql::server': } + class { 'mysql::bindings': php_enable => true, } + host { 'wordpress1.localdomain': ip => '127.0.0.1', } + host { 'wordpress2.localdomain': ip => '127.0.0.1', } + + apache::vhost { 'wordpress1.localdomain': + docroot => '/opt/wordpress1', + port => '80', + } + apache::vhost { 'wordpress2.localdomain': + docroot => '/opt/wordpress2', + port => '80', + } + + wordpress::instance { '/opt/wordpress1/blog': + db_name => 'wordpress1', + db_user => 'wordpress1', + require => Class['mysql::server'], + } + wordpress::instance { '/opt/wordpress2/blog': + db_name => 'wordpress2', + db_user => 'wordpress2', + require => Class['mysql::server'], + } + } + + expect(apply_manifest(pp, :catch_failures => true).stderr).to eq("") + expect(apply_manifest(pp, :catch_changes => true).stderr).to eq("") + + expect(shell("/usr/bin/curl wordpress1.localdomain:80/blog/wp-admin/install.php").stdout).to match(/Install WordPress/) + expect(shell("/usr/bin/curl wordpress1.localdomain:80/blog/wp-admin/install.php").stdout).to match(/Install WordPress/) + end + + it 'deploys a wordpress instance as the httpd user with a secure DB password and a specific location' do + pp = %{ + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::php': } + class { 'mysql::server': } + class { 'mysql::bindings::php': } + + apache::vhost { 'wordpress.localdomain': + docroot => '/var/www/wordpress', + port => '80', + } + + class { 'wordpress': + install_dir => '/var/www/wordpress/blog', + wp_owner => $apache::user, + wp_group => $apache::group, + db_name => 'wordpress', + db_host => 'localhost', + db_user => 'wordpress', + db_password => 'hvyH(S%t(\"0\"16', + } + } + + pending + end + + it 'deploys a wordpress instance with a remote DB' + it 'deploys a wordpress instance with a pre-existing DB' + it 'deploys a wordpress instance of a specific version' + it 'deploys a wordpress instance from an internal server' +end diff --git a/modules/build/unix/wordpress/module/wordpress/spec/classes/wordpress_spec.rb b/modules/build/unix/wordpress/module/wordpress/spec/classes/wordpress_spec.rb new file mode 100644 index 000000000..2ca2b6843 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/classes/wordpress_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper' + +describe 'wordpress', :type => :class do + context "on a RedHat 5 OS" do + let :facts do + { + :osfamily => 'RedHat', + :lsbmajdistrelease => '5', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress") } + it { should contain_wordpress__instance__db("localhost/wordpress") } + end + context "on a RedHat 6 OS" do + let :facts do + { + :osfamily => 'RedHat', + :lsbmajdistrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress") } + it { should contain_wordpress__instance__db("localhost/wordpress") } + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress") } + it { should contain_wordpress__instance__db("localhost/wordpress") } + end +end diff --git a/modules/build/unix/wordpress/module/wordpress/spec/defines/wordpress_spec.rb b/modules/build/unix/wordpress/module/wordpress/spec/defines/wordpress_spec.rb new file mode 100644 index 000000000..794f1cf4f --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/defines/wordpress_spec.rb @@ -0,0 +1,45 @@ +require 'spec_helper' + +describe 'wordpress::instance', :type => :define do + let :title do + '/opt/wordpress2' + end + let :params do + { + :db_user => 'test', + :db_name => 'test' + } + end + context "on a RedHat 5 OS" do + let :facts do + { + :osfamily => 'RedHat', + :lsbmajdistrelease => '5', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress2") } + it { should contain_wordpress__instance__db("localhost/test") } + end + context "on a RedHat 6 OS" do + let :facts do + { + :osfamily => 'RedHat', + :lsbmajdistrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress2") } + it { should contain_wordpress__instance__db("localhost/test") } + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :concat_basedir => '/dne', + } + end + it { should contain_wordpress__instance__app("/opt/wordpress2") } + it { should contain_wordpress__instance__db("localhost/test") } + end +end diff --git a/modules/build/unix/wordpress/module/wordpress/spec/spec.opts b/modules/build/unix/wordpress/module/wordpress/spec/spec.opts new file mode 100644 index 000000000..de653df4b --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/spec.opts @@ -0,0 +1,4 @@ +--format s +--colour +--loadby mtime +--backtrace diff --git a/modules/build/unix/wordpress/module/wordpress/spec/spec_helper.rb b/modules/build/unix/wordpress/module/wordpress/spec/spec_helper.rb new file mode 100644 index 000000000..2c6f56649 --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/spec_helper.rb @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/modules/build/unix/wordpress/module/wordpress/spec/spec_helper_acceptance.rb b/modules/build/unix/wordpress/module/wordpress/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..b0f000afc --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/spec/spec_helper_acceptance.rb @@ -0,0 +1,35 @@ +require 'beaker-rspec/spec_helper' +require 'beaker-rspec/helpers/serverspec' + +unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' + if hosts.first.is_pe? + install_pe + else + install_puppet({ :version => '3.6.2', + :facter_version => '2.1.0', + :hiera_version => '1.3.4', + :default_action => 'gem_install' }) + hosts.each {|h| on h, "/bin/echo '' > #{h['hieraconf']}" } + end + hosts.each do |host| + on host, "mkdir -p #{host['distmoduledir']}" + on host, puppet('module','install','puppetlabs-stdlib'), :acceptable_exit_codes => [0,1] + on host, puppet('module','install','puppetlabs-concat'), :acceptable_exit_codes => [0,1] + on host, puppet('module','install','puppetlabs-mysql' ), :acceptable_exit_codes => [0,1] + on host, puppet('module','install','puppetlabs-apache'), :acceptable_exit_codes => [0,1] + end +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + # Install module and dependencies + puppet_module_install(:source => proj_root, :module_name => 'wordpress') + end +end diff --git a/modules/build/unix/wordpress/module/wordpress/templates/wp-config.php.erb b/modules/build/unix/wordpress/module/wordpress/templates/wp-config.php.erb new file mode 100644 index 000000000..25d6a53cf --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/templates/wp-config.php.erb @@ -0,0 +1,110 @@ +/** + * The base configurations of the WordPress. + * + * This file has the following configurations: MySQL settings, Table Prefix, + * Secret Keys, WordPress Language, and ABSPATH. You can find more information + * by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing + * wp-config.php} Codex page. You can get the MySQL settings from your web host. + * + * This file is used by the wp-config.php creation script during the + * installation. You don't have to use the web site, you can just copy this file + * to "wp-config.php" and fill in the values. + * + * @package WordPress + */ + +// ** MySQL settings - You can get this info from your web host ** // +/** The name of the database for WordPress */ +define('DB_NAME', '<%= @db_name %>'); + +/** MySQL database username */ +define('DB_USER', '<%= @db_user %>'); + +/** MySQL database password */ +define('DB_PASSWORD', '<%= @db_password %>'); + +/** MySQL hostname */ +define('DB_HOST', '<%= @db_host %>'); + +/** Database Charset to use in creating database tables. */ +define('DB_CHARSET', 'utf8'); + +/** The Database Collate type. Don't change this if in doubt. */ +define('DB_COLLATE', ''); + +/** + * WordPress Database Table prefix. + * + * You can have multiple installations in one database if you give each a unique + * prefix. Only numbers, letters, and underscores please! + */ +$table_prefix = '<%= @wp_table_prefix %>'; + +/** + * WordPress Localized Language, defaults to English. + * + * Change this to localize WordPress. A corresponding MO file for the chosen + * language must be installed to wp-content/languages. For example, install + * de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German + * language support. + */ + +define('WPLANG', '<%= @wp_lang %>'); + +/** + * For developers: WordPress debugging mode. + * + * Change this to true to enable the display of notices during development. + * It is strongly recommended that plugin and theme developers use WP_DEBUG + * in their development environments. + * + * WP_DEBUG_LOG is a companion to WP_DEBUG that causes all errors to also be + * saved to a debug.log log file inside the /wp-content/ directory. This is + * useful if you want to review all notices later or need to view notices + * generated off-screen (e.g. during an AJAX request or wp-cron run). + * + * WP_DEBUG_DISPLAY is another companion to WP_DEBUG that controls whether + * debug messages are shown inside the HTML of pages or not. The default + * is 'true' which shows errors and warnings as they are generated. Setting + * this to false will hide all errors. This should be used in conjunction with + * WP_DEBUG_LOG so that errors can be reviewed later. + */ +define('WP_DEBUG', <%= @wp_debug %>); +define('WP_DEBUG_LOG', <%= @wp_debug_log %>); +define('WP_DEBUG_DISPLAY', <%= @wp_debug_display %>); + +<% if @wp_plugin_dir != 'DEFAULT' %> +define('WP_PLUGIN_DIR', '<%= @wp_plugin_dir %>'); +<% end %> + +<% if @wp_proxy_host and ! @wp_proxy_host.empty? %> +/* Proxy Settings */ +define('WP_PROXY_HOST', '<%= @wp_proxy_host %>'); +<% if @wp_proxy_port and ! @wp_proxy_port.empty? %> +define('WP_PROXY_PORT', '<%= @wp_proxy_port %>'); +<% end %> +<% end %> + +<% if @wp_multisite %> +/* Multisite */ +define('WP_ALLOW_MULTISITE', true); +define('MULTISITE', true); +define('SUBDOMAIN_INSTALL', true); +define('DOMAIN_CURRENT_SITE', '<%= @wp_site_domain %>'); +define('PATH_CURRENT_SITE', '/'); +define('SITE_ID_CURRENT_SITE', 1); +define('BLOG_ID_CURRENT_SITE', 1); +<% end %> + +<% if @wp_additional_config != 'DEFAULT' -%> +<%= scope.function_template([@wp_additional_config]) %> +<% end -%> +/* That's all, stop editing! Happy blogging. */ + +/** Absolute path to the WordPress directory. */ +if ( !defined('ABSPATH') ) + define('ABSPATH', dirname(__FILE__) . '/'); + +/** Sets up WordPress vars and included files. */ +require_once(ABSPATH . 'wp-settings.php'); + diff --git a/modules/build/unix/wordpress/module/wordpress/templates/wp-keysalts.php.erb b/modules/build/unix/wordpress/module/wordpress/templates/wp-keysalts.php.erb new file mode 100644 index 000000000..9f6a4c6dd --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/templates/wp-keysalts.php.erb @@ -0,0 +1,21 @@ +'); +define('SECURE_AUTH_KEY', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('LOGGED_IN_KEY', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('NONCE_KEY', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('AUTH_SALT', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('SECURE_AUTH_SALT', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('LOGGED_IN_SALT', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); +define('NONCE_SALT', '<%= (1..50).map{(rand(86)+40).chr}.join.gsub(/\\/,'\&\&') %>'); + +/**#@-*/ + diff --git a/modules/build/unix/wordpress/module/wordpress/tests/init.pp b/modules/build/unix/wordpress/module/wordpress/tests/init.pp new file mode 100644 index 000000000..4d39bb34f --- /dev/null +++ b/modules/build/unix/wordpress/module/wordpress/tests/init.pp @@ -0,0 +1,7 @@ +class { 'wordpress': + install_dir => '/var/www/wordpress', + db_name => 'wordpress', + db_host => 'localhost', + db_user => 'wordpress', + db_password => 'insecure password', +} diff --git a/modules/build/unix/wordpress/wordpress.pp b/modules/build/unix/wordpress/wordpress.pp new file mode 100644 index 000000000..e8deae806 --- /dev/null +++ b/modules/build/unix/wordpress/wordpress.pp @@ -0,0 +1 @@ +class { 'wordpress': } \ No newline at end of file diff --git a/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml b/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml index 1ed66b0a5..4d5dac914 100644 --- a/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml +++ b/modules/services/unix/ftp/secure_ftp/secgen_metadata.xml @@ -1,5 +1,5 @@ \ No newline at end of file + type="http" + name="apache" + description="A secure Apache service" + \ No newline at end of file diff --git a/modules/services/unix/http/apache/secgen_metadata.xml b/modules/services/unix/http/apache/secgen_metadata.xml index e69de29bb..4d5dac914 100644 --- a/modules/services/unix/http/apache/secgen_metadata.xml +++ b/modules/services/unix/http/apache/secgen_metadata.xml @@ -0,0 +1,5 @@ + \ No newline at end of file diff --git a/modules/services/unix/mysql/mysql/mysql.pp b/modules/services/unix/mysql/mysql/mysql.pp new file mode 100644 index 000000000..8e8b26480 --- /dev/null +++ b/modules/services/unix/mysql/mysql/mysql.pp @@ -0,0 +1 @@ +include '::mysql::server' diff --git a/modules/services/unix/mysql/mysql/secgen_metadata.xml b/modules/services/unix/mysql/mysql/secgen_metadata.xml new file mode 100644 index 000000000..8adaad64a --- /dev/null +++ b/modules/services/unix/mysql/mysql/secgen_metadata.xml @@ -0,0 +1,5 @@ + \ No newline at end of file diff --git a/xml/bases.xml b/xml/bases.xml index 9b1b8943c..9172f60ee 100644 --- a/xml/bases.xml +++ b/xml/bases.xml @@ -3,7 +3,7 @@ - + From 67d58a1e1f49c76045cbada94ff24d0ae7512943 Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Mon, 28 Mar 2016 21:07:27 +0100 Subject: [PATCH 08/13] Relates to SG-11 : Now able to generate a full wordpress site (Apache / SQL / Wordpress) --- config/scenario.xml | 3 +- lib/templates/vagrantbase.erb | 2 +- modules/build/unix/wordpress/wordpress.pp | 6 +- modules/services/unix/http/apache/apache.pp | 14 ++++ modules/services/unix/lamp/lamp/lamp.pp | 8 +++ .../unix/lamp/lamp/module/lamp/ChangeLog | 2 + .../unix/lamp/lamp/module/lamp/README.md | 71 +++++++++++++++++++ .../unix/lamp/lamp/module/lamp/Rakefile | 18 +++++ .../unix/lamp/lamp/module/lamp/checksums.json | 12 ++++ .../lamp/lamp/module/lamp/manifests/apache.pp | 8 +++ .../lamp/lamp/module/lamp/manifests/init.pp | 46 ++++++++++++ .../lamp/lamp/module/lamp/manifests/mysql.pp | 8 +++ .../unix/lamp/lamp/module/lamp/metadata.json | 61 ++++++++++++++++ .../module/lamp/spec/classes/init_spec.rb | 7 ++ .../lamp/lamp/module/lamp/spec/spec_helper.rb | 17 +++++ .../unix/lamp/lamp/module/lamp/tests/init.pp | 12 ++++ .../unix/lamp/lamp/secgen_metadata.xml | 5 ++ 17 files changed, 296 insertions(+), 4 deletions(-) create mode 100644 modules/services/unix/lamp/lamp/lamp.pp create mode 100644 modules/services/unix/lamp/lamp/module/lamp/ChangeLog create mode 100644 modules/services/unix/lamp/lamp/module/lamp/README.md create mode 100644 modules/services/unix/lamp/lamp/module/lamp/Rakefile create mode 100644 modules/services/unix/lamp/lamp/module/lamp/checksums.json create mode 100644 modules/services/unix/lamp/lamp/module/lamp/manifests/apache.pp create mode 100644 modules/services/unix/lamp/lamp/module/lamp/manifests/init.pp create mode 100644 modules/services/unix/lamp/lamp/module/lamp/manifests/mysql.pp create mode 100644 modules/services/unix/lamp/lamp/module/lamp/metadata.json create mode 100644 modules/services/unix/lamp/lamp/module/lamp/spec/classes/init_spec.rb create mode 100644 modules/services/unix/lamp/lamp/module/lamp/spec/spec_helper.rb create mode 100644 modules/services/unix/lamp/lamp/module/lamp/tests/init.pp create mode 100644 modules/services/unix/lamp/lamp/secgen_metadata.xml diff --git a/config/scenario.xml b/config/scenario.xml index 6e7e07dfa..cf07f04b6 100644 --- a/config/scenario.xml +++ b/config/scenario.xml @@ -5,8 +5,7 @@ - - + --> diff --git a/lib/templates/vagrantbase.erb b/lib/templates/vagrantbase.erb index 4ab7e94ab..24b44dcb8 100644 --- a/lib/templates/vagrantbase.erb +++ b/lib/templates/vagrantbase.erb @@ -20,10 +20,10 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.provision :shell, :inline => "apt-get --yes --force-yes install ruby " config.vm.provision :shell, :inline => "gem uninstall puppet" config.vm.provision :shell, :inline => "gem install puppet -v '3.5.1'" - config.vm.provision :shell, :inline => "apt-get update --fix-missing" + # Add secure services <% systems.services.each do |service| %> diff --git a/modules/build/unix/wordpress/wordpress.pp b/modules/build/unix/wordpress/wordpress.pp index e8deae806..b822404e6 100644 --- a/modules/build/unix/wordpress/wordpress.pp +++ b/modules/build/unix/wordpress/wordpress.pp @@ -1 +1,5 @@ -class { 'wordpress': } \ No newline at end of file +class { 'wordpress': + install_dir => '/var/www/wordpress', + db_user => 'root', + db_password => '' +} \ No newline at end of file diff --git a/modules/services/unix/http/apache/apache.pp b/modules/services/unix/http/apache/apache.pp index 9652701d4..bdd4acca0 100644 --- a/modules/services/unix/http/apache/apache.pp +++ b/modules/services/unix/http/apache/apache.pp @@ -1,3 +1,17 @@ +apache::fastcgi::server { 'php': + host => '127.0.0.1:9000', + timeout => 15, + flush => false, + faux_path => '/var/www/php.fcgi', + fcgi_alias => '/php.fcgi', + file_type => 'application/x-httpd-php' +} + +apache::vhost { 'www': +custom_fragment => 'AddType application/x-httpd-php .php', + docroot => '/var/www/wordpress' +} + class { 'apache': mpm_module => 'prefork' } \ No newline at end of file diff --git a/modules/services/unix/lamp/lamp/lamp.pp b/modules/services/unix/lamp/lamp/lamp.pp new file mode 100644 index 000000000..30b90b49b --- /dev/null +++ b/modules/services/unix/lamp/lamp/lamp.pp @@ -0,0 +1,8 @@ +include lamp + +#probably dont need this additional section but PHP wont work without it. +exec { 'add_sql': + command => 'apt-get --yes --force-yes install php5-mysql', + provider => 'shell' + # path => [ '/usr/local/bin/', '/bin/' ], # alternative syntax +} diff --git a/modules/services/unix/lamp/lamp/module/lamp/ChangeLog b/modules/services/unix/lamp/lamp/module/lamp/ChangeLog new file mode 100644 index 000000000..c2657a052 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/ChangeLog @@ -0,0 +1,2 @@ +2015-04-10 - 1.1.0 +* LAMP environment deployed and tested on RedHat/CentOS/Debian/Ubuntu operating systems diff --git a/modules/services/unix/lamp/lamp/module/lamp/README.md b/modules/services/unix/lamp/lamp/module/lamp/README.md new file mode 100644 index 000000000..d161112b1 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/README.md @@ -0,0 +1,71 @@ +# lamp + +#### Table of Contents + +1. [Overview](#overview) +2. [Module Description](#module-description) +3. [Setup](#setup) + * [What lamp affects](#what-lamp-affects) + * [Beginning with lamp](#beginning-with-lamp) +4. [Usage](#usage) +5. [Reference](#reference) +5. [Limitations](#limitations) +6. [Development](#development) +7. [Release Notes](#release) + +## Overview + +This module helps with automation of LAMP stack deploy environment on RedHat/CentOS/Debian/Ubuntu distributions. + +## Module Description + +The main purpose of lamp module is the automation of puppetlabs apache and mysql modules which were chosen as the main modules for apache/mysql/php configuration and deploy. So all the next particular components configurations must be done inside apache and mysql modules itself, which installed as dependencies to lamp module. + +Look into apache/README.md and mysql/README.md descriptions for more configuration and usage technical details. + +## Setup + +### What lamp affects + +* configuration files and directories (created and written to) + * **WARNING**: Configurations that are *not* managed by Puppet will be purged. +* package/service/configuration files for Apache +* Apache modules +* virtual hosts +* listened-to ports +* `/etc/make.conf` on FreeBSD and Gentoo +* depends on module 'gentoo/puppet-portage' for Gentoo + + +### Beginning with lamp + + To get LAMP installed on your "mywebserver.dev.local" node lamp class needs to be added in site.pp configuration file: + + node 'mywebserver.dev.local' { + include lamp + } + +## Usage + + Apache and MySQL installation configured inside the lamp::apache and lamp::mysql classes, where they could be disabled if required. + +## Reference + + Though mpm 'worker' apache module is configured for Debian/Ubuntu distributions in puppetlabs-apache params by default, the lamp::apache class configured for mpm 'prefork' apache module usage for all distributions include Debian and Ubuntu because of apache php module installation requirement. But this configuration could be changed if necessary inside the lamp::apache '::apache': class parameters. Also php installation could be disabled with commented include ::apache::mod::php line in this class. + + +## Limitations + +Module tested with RedHat/CentOS/Debian/Ubuntu operating systems, but it's additional puppetlabs components supposed to works with OracleLinux and Scientific distributions also. + +## Development + +This module could be used by others puppet users as helpful base for next CMS systems like Drupal, Joomla or Wordpress. + +## Release Notes + +Release 1.1.0. + +LAMP deploy for RedHat/CentOS/Debian/Ubuntu operating systems. + + diff --git a/modules/services/unix/lamp/lamp/module/lamp/Rakefile b/modules/services/unix/lamp/lamp/module/lamp/Rakefile new file mode 100644 index 000000000..d1e11f798 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/Rakefile @@ -0,0 +1,18 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] + +desc "Validate manifests, templates, and ruby files" +task :validate do + Dir['manifests/**/*.pp'].each do |manifest| + sh "puppet parser validate --noop #{manifest}" + end + Dir['spec/**/*.rb','lib/**/*.rb'].each do |ruby_file| + sh "ruby -c #{ruby_file}" unless ruby_file =~ /spec\/fixtures/ + end + Dir['templates/**/*.erb'].each do |template| + sh "erb -P -x -T '-' #{template} | ruby -c" + end +end diff --git a/modules/services/unix/lamp/lamp/module/lamp/checksums.json b/modules/services/unix/lamp/lamp/module/lamp/checksums.json new file mode 100644 index 000000000..476ad37bf --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/checksums.json @@ -0,0 +1,12 @@ +{ + "ChangeLog": "5b2b703aec32f3fd59d14cb7bdfc7a6c", + "README.md": "3d26239d1981ee13be5c53d6ef1187a3", + "Rakefile": "20b80e526e351a74df2001f504e756d2", + "manifests/apache.pp": "0a83be988699e6debf81a5d93af2641d", + "manifests/init.pp": "c5401a6950b8e576b8b5ea9970e4fc65", + "manifests/mysql.pp": "33e00aecad89ca381a1c35427e3146d3", + "metadata.json": "3c761b019c216ea0d79da474fa7b7b39", + "spec/classes/init_spec.rb": "41a2b9253e06c120efe6227aa20196cb", + "spec/spec_helper.rb": "a55d1e6483344f8ec6963fcb2c220372", + "tests/init.pp": "fcb1cd3be3ee69614bbb0b087d17a8ec" +} \ No newline at end of file diff --git a/modules/services/unix/lamp/lamp/module/lamp/manifests/apache.pp b/modules/services/unix/lamp/lamp/module/lamp/manifests/apache.pp new file mode 100644 index 000000000..3d5f4c02c --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/manifests/apache.pp @@ -0,0 +1,8 @@ +# Class lamp::apache +# This class installs Apache Web Server with help of puppetlabs-apache module with enabled PHP +# + +class lamp::apache { +class {'::apache': mpm_module => 'prefork',} +include ::apache::mod::php +} diff --git a/modules/services/unix/lamp/lamp/module/lamp/manifests/init.pp b/modules/services/unix/lamp/lamp/module/lamp/manifests/init.pp new file mode 100644 index 000000000..4c09be44f --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/manifests/init.pp @@ -0,0 +1,46 @@ +# == Class: lamp +# +# The main lamp class created for automatically deploy LAMP (Linux/Apache/MySQL/PHP) complex environment on web server. +# This class uses additional puppetlabs-apache and puppetlabs-mysql modules. +# All next possible required environment configuration changes must be done in this parent apache and mysql modules itself. +# +# === Parameters +# +# List of classes runs from lamp +# +# include ::lamp::apache +# Deploy apache web server, with configured php +# +# include ::lamp::mysql +# Deploy mysql database server +# +# Notes: any from this components could be commented if you don't need to install all of them +# +# +# === Examples +# +# To get LAMP installed on your "mywebserver.dev.local" node lamp class needs to be added in site.pp configuration file: +# +# node 'mywebserver.dev.local' { +# include lamp +# } +# +# +# === Authors +# +# Alexander Golovin, https://github.com/alexggolovin +# +# === Copyright +# +# Copyright 2015 alexggolovin +# + +class lamp { + +include ::lamp::apache +include ::lamp::mysql + +} + + + diff --git a/modules/services/unix/lamp/lamp/module/lamp/manifests/mysql.pp b/modules/services/unix/lamp/lamp/module/lamp/manifests/mysql.pp new file mode 100644 index 000000000..5764103dd --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/manifests/mysql.pp @@ -0,0 +1,8 @@ +# Class lamp::mysql +# This class installs mysql database server from puppetlabs-mysql module as a LAMP component + +class lamp::mysql { + + include ::mysql::server + +} diff --git a/modules/services/unix/lamp/lamp/module/lamp/metadata.json b/modules/services/unix/lamp/lamp/module/lamp/metadata.json new file mode 100644 index 000000000..6d7f96c36 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/metadata.json @@ -0,0 +1,61 @@ +{ + "name": "alexggolovin-lamp", + "version": "1.1.0", + "author": "alexggolovin", + "summary": "LAMP basic configuration and deploy module", + "license": "Apache 2.0", + "source": "https://github.com/alexggolovin/alexggolovin-lamp", + "project_page": "https://github.com/alexggolovin/alexggolovin-lamp", + "issues_url": "https://github.com/alexggolovin/alexggolovin-lamp/issues", + "tags": [ + "lamp", + "linux", + "apache", + "mysql", + "php" + ], + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04" + ] + } + ], + "description": "LAMP basic configuration and deploy module on RedHat/CentOS/Debian/Ubuntu Linux distributions", + "dependencies": [ + { + "name": "puppetlabs/apache", + "version_requirement": "1.x" + }, + { + "name": "puppetlabs/mysql", + "version_requirement": "3.x" + } + ] +} diff --git a/modules/services/unix/lamp/lamp/module/lamp/spec/classes/init_spec.rb b/modules/services/unix/lamp/lamp/module/lamp/spec/classes/init_spec.rb new file mode 100644 index 000000000..86268dfa4 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/spec/classes/init_spec.rb @@ -0,0 +1,7 @@ +require 'spec_helper' +describe 'lamp' do + + context 'with defaults for all parameters' do + it { should contain_class('lamp') } + end +end diff --git a/modules/services/unix/lamp/lamp/module/lamp/spec/spec_helper.rb b/modules/services/unix/lamp/lamp/module/lamp/spec/spec_helper.rb new file mode 100644 index 000000000..5fda58875 --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/spec/spec_helper.rb @@ -0,0 +1,17 @@ +dir = File.expand_path(File.dirname(__FILE__)) +$LOAD_PATH.unshift File.join(dir, 'lib') + +require 'mocha' +require 'puppet' +require 'rspec' +require 'spec/autorun' + +Spec::Runner.configure do |config| + config.mock_with :mocha +end + +# We need this because the RAL uses 'should' as a method. This +# allows us the same behaviour but with a different method name. +class Object + alias :must :should +end diff --git a/modules/services/unix/lamp/lamp/module/lamp/tests/init.pp b/modules/services/unix/lamp/lamp/module/lamp/tests/init.pp new file mode 100644 index 000000000..ef8e8b4bd --- /dev/null +++ b/modules/services/unix/lamp/lamp/module/lamp/tests/init.pp @@ -0,0 +1,12 @@ +# The baseline for module testing used by Puppet Labs is that each manifest +# should have a corresponding test manifest that declares that class or defined +# type. +# +# Tests are then run by using puppet apply --noop (to check for compilation +# errors and view a log of events) or by fully applying the test in a virtual +# environment (to compare the resulting system state to the desired state). +# +# Learn more about module testing here: +# http://docs.puppetlabs.com/guides/tests_smoke.html +# +include lamp diff --git a/modules/services/unix/lamp/lamp/secgen_metadata.xml b/modules/services/unix/lamp/lamp/secgen_metadata.xml new file mode 100644 index 000000000..c186b8c40 --- /dev/null +++ b/modules/services/unix/lamp/lamp/secgen_metadata.xml @@ -0,0 +1,5 @@ + \ No newline at end of file From d6b3ed18ab5ba16a73d82d865457f1ec2679742f Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Mon, 28 Mar 2016 21:16:16 +0100 Subject: [PATCH 09/13] Relates to SG-11 : adds missing puppet module --- .../mysql/mysql/module/mysql/CHANGELOG.md | 705 ++++++++++++++ .../mysql/mysql/module/mysql/CONTRIBUTING.md | 220 +++++ .../unix/mysql/mysql/module/mysql/Gemfile | 40 + .../unix/mysql/mysql/module/mysql/LICENSE | 202 ++++ .../unix/mysql/mysql/module/mysql/NOTICE | 18 + .../unix/mysql/mysql/module/mysql/README.md | 871 ++++++++++++++++++ .../unix/mysql/mysql/module/mysql/Rakefile | 42 + .../unix/mysql/mysql/module/mysql/TODO | 8 + .../mysql/mysql/module/mysql/checksums.json | 117 +++ .../mysql/module/mysql/examples/backup.pp | 9 + .../mysql/module/mysql/examples/bindings.pp | 3 + .../mysql/mysql/module/mysql/examples/java.pp | 1 + .../module/mysql/examples/mysql_database.pp | 17 + .../mysql/module/mysql/examples/mysql_db.pp | 17 + .../module/mysql/examples/mysql_grant.pp | 5 + .../module/mysql/examples/mysql_plugin.pp | 23 + .../mysql/module/mysql/examples/mysql_user.pp | 32 + .../mysql/mysql/module/mysql/examples/perl.pp | 1 + .../mysql/module/mysql/examples/python.pp | 1 + .../mysql/mysql/module/mysql/examples/ruby.pp | 1 + .../mysql/module/mysql/examples/server.pp | 3 + .../mysql/examples/server/account_security.pp | 4 + .../module/mysql/examples/server/config.pp | 3 + .../mysql/lib/facter/mysql_server_id.rb | 9 + .../module/mysql/lib/facter/mysql_version.rb | 8 + .../parser/functions/mysql_deepmerge.rb | 58 ++ .../puppet/parser/functions/mysql_dirname.rb | 15 + .../puppet/parser/functions/mysql_password.rb | 17 + .../parser/functions/mysql_strip_hash.rb | 21 + .../parser/functions/mysql_table_exists.rb | 30 + .../module/mysql/lib/puppet/provider/mysql.rb | 109 +++ .../puppet/provider/mysql_database/mysql.rb | 68 ++ .../puppet/provider/mysql_datadir/mysql.rb | 70 ++ .../lib/puppet/provider/mysql_grant/mysql.rb | 172 ++++ .../lib/puppet/provider/mysql_plugin/mysql.rb | 53 ++ .../lib/puppet/provider/mysql_user/mysql.rb | 155 ++++ .../mysql/lib/puppet/type/mysql_database.rb | 25 + .../mysql/lib/puppet/type/mysql_datadir.rb | 30 + .../mysql/lib/puppet/type/mysql_grant.rb | 101 ++ .../mysql/lib/puppet/type/mysql_plugin.rb | 17 + .../mysql/lib/puppet/type/mysql_user.rb | 76 ++ .../mysql/manifests/backup/mysqlbackup.pp | 105 +++ .../mysql/manifests/backup/mysqldump.pp | 70 ++ .../mysql/manifests/backup/xtrabackup.pp | 65 ++ .../mysql/module/mysql/manifests/bindings.pp | 57 ++ .../mysql/manifests/bindings/client_dev.pp | 15 + .../mysql/manifests/bindings/daemon_dev.pp | 15 + .../module/mysql/manifests/bindings/java.pp | 11 + .../module/mysql/manifests/bindings/perl.pp | 11 + .../module/mysql/manifests/bindings/php.pp | 11 + .../module/mysql/manifests/bindings/python.pp | 11 + .../module/mysql/manifests/bindings/ruby.pp | 11 + .../mysql/module/mysql/manifests/client.pp | 29 + .../module/mysql/manifests/client/install.pp | 14 + .../mysql/mysql/module/mysql/manifests/db.pp | 75 ++ .../mysql/module/mysql/manifests/params.pp | 438 +++++++++ .../mysql/module/mysql/manifests/server.pp | 87 ++ .../manifests/server/account_security.pp | 39 + .../module/mysql/manifests/server/backup.pp | 53 ++ .../module/mysql/manifests/server/config.pp | 52 ++ .../module/mysql/manifests/server/install.pp | 13 + .../mysql/manifests/server/installdb.pp | 33 + .../module/mysql/manifests/server/monitor.pp | 24 + .../mysql/manifests/server/mysqltuner.pp | 52 ++ .../mysql/manifests/server/providers.pp | 8 + .../mysql/manifests/server/root_password.pp | 46 + .../module/mysql/manifests/server/service.pp | 66 ++ .../mysql/mysql/module/mysql/metadata.json | 83 ++ .../spec/acceptance/mysql_backup_spec.rb | 187 ++++ .../mysql/spec/acceptance/mysql_db_spec.rb | 65 ++ .../spec/acceptance/mysql_server_spec.rb | 78 ++ .../acceptance/nodesets/centos-510-x64.yml | 10 + .../acceptance/nodesets/centos-59-x64.yml | 10 + .../acceptance/nodesets/centos-64-x64-pe.yml | 12 + .../acceptance/nodesets/centos-65-x64.yml | 10 + .../spec/acceptance/nodesets/default.yml | 11 + .../acceptance/nodesets/fedora-18-x64.yml | 10 + .../spec/acceptance/nodesets/sles-11-x64.yml | 10 + .../nodesets/ubuntu-server-10044-x64.yml | 10 + .../nodesets/ubuntu-server-12042-x64.yml | 10 + .../nodesets/ubuntu-server-1404-x64.yml | 11 + .../acceptance/types/mysql_database_spec.rb | 64 ++ .../spec/acceptance/types/mysql_grant_spec.rb | 488 ++++++++++ .../acceptance/types/mysql_plugin_spec.rb | 72 ++ .../spec/acceptance/types/mysql_user_spec.rb | 86 ++ .../spec/classes/graceful_failures_spec.rb | 19 + .../mysql/spec/classes/mycnf_template_spec.rb | 86 ++ .../mysql/spec/classes/mysql_bindings_spec.rb | 32 + .../mysql/spec/classes/mysql_client_spec.rb | 38 + .../mysql_server_account_security_spec.rb | 86 ++ .../spec/classes/mysql_server_backup_spec.rb | 405 ++++++++ .../spec/classes/mysql_server_monitor_spec.rb | 38 + .../classes/mysql_server_mysqltuner_spec.rb | 45 + .../mysql/spec/classes/mysql_server_spec.rb | 214 +++++ .../mysql/spec/defines/mysql_db_spec.rb | 77 ++ .../mysql/mysql/module/mysql/spec/spec.opts | 6 + .../mysql/module/mysql/spec/spec_helper.rb | 8 + .../mysql/spec/spec_helper_acceptance.rb | 65 ++ .../module/mysql/spec/spec_helper_local.rb | 3 + .../spec/unit/facter/mysql_server_id_spec.rb | 27 + .../spec/unit/facter/mysql_version_spec.rb | 20 + .../puppet/functions/mysql_deepmerge_spec.rb | 91 ++ .../puppet/functions/mysql_password_spec.rb | 37 + .../functions/mysql_table_exists_spec.rb | 26 + .../provider/mysql_database/mysql_spec.rb | 118 +++ .../provider/mysql_plugin/mysql_spec.rb | 71 ++ .../puppet/provider/mysql_user/mysql_spec.rb | 299 ++++++ .../unit/puppet/type/mysql_database_spec.rb | 29 + .../spec/unit/puppet/type/mysql_grant_spec.rb | 74 ++ .../unit/puppet/type/mysql_plugin_spec.rb | 24 + .../spec/unit/puppet/type/mysql_user_spec.rb | 131 +++ .../mysql/module/mysql/templates/meb.cnf.erb | 18 + .../mysql/module/mysql/templates/my.cnf.erb | 24 + .../module/mysql/templates/my.cnf.pass.erb | 11 + .../module/mysql/templates/mysqlbackup.sh.erb | 100 ++ .../module/mysql/templates/xtrabackup.sh.erb | 21 + 116 files changed, 8258 insertions(+) create mode 100644 modules/services/unix/mysql/mysql/module/mysql/CHANGELOG.md create mode 100644 modules/services/unix/mysql/mysql/module/mysql/CONTRIBUTING.md create mode 100644 modules/services/unix/mysql/mysql/module/mysql/Gemfile create mode 100644 modules/services/unix/mysql/mysql/module/mysql/LICENSE create mode 100644 modules/services/unix/mysql/mysql/module/mysql/NOTICE create mode 100644 modules/services/unix/mysql/mysql/module/mysql/README.md create mode 100644 modules/services/unix/mysql/mysql/module/mysql/Rakefile create mode 100644 modules/services/unix/mysql/mysql/module/mysql/TODO create mode 100644 modules/services/unix/mysql/mysql/module/mysql/checksums.json create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/backup.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/bindings.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/java.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/mysql_database.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/mysql_db.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/mysql_grant.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/mysql_plugin.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/mysql_user.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/perl.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/python.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/ruby.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/server.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/server/account_security.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/examples/server/config.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_server_id.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_version.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_dirname.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_password.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_table_exists.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_database/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_datadir/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_grant/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_plugin/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_user/mysql.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_database.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_datadir.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_grant.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_plugin.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_user.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqlbackup.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqldump.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/backup/xtrabackup.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/client_dev.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/daemon_dev.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/java.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/perl.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/php.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/python.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/ruby.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/client.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/client/install.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/db.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/params.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/account_security.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/backup.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/config.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/install.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/installdb.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/monitor.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/mysqltuner.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/providers.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/root_password.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/manifests/server/service.pp create mode 100644 modules/services/unix/mysql/mysql/module/mysql/metadata.json create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_backup_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_db_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_server_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-510-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-59-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-65-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/default.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/fedora-18-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/sles-11-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_database_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_grant_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_plugin_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_user_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/graceful_failures_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mycnf_template_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_bindings_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_client_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_account_security_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_backup_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_monitor_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_mysqltuner_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/defines/mysql_db_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/spec.opts create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_acceptance.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_local.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_server_id_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_version_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_password_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_database_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_grant_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_user_spec.rb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/templates/meb.cnf.erb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.erb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.pass.erb create mode 100755 modules/services/unix/mysql/mysql/module/mysql/templates/mysqlbackup.sh.erb create mode 100644 modules/services/unix/mysql/mysql/module/mysql/templates/xtrabackup.sh.erb diff --git a/modules/services/unix/mysql/mysql/module/mysql/CHANGELOG.md b/modules/services/unix/mysql/mysql/module/mysql/CHANGELOG.md new file mode 100644 index 000000000..12bc1b692 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/CHANGELOG.md @@ -0,0 +1,705 @@ +## Supported Release 3.7.0 +###Summary + +A large release with several new features. Also includes a considerable amount of bugfixes, many around compatibility and improvements to current functionality. + +#### Features + +- Now uses mariadb in OpenSuSE >= 13.1. +- Switch to rspec-puppet-facts. +- Additional function to check if table exists before grant. +- Add ability to input password hash directly. +- Now checking major release instead of specific release. +- Debian 8 support. + +#### Bugfixes + +- Minor doc update. +- Fixes improper use of function `warn` in backup manifest of server. +- Fixes to Compatibility with PE 3.3. +- Fixes `when not managing config file` in `mysql_server_spec`. +- Improved user validation and munging. +- Fixes fetching the mysql_user password for MySQL >=5.7.6. +- Fixes unique server_id within my.cnf, the issue were the entire mac address was not being read in to generate the id. +- Corrects the daemon_dev_package_name for mariadb on redhat. +- Fix version compare to properly suppress show_diff for root password. +- Fixes to ensure compatibility with future parser. +- Solaris removed from PE in metadata as its not supported. +- Use MYSQL_PWD to avoid mysqldump warnings. +- Use temp cnf file instead of env variable which creates acceptance test failures. +- No longer hash passwords that are already hashed. +- Fix Gemfile to work with ruby 1.8.7. +- Fixed MySQL 5.7.6++ compatibility. +- Fixing error when disabling service management and the service does not exist. +- Ubuntu vivid should use systemd not upstart. +- Fixed new mysql_datadir provider on CentOS for MySQl 5.7.6 compatibility. +- Ensure if service restart to wait till mysql is up. +- Move all dependencies to not have them in case of service unmanaged. +- Re-Added the ability to set a empty string as option parameter. +- Fixes edge-case with dropping pre-existing users with grants. +- Fix logic for choosing rspec version. +- Refactored main acceptance suite. +- Skip idempotency tests on test cells that do have PUP-5016 unfixed. +- Fix tmpdir to be shared across examples. +- Update to current msync configs [006831f]. +- Fix mysql_grant with MySQL ANSI_QUOTES mode. +- Generate .my.cnf for all sections. + +## Supported Release 3.6.2 +###Summary + +Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. + +## 2015-09-22 - Supported Release 3.6.1 +### Summary +This is a security and bugfix release that fixes incorrect username truncation in the munge for the mysql_user type, incorrect function used in `mysql::server::backup` and fixes compatibility issues with PE 3.3.x. + +#### Bugfixes +- Loosen the regex in mysql_user munging so the username is not unintentionally truncated. +- Use `warning()` not `warn()` +- Metadata had inadvertantly dropped 3.3.x support +- Some 3.3.x compatibility issues in `mysqltuner` were corrected + +## 2015-08-10 - Supported Release 3.6.0 +### Summary +This release adds the ability to use mysql::db and `mysql_*` types against unmanaged or external mysql instances. + +#### Features +- Add ability to use mysql::db WITHOUT mysql::server (ie, externally) +- Add prescript attribute to mysql::server::backup for xtrabackup +- Add postscript ability to xtrabackup provider. + +#### Bugfixes +- Fix default root passwords blocking puppet on mysql 5.8 +- Fix service dependency when package_manage is false +- Fix selinux permissions on my.cnf + +##2015-07-23 - Supported Release 3.5.0 +###Summary +A small release to add explicit support to newer Puppet versions and accumulated patches. + +####Features/Improvements +- Start running tests against puppet 4 +- Support longer usernames on newer MariaDB versions +- Add parameters for Solaris 11 and 12 + +####Bugfixes +- Fix references to the mysql-server package +- mysql_server_id doesn't throw and error on machines without macaddress + +##2015-05-19 - Supported Release 3.4.0 +###Summary +This release includes the addition of extra facts, OpenBSD compatibility, and a number of other features, improvements and bug fixes. + +####Features/Improvements +- Added server_id fact which includes mac address for better uniqueness +- Added OpenBSD compatibility, only for 'OpenBSD -current' (due to the recent switch to mariadb) +- Added a $mysql_group parameter, and use that instead of the $root_group parameter to define the group membership of the mysql error log file. +- Updated tests for rspec-puppet 2 and future parser +- Further acceptance testing improvements +- MODULES-1928 - allow log-error to be undef +- Split package installation and database install +- README wording improvements +- Added options for including/excluding triggers and routines +- Made the 'TRIGGER' privilege of mysqldump backups depend on whether or not we are actually backing up triggers +- Cleaned up the privilege assignment in the mysqldump backup script +- Add a fact for capturing the mysql version installed + +####Bugfixes +- mysql backup: fix regression in mysql_user call +- Set service_ensure to undef, in the case of an unmanaged service +- README Typos fixed +- Bugfix on Xtrabackup crons +- Fixed a permission problem that was preventing triggers from being backed up +- MODULES-1981: Revoke and grant difference of old and new privileges +- Fix an issue were we assume triggers work +- Change default for mysql::server::backup to ignore_triggers = false + +####Deprecations +mysql::server::old_root_password property + +##2015-03-03 - Supported Release 3.3.0 +###Summary +This release includes major README updates, the addition of backup providers, and a fix for managing the log-bin directory. + +####Features +- Add package_manage parameters to `mysql::server` and `mysql::client` (MODULES-1143) +- README improvements +- Add `mysqldump`, `mysqlbackup`, and `xtrabackup` backup providers. + +####Bugfixes +- log-error overrides were not being properly used (MODULES-1804) +- check for full path for log-bin to stop puppet from managing file '.' + +##2015-02-09 - Supported Release 3.2.0 +###Summary +This release includes several new features and bugfixes, including support for various plugins, making the output from mysql_password more consistent when input is empty and improved username validation. + +####Features +- Add type and provider to manage plugins +- Add support for authentication plugins +- Add support for mysql_install_db on freebsd +- Add `create_root_user` and `create_root_my_cnf` parameters to `mysql::server` + +####Bugfixes +- Remove dependency on stdlib >= 4.1.0 (MODULES-1759) +- Make grant autorequire user +- Remove invalid parameter 'provider' from mysql_user instance (MODULES-1731) +- Return empty string for empty input in mysql_password +- Fix `mysql::account_security` when fqdn==localhost +- Update username validation (MODULES-1520) +- Future parser fix in params.pp +- Fix package name for debian 8 +- Don't start the service until the server package is installed and the config file is in place +- Test fixes +- Lint fixes + +##2014-12-16 - Supported Release 3.1.0 +###Summary + +This release includes several new features, including SLES12 support, and a number of bug fixes. + +####Notes + +`mysql::server::mysqltuner` has been refactored to fetch the mysqltuner script from github by default. If you are running on a non-network-connected system, you will need to download that file and have it available to your node at a path specified by the `source` parameter to the `mysqltuner` class. + +####Features +- Add support for install_options for all package resources (MODULES-1484) +- Add log-bin directory creation +- Allow mysql::db to import multiple files (MODULES-1338) +- SLES12 support +- Improved identifier quoting detections +- Reworked `mysql::server::mysqltuner` so that we are no longer packaging the script as it is licensed under the GPL. + +####Bugfixes +- Fix regression in username validation +- Proper containment for mysql::client in mysql::db +- Support quoted usernames of length 15 and 16 chars + +##2014-11-11 - Supported Release 3.0.0 +###Summary + +Added several new features including MariaDB support and future parser + +####Backwards-incompatible Changes +* Remove the deprecated `database`, `database_user`, and `database_grant` resources. The correct resources to use are `mysql`, `mysql_user`, and `mysql_grant` respectively. + +####Features +* Add MariaDB Support +* The mysqltuner perl script has been updated to 1.3.0 based on work at http://github.com/major/MySQLTuner-perl +* Add future parse support, fixed issues with undef to empty string +* Pass the backup credentials to 'SHOW DATABASES' +* Ability to specify the Includedir for `mysql::server` +* `mysql::db` now has an import\_timeout feature that defaults to 300 +* The `mysql` class has been removed +* `mysql::server` now takes an `override_options` hash that will affect the installation +* Ability to install both dev and client dev + +####BugFix +* `mysql::server::backup` now passes `ensure` param to the nested `mysql_grant` +* `mysql::server::service` now properly requires the presence of the `log_error` file +* `mysql::config` now occurs before `mysql::server::install_db` correctly + +##2014-07-15 - Supported Release 2.3.1 +###Summary + +This release merely updates metadata.json so the module can be uninstalled and +upgraded via the puppet module command. + +##2014-05-14 - Supported Release 2.3.0 + +This release primarily adds support for RHEL7 and Ubuntu 14.04 but it +also adds a couple of new parameters to allow for further customization, +as well as ensuring backups can backup stored procedures properly. + +####Features +Added `execpath` to allow a custom executable path for non-standard mysql installations. +Added `dbname` to mysql::db and use ensure_resource to create the resource. +Added support for RHEL7 and Fedora Rawhide. +Added support for Ubuntu 14.04. +Create a warning for if you disable SSL. +Ensure the error logfile is owned by MySQL. +Disable ssl on FreeBSD. +Add PROCESS privilege for backups. + +####Bugfixes + +####Known Bugs +* No known bugs + +##2014-03-04 - Supported Release 2.2.3 +###Summary + +This is a supported release. This release removes a testing symlink that can +cause trouble on systems where /var is on a seperate filesystem from the +modulepath. + +####Features +####Bugfixes +####Known Bugs +* No known bugs + +##2014-03-04 - Supported Release 2.2.2 +###Summary +This is a supported release. Mostly comprised of enhanced testing, plus a +bugfix for Suse. + +####Bugfixes +- PHP bindings on Suse +- Test fixes + +####Known Bugs +* No known bugs + +##2014-02-19 - Version 2.2.1 + +###Summary + +Minor release that repairs mysql_database{} so that it sees the correct +collation settings (it was only checking the global mysql ones, not the +actual database and constantly setting it over and over since January 22nd). + +Also fixes a bunch of tests on various platforms. + + +##2014-02-13 - Version 2.2.0 + +###Summary + +####Features +- Add `backupdirmode`, `backupdirowner`, `backupdirgroup` to + mysql::server::backup to allow customizing the mysqlbackupdir. +- Support multiple options of the same name, allowing you to + do 'replicate-do-db' => ['base1', 'base2', 'base3'] in order to get three + lines of replicate-do-db = base1, replicate-do-db = base2 etc. + +####Bugfixes +- Fix `restart` so it actually stops mysql restarting if set to false. +- DRY out the defaults_file functionality in the providers. +- mysql_grant fixed to work with root@localhost/@. +- mysql_grant fixed for WITH MAX_QUERIES_PER_HOUR +- mysql_grant fixed so revoking all privileges accounts for GRANT OPTION +- mysql_grant fixed to remove duplicate privileges. +- mysql_grant fixed to handle PROCEDURES when removing privileges. +- mysql_database won't try to create existing databases, breaking replication. +- bind_address renamed bind-address in 'mysqld' options. +- key_buffer renamed to key_buffer_size. +- log_error renamed to log-error. +- pid_file renamed to pid-file. +- Ensure mysql::server:root_password runs before mysql::server::backup +- Fix options_override -> override_options in the README. +- Extensively rewrite the README to be accurate and awesome. +- Move to requiring stdlib 3.2.0, shipped in PE3.0 +- Add many new tests. + + +##2013-11-13 - Version 2.1.0 + +###Summary + +The most important changes in 2.1.0 are improvements to the my.cnf creation, +as well as providers. Setting options to = true strips them to be just the +key name itself, which is required for some options. + +The provider updates fix a number of bugs, from lowercase privileges to +deprecation warnings. + +Last, the new hiera integration functionality should make it easier to +externalize all your grants, users, and, databases. Another great set of +community submissions helped to make this release. + +####Features +- Some options can not take a argument. Gets rid of the '= true' when an +option is set to true. +- Easier hiera integration: Add hash parameters to mysql::server to allow +specifying grants, users, and databases. + +####Bugfixes +- Fix an issue with lowercase privileges in mysql_grant{} causing them to be reapplied needlessly. +- Changed defaults-file to defaults-extra-file in providers. +- Ensure /root/.my.cnf is 0600 and root owned. +- database_user deprecation warning was incorrect. +- Add anchor pattern for client.pp +- Documentation improvements. +- Various test fixes. + + +##2013-10-21 - Version 2.0.1 + +###Summary + +This is a bugfix release to handle an issue where unsorted mysql_grant{} +privileges could cause Puppet to incorrectly reapply the permissions on +each run. + +####Bugfixes +- Mysql_grant now sorts privileges in the type and provider for comparison. +- Comment and test tweak for PE3.1. + + +##2013-10-14 - Version 2.0.0 + +###Summary + +(Previously detailed in the changelog for 2.0.0-rc1) + +This module has been completely refactored and works significantly different. +The changes are broad and touch almost every piece of the module. + +See the README.md for full details of all changes and syntax. +Please remain on 1.0.0 if you don't have time to fully test this in dev. + +* mysql::server, mysql::client, and mysql::bindings are the primary interface +classes. +* mysql::server takes an `override_options` parameter to set my.cnf options, +with the hash format: { 'section' => { 'thing' => 'value' }} +* mysql attempts backwards compatibility by forwarding all parameters to +mysql::server. + + +##2013-10-09 - Version 2.0.0-rc5 + +###Summary + +Hopefully the final rc! Further fixes to mysql_grant (stripping out the +cleverness so we match a much wider range of input.) + +####Bugfixes +- Make mysql_grant accept '.*'@'.*' in terms of input for user@host. + + +##2013-10-09 - Version 2.0.0-rc4 + +###Summary + +Bugfixes to mysql_grant and mysql_user form the bulk of this rc, as well as +ensuring that values in the override_options hash that contain a value of '' +are created as just "key" in the conf rather than "key =" or "key = false". + +####Bugfixes +- Improve mysql_grant to work with IPv6 addresses (both long and short). +- Ensure @host users work as well as user@host users. +- Updated my.cnf template to support items with no values. + + +##2013-10-07 - Version 2.0.0-rc3 + +###Summary +Fix mysql::server::monitor's use of mysql_user{}. + +####Bugfixes +- Fix myql::server::monitor's use of mysql_user{} to grant the proper +permissions. Add specs as well. (Thanks to treydock!) + + +##2013-10-03 - Version 2.0.0-rc2 + +###Summary +Bugfixes + +####Bugfixes +- Fix a duplicate parameter in mysql::server + + +##2013-10-03 - Version 2.0.0-rc1 + +###Summary + +This module has been completely refactored and works significantly different. +The changes are broad and touch almost every piece of the module. + +See the README.md for full details of all changes and syntax. +Please remain on 1.0.0 if you don't have time to fully test this in dev. + +* mysql::server, mysql::client, and mysql::bindings are the primary interface +classes. +* mysql::server takes an `override_options` parameter to set my.cnf options, +with the hash format: { 'section' => { 'thing' => 'value' }} +* mysql attempts backwards compatibility by forwarding all parameters to +mysql::server. + +--- +##2013-09-23 - Version 1.0.0 + +###Summary + +This release introduces a number of new type/providers, to eventually +replace the database_ ones. The module has been converted to call the +new providers rather than the previous ones as they have a number of +fixes, additional options, and work with puppet resource. + +This 1.0.0 release precedes a large refactoring that will be released +almost immediately after as 2.0.0. + +####Features +- Added mysql_grant, mysql_database, and mysql_user. +- Add `mysql::bindings` class and refactor all other bindings to be contained underneath mysql::bindings:: namespace. +- Added support to back up specified databases only with 'mysqlbackup' parameter. +- Add option to mysql::backup to set the backup script to perform a mysqldump on each database to its own file + +####Bugfixes +- Update my.cnf.pass.erb to allow custom socket support +- Add environment variable for .my.cnf in mysql::db. +- Add HOME environment variable for .my.cnf to mysqladmin command when +(re)setting root password + +--- +##2013-07-15 - Version 0.9.0 +####Features +- Add `mysql::backup::backuprotate` parameter +- Add `mysql::backup::delete_before_dump` parameter +- Add `max_user_connections` attribute to `database_user` type + +####Bugfixes +- Add client package dependency for `mysql::db` +- Remove duplicate `expire_logs_days` and `max_binlog_size` settings +- Make root's `.my.cnf` file path dynamic +- Update pidfile path for Suse variants +- Fixes for lint + +##2013-07-05 - Version 0.8.1 +####Bugfixes + - Fix a typo in the Fedora 19 support. + +##2013-07-01 - Version 0.8.0 +####Features + - mysql::perl class to install perl-DBD-mysql. + - minor improvements to the providers to improve reliability + - Install the MariaDB packages on Fedora 19 instead of MySQL. + - Add new `mysql` class parameters: + - `max_connections`: The maximum number of allowed connections. + - `manage_config_file`: Opt out of puppetized control of my.cnf. + - `ft_min_word_len`: Fine tune the full text search. + - `ft_max_word_len`: Fine tune the full text search. + - Add new `mysql` class performance tuning parameters: + - `key_buffer` + - `thread_stack` + - `thread_cache_size` + - `myisam-recover` + - `query_cache_limit` + - `query_cache_size` + - `max_connections` + - `tmp_table_size` + - `table_open_cache` + - `long_query_time` + - Add new `mysql` class replication parameters: + - `server_id` + - `sql_log_bin` + - `log_bin` + - `max_binlog_size` + - `binlog_do_db` + - `expire_logs_days` + - `log_bin_trust_function_creators` + - `replicate_ignore_table` + - `replicate_wild_do_table` + - `replicate_wild_ignore_table` + - `expire_logs_days` + - `max_binlog_size` + +####Bugfixes + - No longer restart MySQL when /root/.my.cnf changes. + - Ensure mysql::config runs before any mysql::db defines. + +##2013-06-26 - Version 0.7.1 +####Bugfixes +- Single-quote password for special characters +- Update travis testing for puppet 3.2.x and missing Bundler gems + +##2013-06-25 - Version 0.7.0 +This is a maintenance release for community bugfixes and exposing +configuration variables. + +* Add new `mysql` class parameters: + - `basedir`: The base directory mysql uses + - `bind_address`: The IP mysql binds to + - `client_package_name`: The name of the mysql client package + - `config_file`: The location of the server config file + - `config_template`: The template to use to generate my.cnf + - `datadir`: The directory MySQL's datafiles are stored + - `default_engine`: The default engine to use for tables + - `etc_root_password`: Whether or not to add the mysql root password to + /etc/my.cnf + - `java_package_name`: The name of the java package containing the java + connector + - `log_error`: Where to log errors + - `manage_service`: Boolean dictating if mysql::server should manage the + service + - `max_allowed_packet`: Maximum network packet size mysqld will accept + - `old_root_password`: Previous root user password + - `php_package_name`: The name of the phpmysql package to install + - `pidfile`: The location mysql will expect the pidfile to be + - `port`: The port mysql listens on + - `purge_conf_dir`: Value fed to recurse and purge parameters of the + /etc/mysql/conf.d resource + - `python_package_name`: The name of the python mysql package to install + - `restart`: Whether to restart mysqld + - `root_group`: Use specified group for root-owned files + - `root_password`: The root MySQL password to use + - `ruby_package_name`: The name of the ruby mysql package to install + - `ruby_package_provider`: The installation suite to use when installing the + ruby package + - `server_package_name`: The name of the server package to install + - `service_name`: The name of the service to start + - `service_provider`: The name of the service provider + - `socket`: The location of the MySQL server socket file + - `ssl_ca`: The location of the SSL CA Cert + - `ssl_cert`: The location of the SSL Certificate to use + - `ssl_key`: The SSL key to use + - `ssl`: Whether or not to enable ssl + - `tmpdir`: The directory MySQL's tmpfiles are stored +* Deprecate `mysql::package_name` parameter in favor of +`mysql::client_package_name` +* Fix local variable template deprecation +* Fix dependency ordering in `mysql::db` +* Fix ANSI quoting in queries +* Fix travis support (but still messy) +* Fix typos + +##2013-01-11 - Version 0.6.1 +* Fix providers when /root/.my.cnf is absent + +##2013-01-09 - Version 0.6.0 +* Add `mysql::server::config` define for specific config directives +* Add `mysql::php` class for php support +* Add `backupcompress` parameter to `mysql::backup` +* Add `restart` parameter to `mysql::config` +* Add `purge_conf_dir` parameter to `mysql::config` +* Add `manage_service` parameter to `mysql::server` +* Add syslog logging support via the `log_error` parameter +* Add initial SuSE support +* Fix remove non-localhost root user when fqdn != hostname +* Fix dependency in `mysql::server::monitor` +* Fix .my.cnf path for root user and root password +* Fix ipv6 support for users +* Fix / update various spec tests +* Fix typos +* Fix lint warnings + +##2012-08-23 - Version 0.5.0 +* Add puppetlabs/stdlib as requirement +* Add validation for mysql privs in provider +* Add `pidfile` parameter to mysql::config +* Add `ensure` parameter to mysql::db +* Add Amazon linux support +* Change `bind_address` parameter to be optional in my.cnf template +* Fix quoting root passwords + +##2012-07-24 - Version 0.4.0 +* Fix various bugs regarding database names +* FreeBSD support +* Allow specifying the storage engine +* Add a backup class +* Add a security class to purge default accounts + +##2012-05-03 - Version 0.3.0 +* 14218 Query the database for available privileges +* Add mysql::java class for java connector installation +* Use correct error log location on different distros +* Fix set_mysql_rootpw to properly depend on my.cnf + +##2012-04-11 - Version 0.2.0 + +##2012-03-19 - William Van Hevelingen +* (#13203) Add ssl support (f7e0ea5) + +##2012-03-18 - Nan Liu +* Travis ci before script needs success exit code. (0ea463b) + +##2012-03-18 - Nan Liu +* Fix Puppet 2.6 compilation issues. (9ebbbc4) + +##2012-03-16 - Nan Liu +* Add travis.ci for testing multiple puppet versions. (33c72ef) + +##2012-03-15 - William Van Hevelingen +* (#13163) Datadir should be configurable (f353fc6) + +##2012-03-16 - Nan Liu +* Document create_resources dependency. (558a59c) + +##2012-03-16 - Nan Liu +* Fix spec test issues related to error message. (eff79b5) + +##2012-03-16 - Nan Liu +* Fix mysql service on Ubuntu. (72da2c5) + +##2012-03-16 - Dan Bode +* Add more spec test coverage (55e399d) + +##2012-03-16 - Nan Liu +* (#11963) Fix spec test due to path changes. (1700349) + +##2012-03-07 - François Charlier +* Add a test to check path for 'mysqld-restart' (b14c7d1) + +##2012-03-07 - François Charlier +* Fix path for 'mysqld-restart' (1a9ae6b) + +##2012-03-15 - Dan Bode +* Add rspec-puppet tests for mysql::config (907331a) + +##2012-03-15 - Dan Bode +* Moved class dependency between sever and config to server (da62ad6) + +##2012-03-14 - Dan Bode +* Notify mysql restart from set_mysql_rootpw exec (0832a2c) + +##2012-03-15 - Nan Liu +* Add documentation related to osfamily fact. (8265d28) + +##2012-03-14 - Dan Bode +* Mention osfamily value in failure message (e472d3b) + +##2012-03-14 - Dan Bode +* Fix bug when querying for all database users (015490c) + +##2012-02-09 - Nan Liu +* Major refactor of mysql module. (b1f90fd) + +##2012-01-11 - Justin Ellison +* Ruby and Python's MySQL libraries are named differently on different distros. (1e926b4) + +##2012-01-11 - Justin Ellison +* Per @ghoneycutt, we should fail explicitly and explain why. (09af083) + +##2012-01-11 - Justin Ellison +* Removing duplicate declaration (7513d03) + +##2012-01-10 - Justin Ellison +* Use socket value from params class instead of hardcoding. (663e97c) + +##2012-01-10 - Justin Ellison +* Instead of hardcoding the config file target, pull it from mysql::params (031a47d) + +##2012-01-10 - Justin Ellison +* Moved $socket to within the case to toggle between distros. Added a $config_file variable to allow per-distro config file destinations. (360eacd) + +##2012-01-10 - Justin Ellison +* Pretty sure this is a bug, 99% of Linux distros out there won't ever hit the default. (3462e6b) + +##2012-02-09 - William Van Hevelingen +* Changed the README to use markdown (3b7dfeb) + +##2012-02-04 - Daniel Black +* (#12412) mysqltuner.pl update (b809e6f) + +##2011-11-17 - Matthias Pigulla +* (#11363) Add two missing privileges to grant: event_priv, trigger_priv (d15c9d1) + +##2011-12-20 - Jeff McCune +* (minor) Fixup typos in Modulefile metadata (a0ed6a1) + +##2011-12-19 - Carl Caum +* Only notify Exec to import sql if sql is given (0783c74) + +##2011-12-19 - Carl Caum +* (#11508) Only load sql_scripts on DB creation (e3b9fd9) + +##2011-12-13 - Justin Ellison +* Require not needed due to implicit dependencies (3058feb) + +##2011-12-13 - Justin Ellison +* Bug #11375: puppetlabs-mysql fails on CentOS/RHEL (a557b8d) + +##2011-06-03 - Dan Bode - 0.0.1 +* initial commit diff --git a/modules/services/unix/mysql/mysql/module/mysql/CONTRIBUTING.md b/modules/services/unix/mysql/mysql/module/mysql/CONTRIBUTING.md new file mode 100644 index 000000000..bfeaa701c --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/CONTRIBUTING.md @@ -0,0 +1,220 @@ +Checklist (and a short version for the impatient) +================================================= + + * Commits: + + - Make commits of logical units. + + - Check for unnecessary whitespace with "git diff --check" before + committing. + + - Commit using Unix line endings (check the settings around "crlf" in + git-config(1)). + + - Do not check in commented out code or unneeded files. + + - The first line of the commit message should be a short + description (50 characters is the soft limit, excluding ticket + number(s)), and should skip the full stop. + + - Associate the issue in the message. The first line should include + the issue number in the form "(#XXXX) Rest of message". + + - The body should provide a meaningful commit message, which: + + - uses the imperative, present tense: "change", not "changed" or + "changes". + + - includes motivation for the change, and contrasts its + implementation with the previous behavior. + + - Make sure that you have tests for the bug you are fixing, or + feature you are adding. + + - Make sure the test suites passes after your commit: + `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below + + - When introducing a new feature, make sure it is properly + documented in the README.md + + * Submission: + + * Pre-requisites: + + - Make sure you have a [GitHub account](https://github.com/join) + + - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. + + * Preferred method: + + - Fork the repository on GitHub. + + - Push your changes to a topic branch in your fork of the + repository. (the format ticket/1234-short_description_of_change is + usually preferred for this project). + + - Submit a pull request to the repository in the puppetlabs + organization. + +The long version +================ + + 1. Make separate commits for logically separate changes. + + Please break your commits down into logically consistent units + which include new or changed tests relevant to the rest of the + change. The goal of doing this is to make the diff easier to + read for whoever is reviewing your code. In general, the easier + your diff is to read, the more likely someone will be happy to + review it and get it into the code base. + + If you are going to refactor a piece of code, please do so as a + separate commit from your feature or bug fix changes. + + We also really appreciate changes that include tests to make + sure the bug is not re-introduced, and that the feature is not + accidentally broken. + + Describe the technical detail of the change(s). If your + description starts to get too long, that is a good sign that you + probably need to split up your commit into more finely grained + pieces. + + Commits which plainly describe the things which help + reviewers check the patch and future developers understand the + code are much more likely to be merged in with a minimum of + bike-shedding or requested changes. Ideally, the commit message + would include information, and be in a form suitable for + inclusion in the release notes for the version of Puppet that + includes them. + + Please also check that you are not introducing any trailing + whitespace or other "whitespace errors". You can do this by + running "git diff --check" on your changes before you commit. + + 2. Sending your patches + + To submit your changes via a GitHub pull request, we _highly_ + recommend that you have them on a topic branch, instead of + directly on "master". + It makes things much easier to keep track of, especially if + you decide to work on another thing before your first change + is merged in. + + GitHub has some pretty good + [general documentation](http://help.github.com/) on using + their site. They also have documentation on + [creating pull requests](http://help.github.com/send-pull-requests/). + + In general, after pushing your topic branch up to your + repository on GitHub, you can switch to the branch in the + GitHub UI and click "Pull Request" towards the top of the page + in order to open a pull request. + + + 3. Update the related GitHub issue. + + If there is a GitHub issue associated with the change you + submitted, then you should update the ticket to include the + location of your branch, along with any other commentary you + may wish to make. + +Testing +======= + +Getting Started +--------------- + +Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby +package manager such as [bundler](http://bundler.io/) what Ruby packages, +or Gems, are required to build, develop, and test this software. + +Please make sure you have [bundler installed](http://bundler.io/#getting-started) +on your system, then use it to install all dependencies needed for this project, +by running + +```shell +% bundle install +Fetching gem metadata from https://rubygems.org/........ +Fetching gem metadata from https://rubygems.org/.. +Using rake (10.1.0) +Using builder (3.2.2) +-- 8><-- many more --><8 -- +Using rspec-system-puppet (2.2.0) +Using serverspec (0.6.3) +Using rspec-system-serverspec (1.0.0) +Using bundler (1.3.5) +Your bundle is complete! +Use `bundle show [gemname]` to see where a bundled gem is installed. +``` + +NOTE some systems may require you to run this command with sudo. + +If you already have those gems installed, make sure they are up-to-date: + +```shell +% bundle update +``` + +With all dependencies in place and up-to-date we can now run the tests: + +```shell +% bundle exec rake spec +``` + +This will execute all the [rspec tests](http://rspec-puppet.com/) tests +under [spec/defines](./spec/defines), [spec/classes](./spec/classes), +and so on. rspec tests may have the same kind of dependencies as the +module they are testing. While the module defines in its [Modulefile](./Modulefile), +rspec tests define them in [.fixtures.yml](./fixtures.yml). + +Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) +tests. These tests spin up a virtual machine under +[VirtualBox](https://www.virtualbox.org/)) with, controlling it with +[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test +scenarios. In order to run these, you will need both of those tools +installed on your system. + +You can run them by issuing the following command + +```shell +% bundle exec rake spec_clean +% bundle exec rspec spec/acceptance +``` + +This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), +install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) +and then run all the tests under [spec/acceptance](./spec/acceptance). + +Writing Tests +------------- + +XXX getting started writing tests. + +If you have commit access to the repository +=========================================== + +Even if you have commit access to the repository, you will still need to +go through the process above, and have someone else review and merge +in your changes. The rule is that all changes must be reviewed by a +developer on the project (that did not write the code) to ensure that +all changes go through a code review process. + +Having someone other than the author of the topic branch recorded as +performing the merge is the record that they performed the code +review. + + +Additional Resources +==================== + +* [Getting additional help](http://puppetlabs.com/community/get-help) + +* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) + +* [Patchwork](https://patchwork.puppetlabs.com) + +* [General GitHub documentation](http://help.github.com/) + +* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) + diff --git a/modules/services/unix/mysql/mysql/module/mysql/Gemfile b/modules/services/unix/mysql/mysql/module/mysql/Gemfile new file mode 100644 index 000000000..efe167ce7 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/Gemfile @@ -0,0 +1,40 @@ +#This file is generated by ModuleSync, do not edit. + +source ENV['GEM_SOURCE'] || "https://rubygems.org" + +def location_for(place, version = nil) + if place =~ /^(git[:@][^#]*)#(.*)/ + [version, { :git => $1, :branch => $2, :require => false}].compact + elsif place =~ /^file:\/\/(.*)/ + ['>= 0', { :path => File.expand_path($1), :require => false}] + else + [place, version, { :require => false}].compact + end +end + +group :development, :unit_tests do + gem 'json', :require => false + gem 'metadata-json-lint', :require => false + gem 'puppet_facts', :require => false + gem 'puppet-blacksmith', :require => false + gem 'puppetlabs_spec_helper', :require => false + gem 'rspec-puppet', '>= 2.3.2', :require => false + gem 'simplecov', :require => false + gem 'rspec-puppet-facts', :require => false +end +group :system_tests do + gem 'beaker-rspec', *location_for(ENV['BEAKER_RSPEC_VERSION'] || '>= 3.4') + gem 'beaker', *location_for(ENV['BEAKER_VERSION']) + gem 'serverspec', :require => false + gem 'beaker-puppet_install_helper', :require => false + gem 'master_manipulator', :require => false + gem 'beaker-hostgenerator', *location_for(ENV['BEAKER_HOSTGENERATOR_VERSION']) +end + +gem 'facter', *location_for(ENV['FACTER_GEM_VERSION']) +gem 'puppet', *location_for(ENV['PUPPET_GEM_VERSION']) + + +if File.exists? "#{__FILE__}.local" + eval(File.read("#{__FILE__}.local"), binding) +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/LICENSE b/modules/services/unix/mysql/mysql/module/mysql/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/modules/services/unix/mysql/mysql/module/mysql/NOTICE b/modules/services/unix/mysql/mysql/module/mysql/NOTICE new file mode 100644 index 000000000..caaa8f4ff --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/NOTICE @@ -0,0 +1,18 @@ +mysql puppet module + +Copyright (C) 2013-2016 Puppet Labs, Inc. + +Puppet Labs can be contacted at: info@puppetlabs.com + + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/modules/services/unix/mysql/mysql/module/mysql/README.md b/modules/services/unix/mysql/mysql/module/mysql/README.md new file mode 100644 index 000000000..af7e29642 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/README.md @@ -0,0 +1,871 @@ +# mysql + +#### Table of Contents + +1. [Module Description - What the module does and why it is useful](#module-description) +2. [Setup - The basics of getting started with mysql](#setup) + * [Beginning with mysql](#beginning-with-mysql) +3. [Usage - Configuration options and additional functionality](#usage) + * [Customize server options](#customize-server-options) + * [Create a database](#create-a-database) + * [Customize configuration](#create-custom-configuration) + * [Work with an existing server](#work-with-an-existing-server) + * [Specify passwords](#specify-passwords) +4. [Reference - An under-the-hood peek at what the module is doing and how](#reference) +5. [Limitations - OS compatibility, etc.](#limitations) +6. [Development - Guide for contributing to the module](#development) + +## Module Description + +The mysql module installs, configures, and manages the MySQL service. + +This module manages both the installation and configuration of MySQL, as well as extending Puppet to allow management of MySQL resources, such as databases, users, and grants. + +## Setup + +### Beginning with mysql + +To install a server with the default options: + +`include '::mysql::server'`. + +To customize options, such as the root +password or `/etc/my.cnf` settings, you must also pass in an override hash: + +```puppet +class { '::mysql::server': + root_password => 'strongpassword', + remove_default_accounts => true, + override_options => $override_options +} +``` + +See [**Customize Server Options**](#customize-server-options) below for examples of the hash structure for $override_options`. + +## Usage + +All interaction for the server is done via `mysql::server`. To install the client, use `mysql::client`. To install bindings, use `mysql::bindings`. + +### Customize server options + +To define server options, structure a hash structure of overrides in `mysql::server`. This hash resembles a hash in the my.cnf file: + +```puppet +$override_options = { + 'section' => { + 'item' => 'thing', + } +} +``` + +For options that you would traditionally represent in this format: + +``` +[section] +thing = X +``` + +...you can make an entry like `thing => true`, `thing => value`, or `thing => "` in the hash. Alternatively, you can pass an array, as `thing => ['value', 'value2']`, or list each `thing => value` separately on separate lines. + +You can pass a variable in the hash without setting a value for it; the variable would then use MySQL's default settings. To exclude an option from the my.cnf file --- for example, when using `override_options` to revert to a default value --- pass `thing => undef`. + +If an option needs multiple instances, pass an array. For example, + +```puppet +$override_options = { + 'mysqld' => { + 'replicate-do-db' => ['base1', 'base2'], + } +} +``` + +produces + +``` +[mysqld] +replicate-do-db = base1 +replicate-do-db = base2 +``` + +To implement version specific parameters, specify the version, such as [mysqld-5.5]. This allows one config for different versions of MySQL. + +### Create a database + +To create a database with a user and some assigned privileges: + +```puppet +mysql::db { 'mydb': + user => 'myuser', + password => 'mypass', + host => 'localhost', + grant => ['SELECT', 'UPDATE'], +} +``` + +To use a different resource name with exported resources: + +```puppet + @@mysql::db { "mydb_${fqdn}": + user => 'myuser', + password => 'mypass', + dbname => 'mydb', + host => ${fqdn}, + grant => ['SELECT', 'UPDATE'], + tag => $domain, +} +``` + +Then you can collect it on the remote DB server: + +```puppet +Mysql::Db <<| tag == $domain |>> +``` + +If you set the sql parameter to a file when creating a database, the file is imported into the new database. + +For large sql files, increase the `import_timeout` parameter, which defaults to 300 seconds. + +```puppet +mysql::db { 'mydb': + user => 'myuser', + password => 'mypass', + host => 'localhost', + grant => ['SELECT', 'UPDATE'], + sql => '/path/to/sqlfile', + import_timeout => 900, +} +``` + +### Customize configuration + +To add custom MySQL configuration, place additional files into `includedir`. This allows you to override settings or add additional ones, which is helpful if you don't use `override_options` in `mysql::server`. The `includedir` location is by default set to `/etc/mysql/conf.d`. + +### Work with an existing server + +To instantiate databases and users on an existing MySQL server, you need a `.my.cnf` file in `root`'s home directory. This file must specify the remote server address and credentials. For example: + +``` +[client] +user=root +host=localhost +password=secret +``` + +When working with a remote server, do *not* use the `mysql::server` class in your Puppet manifests. + +### Specify passwords + +In addition to passing passwords as plain text, you can input them as hashes. For example: + +```puppet +mysql::db { 'mydb': + user => 'myuser', + password => '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', + host => 'localhost', + grant => ['SELECT', 'UPDATE'], +} +``` + +## Reference + +### Classes + +#### Public classes + +* [`mysql::server`](#mysqlserver): Installs and configures MySQL. +* [`mysql::server::monitor`](#mysqlservermonitor): Sets up a monitoring user. +* [`mysql::server::mysqltuner`](#mysqlservermysqltuner): Installs MySQL tuner script. +* [`mysql::server::backup`](#mysqlserverbackup): Sets up MySQL backups via cron. +* [`mysql::bindings`](#mysqlbindings): Installs various MySQL language bindings. +* [`mysql::client`](#mysqlclient): Installs MySQL client (for non-servers). + +#### Private classes + +* `mysql::server::install`: Installs packages. +* `mysql::server::installdb`: Implements setup of mysqld data directory (e.g. /var/lib/mysql) +* `mysql::server::config`: Configures MYSQL. +* `mysql::server::service`: Manages service. +* `mysql::server::account_security`: Deletes default MySQL accounts. +* `mysql::server::root_password`: Sets MySQL root password. +* `mysql::server::providers`: Creates users, grants, and databases. +* `mysql::bindings::client_dev`: Installs MySQL client development package. +* `mysql::bindings::daemon_dev`: Installs MySQL daemon development package. +* `mysql::bindings::java`: Installs Java bindings. +* `mysql::bindings::perl`: Installs Perl bindings. +* `mysql::bindings::php`: Installs PHP bindings. +* `mysql::bindings::python`: Installs Python bindings. +* `mysql::bindings::ruby`: Installs Ruby bindings. +* `mysql::client::install`: Installs MySQL client. +* `mysql::backup::mysqldump`: Implements mysqldump backups. +* `mysql::backup::mysqlbackup`: Implements backups with Oracle MySQL Enterprise Backup. +* `mysql::backup::xtrabackup`: Implements backups with XtraBackup from Percona. + +### Parameters + +#### mysql::server + +##### `create_root_user` + +Whether root user should be created. Valid values are true, false. Defaults to true. + +This is useful for a cluster setup with Galera. The root user has to be created only once. You can set this parameter true on one node and set it to false on the remaining nodes. + +##### `create_root_my_cnf` + +Whether to create `/root/.my.cnf`. Valid values are true, false. Defaults to true. + +`create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. + +##### `root_password` + +The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. + +This is required if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. + +Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. + +##### `old_root_password` + +This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. + +##### `override_options` + +Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: + +```puppet +$override_options = { + 'section' => { + 'item' => 'thing', + } +} +``` + +See [**Customize Server Options**](#customize-server-options) above for usage details. + +##### `config_file` + +The location, as a path, of the MySQL configuration file. + +##### `manage_config_file` + +Whether the MySQL configuration file should be managed. Valid values are true, false. Defaults to true. + +##### `includedir` +The location, as a path, of !includedir for custom configuration overrides. + +##### `install_options` +Passes [install_options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) array to managed package resources. You must pass the appropriate options for the specified package manager. + +##### `purge_conf_dir` + +Whether the `includedir` directory should be purged. Valid values are true, false. Defaults to false. + +##### `restart` + +Whether the service should be restarted when things change. Valid values are true, false. Defaults to false. + +##### `root_group` + +The name of the group used for root. Can be a group name or a group ID. See more about the [`group` file attribute](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). + +##### `mysql_group` + +The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [`group` file attribute](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). + +##### `package_ensure` + +Whether the package exists or should be a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Defaults to 'present'. + +##### `package_manage` + +Whether to manage the MySQL server package. Defaults to true. + +##### `package_name` + +The name of the MySQL server package to install. + +##### `remove_default_accounts` + +Specifies whether to automatically include `mysql::server::account_security`. Valid values are true, false. Defaults to false. + +##### `service_enabled` + +Specifies whether the service should be enabled. Valid values are true, false. Defaults to true. + +##### `service_manage` + +Specifies whether the service should be managed. Valid values are true, false. Defaults to true. + +##### `service_name` + +The name of the MySQL server service. Defaults are OS dependent, defined in params.pp. + +##### `service_provider` + +The provider to use to manage the service. For Ubuntu, defaults to 'upstart'; otherwise, default is undefined. + +##### `users` + +Optional hash of users to create, which are passed to [mysql_user](#mysql_user). + +``` +users => { + 'someuser@localhost' => { + ensure => 'present', + max_connections_per_hour => '0', + max_queries_per_hour => '0', + max_updates_per_hour => '0', + max_user_connections => '0', + password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', + }, +} +``` + +##### `grants` + +Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). + +``` +grants => { + 'someuser@localhost/somedb.*' => { + ensure => 'present', + options => ['GRANT'], + privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], + table => 'somedb.*', + user => 'someuser@localhost', + }, +} +``` + +##### `databases` + +Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). + +``` +databases => { + 'somedb' => { + ensure => 'present', + charset => 'utf8', + }, +} +``` + +#### mysql::server::backup + +##### `backupuser` + +MySQL user to create for backups. + +##### `backuppassword` + +MySQL user password for backups. + +##### `backupdir` + +Directory in which to store backups. + +##### `backupdirmode` + +Permissions applied to the backup directory. This parameter is passed directly +to the `file` resource. + +##### `backupdirowner` + +Owner for the backup directory. This parameter is passed directly to the `file` +resource. + +##### `backupdirgroup` + +Group owner for the backup directory. This parameter is passed directly to the +`file` resource. + +##### `backupcompress` + +Whether backups should be compressed. Valid values are true, false. Defaults to true. + +##### `backuprotate` + +How many days to keep backups. Valid value is an integer. Defaults to '30'. + +##### `delete_before_dump` + +Whether to delete old .sql files before backing up. Setting to true deletes old files before backing up, while setting to false deletes them after backup. Valid values are true, false. Defaults to false. + +##### `backupdatabases` + +Specifies an array of databases to back up. + +##### `file_per_database` + +Whether a separate file be used per database. Valid values are true, false. Defaults to false. + +##### `include_routines` + +Whether or not to include routines for each database when doing a `file_per_database` backup. Defaults to false. + +##### `include_triggers` + +Whether or not to include triggers for each database when doing a `file_per_database` backup. Defaults to false. + +##### `ensure` + +Allows you to remove the backup scripts. Valid values are 'present', 'absent'. Defaults to 'present'. + +##### `execpath` + +Allows you to set a custom PATH should your MySQL installation be non-standard places. Defaults to `/usr/bin:/usr/sbin:/bin:/sbin`. + +##### `time` + +An array of two elements to set the backup time. Allows ['23', '5'] (i.e., 23:05) or ['3', '45'] (i.e., 03:45) for HH:MM times. + +##### `postscript` + +A script that is executed when the backup is finished. This could be used to (r)sync the backup to a central store. This script can be either a single line that is directly executed or a number of lines supplied as an array. It could also be one or more externally managed (executable) files. + +##### `prescript` + +A script that is executed before the backup begins. + +##### `provider` + +Sets the server backup implementation. Valid values are: + +* `mysqldump`: Implements backups with mysqldump. Backup type: Logical. This is the default value. +* `mysqlbackup`: Implements backups with MySQL Enterprise Backup from Oracle. Backup type: Physical. To use this type of backup, you'll need the `meb` package, which is available in RPM and TAR formats from Oracle. For Ubuntu, you can use [meb-deb](https://github.com/dveeden/meb-deb) to create a package from an official tarball. +* `xtrabackup`: Implements backups with XtraBackup from Percona. Backup type: Physical. + +#### mysql::server::monitor + +##### `mysql_monitor_username` + +The username to create for MySQL monitoring. + +##### `mysql_monitor_password` + +The password to create for MySQL monitoring. + +##### `mysql_monitor_hostname` + +The hostname from which the monitoring user requests are allowed access. + +#### mysql::server::mysqltuner + +**Note**: If you're using this class on a non-network-connected system, you must download the mysqltuner.pl script and have it hosted somewhere accessible via `http(s)://`, `puppet://`, `ftp://`, or a fully qualified file path. + +##### `ensure` + +Ensures that the resource exists. Valid values are `present`, `absent`. Defaults to `present`. + +##### `version` + +The version to install from the major/MySQLTuner-perl github repository. Must be a valid tag. Defaults to 'v1.3.0'. + +##### `source` + +Specifies the source. If not specified, defaults to `https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl` + +#### mysql::bindings + +##### `client_dev` + +Specifies whether `::mysql::bindings::client_dev` should be included. Valid values are true', false. Defaults to false. + +##### `daemon_dev` + +Specifies whether `::mysql::bindings::daemon_dev` should be included. Valid values are true, false. Defaults to false. + +##### `java_enable` + +Specifies whether `::mysql::bindings::java` should be included. Valid values are true, false. Defaults to false. + +##### `perl_enable` + +Specifies whether `mysql::bindings::perl` should be included. Valid values are true, false. Defaults to false. + +##### `php_enable` + +Specifies whether `mysql::bindings::php` should be included. Valid values are true, false. Defaults to false. + +##### `python_enable` + +Specifies whether `mysql::bindings::python` should be included. Valid values are true, false. Defaults to false. + +##### `ruby_enable` + +Specifies whether `mysql::bindings::ruby` should be included. Valid values are true, false. Defaults to false. + +##### `install_options` + +Passes `install_options` array to managed package resources. You must pass the [appropriate options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) for the package manager(s). + +##### `client_dev_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `client_dev => true`. + +##### `client_dev_package_name` + +The name of the client_dev package to install. Only applies if `client_dev => true`. + +##### `client_dev_package_provider` + +The provider to use to install the client_dev package. Only applies if `client_dev => true`. + +##### `daemon_dev_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `daemon_dev => true`. + +##### `daemon_dev_package_name` + +The name of the daemon_dev package to install. Only applies if `daemon_dev => true`. + +##### `daemon_dev_package_provider` + +The provider to use to install the daemon_dev package. Only applies if `daemon_dev => true`. + +##### `java_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `java_enable => true`. + +##### `java_package_name` + +The name of the Java package to install. Only applies if `java_enable => true`. + +##### `java_package_provider` + +The provider to use to install the Java package. Only applies if `java_enable => true`. + +##### `perl_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `perl_enable => true`. + +##### `perl_package_name` + +The name of the Perl package to install. Only applies if `perl_enable => true`. + +##### `perl_package_provider` + +The provider to use to install the Perl package. Only applies if `perl_enable => true`. + +##### `php_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `php_enable => true`. + +##### `php_package_name` + +The name of the PHP package to install. Only applies if `php_enable => true`. + +##### `python_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `python_enable => true`. + +##### `python_package_name` + +The name of the Python package to install. Only applies if `python_enable => true`. + +##### `python_package_provider` + +The provider to use to install the PHP package. Only applies if `python_enable => true`. + +##### `ruby_package_ensure` + +Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `ruby_enable => true`. + +##### `ruby_package_name` + +The name of the Ruby package to install. Only applies if `ruby_enable => true`. + +##### `ruby_package_provider` + +What provider should be used to install the package. + +#### mysql::client + +##### `bindings_enable` + +Whether to automatically install all bindings. Valid values are true, false. Default to false. + +##### `install_options` +Array of install options for managed package resources. You must pass the appropriate options for the package manager. + +##### `package_ensure` + +Whether the MySQL package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. + +##### `package_manage` + +Whether to manage the MySQL client package. Defaults to true. + +##### `package_name` + +The name of the MySQL client package to install. + +### Defines + +#### mysql::db + +``` +mysql_database { 'information_schema': + ensure => 'present', + charset => 'utf8', + collate => 'utf8_swedish_ci', +} +mysql_database { 'mysql': + ensure => 'present', + charset => 'latin1', + collate => 'latin1_swedish_ci', +} +``` + +##### `user` + +The user for the database you're creating. + +##### `password` + +The password for $user for the database you're creating. + +##### `dbname` + +The name of the database to create. Defaults to $name. + +##### `charset` + +The character set for the database. Defaults to 'utf8'. + +##### `collate` + +The collation for the database. Defaults to 'utf8_general_ci'. + +##### `host` + +The host to use as part of user@host for grants. Defaults to 'localhost'. + +##### `grant` + +The privileges to be granted for user@host on the database. Defaults to 'ALL'. + +##### `sql` + +The path to the sqlfile you want to execute. This can be single file specified as string, or it can be an array of strings. Defaults to undef. + +##### `enforce_sql` + +Specifies whether executing the sqlfiles should happen on every run. If set to false, sqlfiles only run once. Valid values are true, false. Defaults to false. + +##### `ensure` + +Specifies whether to create the database. Valid values are 'present', 'absent'. Defaults to 'present'. + +##### `import_timeout` + +Timeout, in seconds, for loading the sqlfiles. Defaults to '300'. + +### Types + +#### mysql_database + +`mysql_database` creates and manages databases within MySQL. + +##### `ensure` + +Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. + +##### `name` + +The name of the MySQL database to manage. + +##### `charset` + +The CHARACTER SET setting for the database. Defaults to ':utf8'. + +##### `collate` + +The COLLATE setting for the database. Defaults to ':utf8_general_ci'. + +#### mysql_user + +Creates and manages user grants within MySQL. + +``` +mysql_user { 'root@127.0.0.1': + ensure => 'present', + max_connections_per_hour => '0', + max_queries_per_hour => '0', + max_updates_per_hour => '0', + max_user_connections => '0', +} +``` + +You can also specify an authentication plugin. + +``` +mysql_user{ 'myuser'@'localhost': + ensure => 'present', + plugin => 'unix_socket', +} +``` + +##### `name` + +The name of the user, as 'username@hostname' or username@hostname. + +##### `password_hash` + +The user's password hash of the user. Use mysql_password() for creating such a hash. + +##### `max_user_connections` + +Maximum concurrent connections for the user. Must be an integer value. A value of '0' specifies no (or global) limit. + +##### `max_connections_per_hour` + +Maximum connections per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. + +##### `max_queries_per_hour` + +Maximum queries per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. + +##### `max_updates_per_hour` + +Maximum updates per hour for the user. Must be an integer value. A value of '0' specifies no (or global) limit. + + +#### mysql_grant + +`mysql_grant` creates grant permissions to access databases within +MySQL. To create grant permissions to access databases with MySQL, use it you must create the title of the resource as shown below, +following the pattern of `username@hostname/database.table`: + +``` +mysql_grant { 'root@localhost/*.*': + ensure => 'present', + options => ['GRANT'], + privileges => ['ALL'], + table => '*.*', + user => 'root@localhost', +} +``` + +It is possible to specify privileges down to the column level: + +``` +mysql_grant { 'root@localhost/mysql.user': + ensure => 'present', + privileges => ['SELECT (Host, User)'], + table => 'mysql.user', + user => 'root@localhost', +} +``` + +##### `ensure` + +Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. + +##### `name` + +Name to describe the grant. Must in a 'user/table' format. + +##### `privileges` + +Privileges to grant the user. + +##### `table` + +The table to which privileges are applied. + +##### `user` + +User to whom privileges are granted. + +##### `options` + +MySQL options to grant. Optional. + +#### mysql_plugin + +`mysql_plugin` can be used to load plugins into the MySQL Server. + +``` +mysql_plugin { 'auth_socket': + ensure => 'present', + soname => 'auth_socket.so', +} +``` + +##### `ensure` + +Whether the resource is present. Valid values are 'present', 'absent'. Defaults to 'present'. + +##### `name` + +The name of the MySQL plugin to manage. + +##### `soname` + +The library file name. + +#### `mysql_datadir` + +Initializes the MySQL data directory with version specific code. Pre MySQL 5.7.6 +it uses mysql_install_db. After MySQL 5.7.6 it uses mysqld --initialize-insecure. + +Insecure initialization is needed, as mysqld version 5.7 introduced "secure by default" mode. +This means MySQL generates a random password and writes it to STDOUT. This means puppet +can never accesss the database server afterwards, as no credencials are available. + +This type is an internal type and should not be called directly. + +### Facts + +#### `mysql_version` + +Determines the MySQL version by parsing the output from `mysql --version` + +#### `mysql_server_id` + +Generates a unique id, based on the node's MAC address, which can be used as +`server_id`. This fact will *always* return `0` on nodes that have only +loopback interfaces. Because those nodes aren't connected to the outside world, this shouldn't cause any conflicts. + +## Limitations + +This module has been tested on: + +* RedHat Enterprise Linux 5, 6, 7 +* Debian 6, 7 +* CentOS 5, 6, 7 +* Ubuntu 10.04, 12.04, 14.04 +* Scientific Linux 5, 6 +* SLES 11 + +Testing on other platforms has been minimal and cannot be guaranteed. + +## Development + +Puppet Labs modules on the Puppet Forge are open projects, and community +contributions are essential for keeping them great. We can't access the +huge number of platforms and myriad of hardware, software, and deployment +configurations that Puppet is intended to serve. + +We want to keep it as easy as possible to contribute changes so that our +modules work in your environment. There are a few guidelines that we need +contributors to follow so that we can have a chance of keeping on top of things. + +Check out our the complete [module contribution guide](https://docs.puppetlabs.com/forge/contributing.html). + +### Authors + +This module is based on work by David Schmitt. The following contributors have contributed to this module (beyond Puppet Labs): + +* Larry Ludwig +* Christian G. Warden +* Daniel Black +* Justin Ellison +* Lowe Schmidt +* Matthias Pigulla +* William Van Hevelingen +* Michael Arnold +* Chris Weyl +* Daniël van Eeden + diff --git a/modules/services/unix/mysql/mysql/module/mysql/Rakefile b/modules/services/unix/mysql/mysql/module/mysql/Rakefile new file mode 100644 index 000000000..7e9a13d5d --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/Rakefile @@ -0,0 +1,42 @@ +require 'puppet_blacksmith/rake_tasks' +require 'puppet-lint/tasks/puppet-lint' +require 'puppetlabs_spec_helper/rake_tasks' + +PuppetLint.configuration.fail_on_warnings = true +PuppetLint.configuration.send('relative') +PuppetLint.configuration.send('disable_80chars') +PuppetLint.configuration.send('disable_class_inherits_from_params_class') +PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') +PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] + +desc 'Generate pooler nodesets' +task :gen_nodeset do + require 'beaker-hostgenerator' + require 'securerandom' + require 'fileutils' + + agent_target = ENV['TEST_TARGET'] + if ! agent_target + STDERR.puts 'TEST_TARGET environment variable is not set' + STDERR.puts 'setting to default value of "redhat-64default."' + agent_target = 'redhat-64default.' + end + + master_target = ENV['MASTER_TEST_TARGET'] + if ! master_target + STDERR.puts 'MASTER_TEST_TARGET environment variable is not set' + STDERR.puts 'setting to default value of "redhat7-64mdcl"' + master_target = 'redhat7-64mdcl' + end + + targets = "#{master_target}-#{agent_target}" + cli = BeakerHostGenerator::CLI.new([targets]) + nodeset_dir = "tmp/nodesets" + nodeset = "#{nodeset_dir}/#{targets}-#{SecureRandom.uuid}.yaml" + FileUtils.mkdir_p(nodeset_dir) + File.open(nodeset, 'w') do |fh| + fh.print(cli.execute) + end + puts nodeset +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/TODO b/modules/services/unix/mysql/mysql/module/mysql/TODO new file mode 100644 index 000000000..391329393 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/TODO @@ -0,0 +1,8 @@ +The best that I can tell is that this code traces back to David Schmitt. It has been forked many times since then :) + +1. you cannot add databases to an instance that has a root password +2. you have to specify username as USER@BLAH or it cannot be found +3. mysql_grant does not complain if user does not exist +4. Needs support for pre-seeding on debian +5. the types may need to take user/password +6. rather or not to configure /etc/.my.cnf should be configurable diff --git a/modules/services/unix/mysql/mysql/module/mysql/checksums.json b/modules/services/unix/mysql/mysql/module/mysql/checksums.json new file mode 100644 index 000000000..309bbbb1d --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/checksums.json @@ -0,0 +1,117 @@ +{ + "CHANGELOG.md": "b5cb14b626076315c5bb56cd60788c28", + "CONTRIBUTING.md": "ad65d271f183b5adb9fdd58207939f5f", + "Gemfile": "38f9516da4490bd9b5747b7148ffe98a", + "LICENSE": "3b83ef96387f14655fc854ddc3c6bd57", + "NOTICE": "d43aacde256c8e55a50e2425e25b3a8a", + "README.md": "cf190afba0ebab8c8a6365de666fe79c", + "Rakefile": "ab91824042ec3fd085a41cab7e0e90d4", + "TODO": "88ca4024a37992b46c34cb46e4ac39e6", + "examples/backup.pp": "a61c6f34f153a323209faf25948737f5", + "examples/bindings.pp": "35a8387f5c55fa2e479c513a67918674", + "examples/java.pp": "0ad9de4f9f2c049642bcf08124757085", + "examples/mysql_database.pp": "107ee8793f7b4a12cfca32eddccc6bbd", + "examples/mysql_db.pp": "55d2d603f9fb8ab3c8a781d08119aa69", + "examples/mysql_grant.pp": "cd42336a6c7b2d27f5d5d6d0e310ee1a", + "examples/mysql_plugin.pp": "4f86c988a99b131e736501a309604e94", + "examples/mysql_user.pp": "0b76964aebb01714745548e0f2f32fd3", + "examples/perl.pp": "454f14dc4492fcf04afbe81b2776917e", + "examples/python.pp": "355a7e1ea3978a8fd290b5bc28b63808", + "examples/ruby.pp": "a6ae0381aacc5a8d2c403e606c6df0f0", + "examples/server/account_security.pp": "375442b7886c01b42fbf75a1fcb31822", + "examples/server/config.pp": "659b7c40e9b55634721b3c33a8c6da98", + "examples/server.pp": "72e22552a95b9a5e4a349dbfc13639dc", + "lib/facter/mysql_server_id.rb": "717f121e05912a3ebe6fd9ba92ec3965", + "lib/facter/mysql_version.rb": "e30648f3d394a1cbdd4e54eb5c28d28c", + "lib/puppet/parser/functions/mysql_deepmerge.rb": "2b5040ee8cd75a81cf881851e922833a", + "lib/puppet/parser/functions/mysql_dirname.rb": "820ba09a6a0df639da560b41cb31242f", + "lib/puppet/parser/functions/mysql_password.rb": "365a0ba55f0d04d0f5d56abcd577ec7d", + "lib/puppet/parser/functions/mysql_strip_hash.rb": "3efe69f1eb189b2913e178b8472aaede", + "lib/puppet/parser/functions/mysql_table_exists.rb": "c960c1ea5d433c35f5d414b1def36aea", + "lib/puppet/provider/mysql.rb": "0c90d1aff1e36ecdcf69ebd6caadadf8", + "lib/puppet/provider/mysql_database/mysql.rb": "5cf9b8044df4ec72a726b5f781c84f8f", + "lib/puppet/provider/mysql_datadir/mysql.rb": "376369db3eb61cbfc15817093c8081e5", + "lib/puppet/provider/mysql_grant/mysql.rb": "65f242017094dfabad7ca3f4928e92a2", + "lib/puppet/provider/mysql_plugin/mysql.rb": "49128d2a9a547c4945735bfd75fd6d6c", + "lib/puppet/provider/mysql_user/mysql.rb": "f6d095a040cb75e6316ea464dd1ab84d", + "lib/puppet/type/mysql_database.rb": "438eafbfecc30605462a220d92cf9603", + "lib/puppet/type/mysql_datadir.rb": "8ed364298fccd83ea03a5eff44040304", + "lib/puppet/type/mysql_grant.rb": "2c04c9df671fc9c91d85cb2487d14ece", + "lib/puppet/type/mysql_plugin.rb": "0a52cead6c9283c9aa14ea71bdfa80bd", + "lib/puppet/type/mysql_user.rb": "e8dc61e4d81244d58a71b0d8aa01ac76", + "manifests/backup/mysqlbackup.pp": "98a7f8c180eb87cef6e3f17332116ec9", + "manifests/backup/mysqldump.pp": "9883500deb8829cd70cf9a60120b80aa", + "manifests/backup/xtrabackup.pp": "0798401d4625c2c379865bd92679fcc2", + "manifests/bindings/client_dev.pp": "80753f1bf48de71d2ca1a6cfda4830be", + "manifests/bindings/daemon_dev.pp": "94d2d74afc2b247593877cebd548ed76", + "manifests/bindings/java.pp": "556b743dc162d2f3264708b0b7ba0328", + "manifests/bindings/perl.pp": "4ecbd448ceac580a07df34b5d3e24837", + "manifests/bindings/php.pp": "641139f1f27085b8e72ac73fb8bc39d8", + "manifests/bindings/python.pp": "ef9e674237eddd7e98ab307131b11069", + "manifests/bindings/ruby.pp": "32b0a32161f7a5b50562cb8e154207d9", + "manifests/bindings.pp": "8becf04105d44910f12986a58cd566f7", + "manifests/client/install.pp": "7b5810404cc9411ec38de404749f1266", + "manifests/client.pp": "c350bd6d108acb03a87b860b14d225ef", + "manifests/db.pp": "109ea3b19c342c645383df511e6a2782", + "manifests/params.pp": "4d6dade0bbfd8859f3ac981ad1fa706c", + "manifests/server/account_security.pp": "407e8c4bd6f2467927b23f241fc556e3", + "manifests/server/backup.pp": "c982860f7e8ac525e3ede3045fdda516", + "manifests/server/config.pp": "38610a61d097080a655aad5ee1489159", + "manifests/server/install.pp": "3cbbf313b940b582e73c229f4a8c0720", + "manifests/server/installdb.pp": "1c52f9cdd176b40013588e3cf9a07566", + "manifests/server/monitor.pp": "3810b5d756a3661e92d709115982cd59", + "manifests/server/mysqltuner.pp": "c966679bff1296e875a9ec1462a022f4", + "manifests/server/providers.pp": "87a019dce5bbb6b18c9aa61b5f99134c", + "manifests/server/root_password.pp": "5790e04defe2a64d145975abdfcfd3ac", + "manifests/server/service.pp": "1da3a7839d1b3891d6daa7c217188ed8", + "manifests/server.pp": "a3fe8f65e57466af28b7581847cef8b4", + "metadata.json": "6280e31c5658639cde4fbe4c05c091a5", + "spec/acceptance/mysql_backup_spec.rb": "57cb101519fce1ad588fd60f3435d57c", + "spec/acceptance/mysql_db_spec.rb": "c093f0d25c7000713b444706b6cfd1c7", + "spec/acceptance/mysql_server_spec.rb": "dba4187fe8a13edad1899cae014383aa", + "spec/acceptance/nodesets/centos-510-x64.yml": "5698f7e61292730c603e03f64fe19359", + "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", + "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", + "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", + "spec/acceptance/nodesets/default.yml": "76d6d770f3daf53ef1b9a17cd0163290", + "spec/acceptance/nodesets/fedora-18-x64.yml": "80e41b1ee16ea489f53164bfdae58855", + "spec/acceptance/nodesets/sles-11-x64.yml": "44e4c6c15c018333bfa9840a5e702f66", + "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", + "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", + "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", + "spec/acceptance/types/mysql_database_spec.rb": "047db055103fa9782bc6714297eb2a09", + "spec/acceptance/types/mysql_grant_spec.rb": "5c92857f218a8f024276509fc9a020b8", + "spec/acceptance/types/mysql_plugin_spec.rb": "e41e1df4997f57d70db4aaff8b0a1549", + "spec/acceptance/types/mysql_user_spec.rb": "7ae65d682141d2b6005adeafc4ce4698", + "spec/classes/graceful_failures_spec.rb": "91481f693c3f71dff22524189438bcc6", + "spec/classes/mycnf_template_spec.rb": "07fc36d51b592eba1f94d39208c2701f", + "spec/classes/mysql_bindings_spec.rb": "14c5abbe4ae20278d1a4a02254bf312b", + "spec/classes/mysql_client_spec.rb": "b1fa7a5a06585697f7100d1891d359ed", + "spec/classes/mysql_server_account_security_spec.rb": "97b6caf04a7a75a88e58728edcfc11cb", + "spec/classes/mysql_server_backup_spec.rb": "1c01eab1df2898cb77ed87b080329b1d", + "spec/classes/mysql_server_monitor_spec.rb": "aef3aa73265b42b66b963a09e5f32f1f", + "spec/classes/mysql_server_mysqltuner_spec.rb": "c56efeaad5ea3fce12085358a401c08c", + "spec/classes/mysql_server_spec.rb": "228d7bb30f3838c77840c61bf34b9da5", + "spec/defines/mysql_db_spec.rb": "47d1667d245efcb07a4b99ea30be9e6c", + "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", + "spec/spec_helper.rb": "b2db3bc02b4ac2fd5142a6621c641b07", + "spec/spec_helper_acceptance.rb": "4c55defc78d7806fe670ac5fbb1fa0dc", + "spec/spec_helper_local.rb": "05db024c91eb5d5141b67d97b01a58b4", + "spec/unit/facter/mysql_server_id_spec.rb": "a8c5e7b8ac56d020dac917764a29c905", + "spec/unit/facter/mysql_version_spec.rb": "f593c725b83a7bbf1f0fdc13bf1531df", + "spec/unit/puppet/functions/mysql_deepmerge_spec.rb": "f6102e1f82fb9f4aa38cbf3955ee5973", + "spec/unit/puppet/functions/mysql_password_spec.rb": "8fe68dc4ec13fc6ade18defe54cac8d4", + "spec/unit/puppet/functions/mysql_table_exists_spec.rb": "854cd7376d2a0014c8e1d6ddf7adc609", + "spec/unit/puppet/provider/mysql_database/mysql_spec.rb": "98a799433ac10b237ac3ad27441610d4", + "spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb": "914bac73bb9841ec7d7041488a55d442", + "spec/unit/puppet/provider/mysql_user/mysql_spec.rb": "67584439500aae918a9d23a65eb60e9c", + "spec/unit/puppet/type/mysql_database_spec.rb": "9fa0d390c2e15c8a52fc2b981e2a63fc", + "spec/unit/puppet/type/mysql_grant_spec.rb": "1a003358dc88a74ef21fb33fc71debef", + "spec/unit/puppet/type/mysql_plugin_spec.rb": "7ebacf228dfd0c60811bdf8a28a329ff", + "spec/unit/puppet/type/mysql_user_spec.rb": "ededed596db6661ea769aa333decc785", + "templates/meb.cnf.erb": "b6422b19ee97b8a2883bfac44fdc0292", + "templates/my.cnf.erb": "535d2ff37fea6b11ad928224965143d3", + "templates/my.cnf.pass.erb": "11f80afb0993a436f074a43f70733999", + "templates/mysqlbackup.sh.erb": "ecc7d1c91ace7c37b960ee12d0d96736", + "templates/xtrabackup.sh.erb": "219b487c4faad80a897cda6973b81741" +} \ No newline at end of file diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/backup.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/backup.pp new file mode 100644 index 000000000..4bdf8043b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/backup.pp @@ -0,0 +1,9 @@ +class { 'mysql::server': + root_password => 'password' +} + +class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/bindings.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/bindings.pp new file mode 100644 index 000000000..e4e325c61 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/bindings.pp @@ -0,0 +1,3 @@ +class { 'mysql::bindings': + php_enable => true, +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/java.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/java.pp new file mode 100644 index 000000000..0fc009a6d --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/java.pp @@ -0,0 +1 @@ +class { 'mysql::java':} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_database.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_database.pp new file mode 100644 index 000000000..47a328cff --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_database.pp @@ -0,0 +1,17 @@ +class { 'mysql::server': + root_password => 'password' +} +mysql::db{ ['test1', 'test2', 'test3']: + ensure => present, + charset => 'utf8', + require => Class['mysql::server'], +} +mysql::db{ 'test4': + ensure => present, + charset => 'latin1', +} +mysql::db{ 'test5': + ensure => present, + charset => 'binary', + collate => 'binary', +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_db.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_db.pp new file mode 100644 index 000000000..43c619f8d --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_db.pp @@ -0,0 +1,17 @@ +class { 'mysql::server': + root_password => 'password' +} +mysql::db { 'mydb': + user => 'myuser', + password => 'mypass', + host => 'localhost', + grant => ['SELECT', 'UPDATE'], +} +mysql::db { "mydb_${fqdn}": + user => 'myuser', + password => 'mypass', + dbname => 'mydb', + host => $::fqdn, + grant => ['SELECT', 'UPDATE'], + tag => $domain, +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_grant.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_grant.pp new file mode 100644 index 000000000..20fe78d6a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_grant.pp @@ -0,0 +1,5 @@ +mysql_grant{'test1@localhost/redmine.*': + user => 'test1@localhost', + table => 'redmine.*', + privileges => ['UPDATE'], +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_plugin.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_plugin.pp new file mode 100644 index 000000000..d80275972 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_plugin.pp @@ -0,0 +1,23 @@ +class { 'mysql::server': + root_password => 'password' +} + +$validate_password_soname = $::osfamily ? { + windows => 'validate_password.dll', + default => 'validate_password.so' +} + +mysql::plugin { 'validate_password': + ensure => present, + soname => $validate_password_soname, +} + +$auth_socket_soname = $::osfamily ? { + windows => 'auth_socket.dll', + default => 'auth_socket.so' +} + +mysql::plugin { 'auth_socket': + ensure => present, + soname => $auth_socket_soname, +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_user.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_user.pp new file mode 100644 index 000000000..c47186866 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/mysql_user.pp @@ -0,0 +1,32 @@ +$mysql_root_pw = 'password' + +class { 'mysql::server': + root_password => 'password', +} + +mysql_user{ 'redmine@localhost': + ensure => present, + password_hash => mysql_password('redmine'), + require => Class['mysql::server'], +} + +mysql_user{ 'dan@localhost': + ensure => present, + password_hash => mysql_password('blah') +} + +mysql_user{ 'dan@%': + ensure => present, + password_hash => mysql_password('blah'), +} + +mysql_user{ 'socketplugin@%': + ensure => present, + plugin => 'unix_socket', +} + +mysql_user{ 'socketplugin@%': + ensure => present, + password_hash => mysql_password('blah'), + plugin => 'mysql_native_password', +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/perl.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/perl.pp new file mode 100644 index 000000000..1bbd3ab2f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/perl.pp @@ -0,0 +1 @@ +include mysql::bindings::perl diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/python.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/python.pp new file mode 100644 index 000000000..49ddddb60 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/python.pp @@ -0,0 +1 @@ +class { 'mysql::bindings::python':} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/ruby.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/ruby.pp new file mode 100644 index 000000000..671725630 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/ruby.pp @@ -0,0 +1 @@ +include mysql::bindings::ruby diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/server.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/server.pp new file mode 100644 index 000000000..8afdd00d2 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/server.pp @@ -0,0 +1,3 @@ +class { 'mysql::server': + root_password => 'password', +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/server/account_security.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/server/account_security.pp new file mode 100644 index 000000000..cb59f4f64 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/server/account_security.pp @@ -0,0 +1,4 @@ +class { 'mysql::server': + root_password => 'password', +} +class { 'mysql::server::account_security': } diff --git a/modules/services/unix/mysql/mysql/module/mysql/examples/server/config.pp b/modules/services/unix/mysql/mysql/module/mysql/examples/server/config.pp new file mode 100644 index 000000000..2cde11b0b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/examples/server/config.pp @@ -0,0 +1,3 @@ +mysql::server::config { 'testfile': + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_server_id.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_server_id.rb new file mode 100644 index 000000000..df0052f40 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_server_id.rb @@ -0,0 +1,9 @@ +def get_mysql_id + Facter.value(:macaddress).split(':').inject(0) { |total,value| (total << 6) + value.hex } +end + +Facter.add("mysql_server_id") do + setcode do + get_mysql_id rescue nil + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_version.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_version.rb new file mode 100644 index 000000000..62fba6156 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/facter/mysql_version.rb @@ -0,0 +1,8 @@ +Facter.add("mysql_version") do + setcode do + mysql_ver = Facter::Util::Resolution.exec('mysql --version') + if mysql_ver + mysql_ver.match(/\d+\.\d+\.\d+/)[0] + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb new file mode 100644 index 000000000..aca9c7a3d --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_deepmerge.rb @@ -0,0 +1,58 @@ +module Puppet::Parser::Functions + newfunction(:mysql_deepmerge, :type => :rvalue, :doc => <<-'ENDHEREDOC') do |args| + Recursively merges two or more hashes together and returns the resulting hash. + + For example: + + $hash1 = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } + $hash2 = {'two' => 'dos', 'three' => { 'five' => 5 } } + $merged_hash = mysql_deepmerge($hash1, $hash2) + # The resulting hash is equivalent to: + # $merged_hash = { 'one' => 1, 'two' => 'dos', 'three' => { 'four' => 4, 'five' => 5 } } + + When there is a duplicate key that is a hash, they are recursively merged. + When there is a duplicate key that is not a hash, the key in the rightmost hash will "win." + When there are conficting uses of dashes and underscores in two keys (which mysql would otherwise equate), + the rightmost style will win. + + ENDHEREDOC + + if args.length < 2 + raise Puppet::ParseError, ("mysql_deepmerge(): wrong number of arguments (#{args.length}; must be at least 2)") + end + + result = Hash.new + args.each do |arg| + next if arg.is_a? String and arg.empty? # empty string is synonym for puppet's undef + # If the argument was not a hash, skip it. + unless arg.is_a?(Hash) + raise Puppet::ParseError, "mysql_deepmerge: unexpected argument type #{arg.class}, only expects hash arguments" + end + + # Now we have to traverse our hash assigning our non-hash values + # to the matching keys in our result while following our hash values + # and repeating the process. + overlay( result, arg ) + end + return( result ) + end +end + +def has_normalized!(hash, key) + return true if hash.has_key?( key ) + return false unless key.match(/-|_/) + other_key = key.include?('-') ? key.gsub( '-', '_' ) : key.gsub( '_', '-' ) + return false unless hash.has_key?( other_key ) + hash[key] = hash.delete( other_key ) + return true; +end + +def overlay( hash1, hash2 ) + hash2.each do |key, value| + if(has_normalized!( hash1, key ) and value.is_a?(Hash) and hash1[key].is_a?(Hash)) + overlay( hash1[key], value ) + else + hash1[key] = value + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_dirname.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_dirname.rb new file mode 100644 index 000000000..5d0ef5557 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_dirname.rb @@ -0,0 +1,15 @@ +module Puppet::Parser::Functions + newfunction(:mysql_dirname, :type => :rvalue, :doc => <<-EOS + Returns the dirname of a path. + EOS + ) do |arguments| + + raise(Puppet::ParseError, "mysql_dirname(): Wrong number of arguments " + + "given (#{arguments.size} for 1)") if arguments.size < 1 + + path = arguments[0] + return File.dirname(path) + end +end + +# vim: set ts=2 sw=2 et : diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_password.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_password.rb new file mode 100644 index 000000000..74d7fa8cc --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_password.rb @@ -0,0 +1,17 @@ +# hash a string as mysql's "PASSWORD()" function would do it +require 'digest/sha1' + +module Puppet::Parser::Functions + newfunction(:mysql_password, :type => :rvalue, :doc => <<-EOS + Returns the mysql password hash from the clear text password. + EOS + ) do |args| + + raise(Puppet::ParseError, 'mysql_password(): Wrong number of arguments ' + + "given (#{args.size} for 1)") if args.size != 1 + + return '' if args[0].empty? + return args[0] if args[0] =~ /\*[A-F0-9]{40}$/ + '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(args[0])).upcase + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb new file mode 100644 index 000000000..8e850d02a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_strip_hash.rb @@ -0,0 +1,21 @@ +module Puppet::Parser::Functions + newfunction(:mysql_strip_hash, :type => :rvalue, :arity => 1, :doc => <<-EOS +TEMPORARY FUNCTION: EXPIRES 2014-03-10 +When given a hash this function strips out all blank entries. +EOS + ) do |args| + + hash = args[0] + unless hash.is_a?(Hash) + raise(Puppet::ParseError, 'mysql_strip_hash(): Requires hash to work with') + end + + # Filter out all the top level blanks. + hash.reject{|k,v| v == ''}.each do |k,v| + if v.is_a?(Hash) + v.reject!{|ki,vi| vi == '' } + end + end + + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_table_exists.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_table_exists.rb new file mode 100644 index 000000000..ff089d85b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/parser/functions/mysql_table_exists.rb @@ -0,0 +1,30 @@ +module Puppet::Parser::Functions + newfunction(:mysql_table_exists, :type => :rvalue, :doc => <<-EOS + Check if table exists in database. + + For example: + + mysql_table_exists('*.*') or mysql_table_exists('example_database.*') always return true + mysql_table_exists('example_db.example_table') check existence table `example_table` in `example_database` + + EOS + ) do |args| + + return raise(Puppet::ParseError, + "mysql_table_exists() accept 1 argument - table string like 'database_name.table_name'") unless (args.size == 1 and match = args[0].match(/(.*)\.(.*)/)) + + db_name, table_name = match.captures + return true if (db_name.eql?('*') or table_name.eql?('*')) ## *.* is valid table string, but we shouldn't check it for existence + query = "SELECT TABLE_NAME FROM information_schema.tables WHERE TABLE_NAME = '#{table_name}' AND TABLE_SCHEMA = '#{db_name}';" + %x{mysql #{defaults_file} -NBe #{query}}.strip.eql?(table_name) + + end +end + +def defaults_file + if File.file?("#{Facter.value(:root_home)}/.my.cnf") + "--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf" + else + nil + end +end \ No newline at end of file diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql.rb new file mode 100644 index 000000000..cf76f13af --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql.rb @@ -0,0 +1,109 @@ +class Puppet::Provider::Mysql < Puppet::Provider + + # Without initvars commands won't work. + initvars + + # Make sure we find mysqld on CentOS + ENV['PATH']=ENV['PATH'] + ':/usr/libexec' + + commands :mysql => 'mysql' + commands :mysqld => 'mysqld' + commands :mysqladmin => 'mysqladmin' + + # Optional defaults file + def self.defaults_file + if File.file?("#{Facter.value(:root_home)}/.my.cnf") + "--defaults-extra-file=#{Facter.value(:root_home)}/.my.cnf" + else + nil + end + end + + def self.mysqld_type + # find the mysql "dialect" like mariadb / mysql etc. + mysqld_version_string.scan(/\s\(mariadb/i) { return "mariadb" } + mysqld_version_string.scan(/\s\(mysql/i) { return "mysql" } + mysqld_version_string.scan(/\s\(percona/i) { return "percona" } + nil + end + + def mysqld_type + self.class.mysqld_type + end + + def self.mysqld_version_string + # we cache the result ... + return @mysqld_version_string unless @mysqld_version_string.nil? + @mysqld_version_string = mysqld(['-V'].compact) + return @mysqld_version_string + end + + def mysqld_version_string + self.class.mysqld_version_string + end + + def self.mysqld_version + # note: be prepared for '5.7.6-rc-log' etc results + # versioncmp detects 5.7.6-log to be newer then 5.7.6 + # this is why we need the trimming. + mysqld_version_string.scan(/\d+\.\d+\.\d+/).first unless mysqld_version_string.nil? + end + + def mysqld_version + self.class.mysqld_version + end + + def defaults_file + self.class.defaults_file + end + + def self.users + mysql([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"].compact).split("\n") + end + + # Take root@localhost and munge it to 'root'@'localhost' + def self.cmd_user(user) + "'#{user.sub('@', "'@'")}'" + end + + # Take root.* and return ON `root`.* + def self.cmd_table(table) + table_string = '' + + # We can't escape *.* so special case this. + if table == '*.*' + table_string << '*.*' + # Special case also for PROCEDURES + elsif table.start_with?('PROCEDURE ') + table_string << table.sub(/^PROCEDURE (.*)(\..*)/, 'PROCEDURE `\1`\2') + else + table_string << table.sub(/^(.*)(\..*)/, '`\1`\2') + end + table_string + end + + def self.cmd_privs(privileges) + if privileges.include?('ALL') + return 'ALL PRIVILEGES' + else + priv_string = '' + privileges.each do |priv| + priv_string << "#{priv}, " + end + end + # Remove trailing , from the last element. + priv_string.sub(/, $/, '') + end + + # Take in potential options and build up a query string with them. + def self.cmd_options(options) + option_string = '' + options.each do |opt| + if opt == 'GRANT' + option_string << ' WITH GRANT OPTION' + end + end + option_string + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_database/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_database/mysql.rb new file mode 100644 index 000000000..4587c1882 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_database/mysql.rb @@ -0,0 +1,68 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) +Puppet::Type.type(:mysql_database).provide(:mysql, :parent => Puppet::Provider::Mysql) do + desc 'Manages MySQL databases.' + + commands :mysql => 'mysql' + + def self.instances + mysql([defaults_file, '-NBe', 'show databases'].compact).split("\n").collect do |name| + attributes = {} + mysql([defaults_file, '-NBe', "show variables like '%_database'", name].compact).split("\n").each do |line| + k,v = line.split(/\s/) + attributes[k] = v + end + new(:name => name, + :ensure => :present, + :charset => attributes['character_set_database'], + :collate => attributes['collation_database'] + ) + end + end + + # We iterate over each mysql_database entry in the catalog and compare it against + # the contents of the property_hash generated by self.instances + def self.prefetch(resources) + databases = instances + resources.keys.each do |database| + if provider = databases.find { |db| db.name == database } + resources[database].provider = provider + end + end + end + + def create + mysql([defaults_file, '-NBe', "create database if not exists `#{@resource[:name]}` character set `#{@resource[:charset]}` collate `#{@resource[:collate]}`"].compact) + + @property_hash[:ensure] = :present + @property_hash[:charset] = @resource[:charset] + @property_hash[:collate] = @resource[:collate] + + exists? ? (return true) : (return false) + end + + def destroy + mysql([defaults_file, '-NBe', "drop database if exists `#{@resource[:name]}`"].compact) + + @property_hash.clear + exists? ? (return false) : (return true) + end + + def exists? + @property_hash[:ensure] == :present || false + end + + mk_resource_methods + + def charset=(value) + mysql([defaults_file, '-NBe', "alter database `#{resource[:name]}` CHARACTER SET #{value}"].compact) + @property_hash[:charset] = value + charset == value ? (return true) : (return false) + end + + def collate=(value) + mysql([defaults_file, '-NBe', "alter database `#{resource[:name]}` COLLATE #{value}"].compact) + @property_hash[:collate] = value + collate == value ? (return true) : (return false) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_datadir/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_datadir/mysql.rb new file mode 100644 index 000000000..c90d9753c --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_datadir/mysql.rb @@ -0,0 +1,70 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) +Puppet::Type.type(:mysql_datadir).provide(:mysql, :parent => Puppet::Provider::Mysql) do + + desc 'manage data directories for mysql instances' + + initvars + + # Make sure we find mysqld on CentOS + ENV['PATH']=ENV['PATH'] + ':/usr/libexec' + + commands :mysqld => 'mysqld' + commands :mysql_install_db => 'mysql_install_db' + + def create + name = @resource[:name] + insecure = @resource.value(:insecure) || true + defaults_extra_file = @resource.value(:defaults_extra_file) + user = @resource.value(:user) || "mysql" + basedir = @resource.value(:basedir) || "/usr" + datadir = @resource.value(:datadir) || @resource[:name] + + unless defaults_extra_file.nil? + if File.exist?(defaults_extra_file) + defaults_extra_file="--defaults-extra-file=#{defaults_extra_file}" + else + raise ArgumentError, "Defaults-extra-file #{defaults_extra_file} is missing" + end + end + + if insecure == true + initialize="--initialize-insecure" + else + initialize="--initialize" + end + + if mysqld_version.nil? + debug("Installing MySQL data directory with mysql_install_db --basedir=#{basedir} #{defaults_extra_file} --datadir=#{datadir} --user=#{user}") + mysql_install_db(["--basedir=#{basedir}",defaults_extra_file, "--datadir=#{datadir}", "--user=#{user}"].compact) + else + if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 + debug("Initializing MySQL data directory >= 5.7.6 with 'mysqld #{defaults_extra_file} #{initialize} --basedir=#{basedir} --datadir=#{datadir} --user=#{user}'") + mysqld([defaults_extra_file,initialize,"--basedir=#{basedir}","--datadir=#{datadir}", "--user=#{user}", "--log_error=/var/tmp/mysqld_initialize.log"].compact) + else + debug("Installing MySQL data directory with mysql_install_db --basedir=#{basedir} #{defaults_extra_file} --datadir=#{datadir} --user=#{user}") + mysql_install_db(["--basedir=#{basedir}",defaults_extra_file, "--datadir=#{datadir}", "--user=#{user}"].compact) + end + end + + exists? + end + + def destroy + name = @resource[:name] + raise ArgumentError, "ERROR: Resource can not be removed" + end + + def exists? + datadir = @resource[:datadir] + File.directory?("#{datadir}/mysql") + end + + ## + ## MySQL datadir properties + ## + + # Generates method for all properties of the property_hash + mk_resource_methods + +end + diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_grant/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_grant/mysql.rb new file mode 100644 index 000000000..47f2a3f9a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_grant/mysql.rb @@ -0,0 +1,172 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) +Puppet::Type.type(:mysql_grant).provide(:mysql, :parent => Puppet::Provider::Mysql) do + + desc 'Set grants for users in MySQL.' + + def self.instances + instances = [] + users.select{ |user| user =~ /.+@/ }.collect do |user| + user_string = self.cmd_user(user) + query = "SHOW GRANTS FOR #{user_string};" + begin + grants = mysql([defaults_file, "-NBe", query].compact) + rescue Puppet::ExecutionFailure => e + # Silently ignore users with no grants. Can happen e.g. if user is + # defined with fqdn and server is run with skip-name-resolve. Example: + # Default root user created by mysql_install_db on a host with fqdn + # of myhost.mydomain.my: root@myhost.mydomain.my, when MySQL is started + # with --skip-name-resolve. + if e.inspect =~ /There is no such grant defined for user/ + next + else + raise Puppet::Error, "#mysql had an error -> #{e.inspect}" + end + end + # Once we have the list of grants generate entries for each. + grants.each_line do |grant| + # Match the munges we do in the type. + munged_grant = grant.delete("'").delete("`").delete('"') + # Matching: GRANT (SELECT, UPDATE) PRIVILEGES ON (*.*) TO ('root')@('127.0.0.1') (WITH GRANT OPTION) + if match = munged_grant.match(/^GRANT\s(.+)\sON\s(.+)\sTO\s(.*)@(.*?)(\s.*)?$/) + privileges, table, user, host, rest = match.captures + table.gsub!('\\\\', '\\') + + # split on ',' if it is not a non-'('-containing string followed by a + # closing parenthesis ')'-char - e.g. only split comma separated elements not in + # parentheses + stripped_privileges = privileges.strip.split(/\s*,\s*(?![^(]*\))/).map do |priv| + # split and sort the column_privileges in the parentheses and rejoin + if priv.include?('(') + type, col=priv.strip.split(/\s+|\b/,2) + type.upcase + " (" + col.slice(1...-1).strip.split(/\s*,\s*/).sort.join(', ') + ")" + else + # Once we split privileges up on the , we need to make sure we + # shortern ALL PRIVILEGES to just all. + priv == 'ALL PRIVILEGES' ? 'ALL' : priv.strip + end + end + # Same here, but to remove OPTION leaving just GRANT. + options = ['GRANT'] if rest.match(/WITH\sGRANT\sOPTION/) + # fix double backslash that MySQL prints, so resources match + table.gsub!("\\\\", "\\") + # We need to return an array of instances so capture these + instances << new( + :name => "#{user}@#{host}/#{table}", + :ensure => :present, + :privileges => stripped_privileges.sort, + :table => table, + :user => "#{user}@#{host}", + :options => options + ) + end + end + end + return instances + end + + def self.prefetch(resources) + users = instances + resources.keys.each do |name| + if provider = users.find { |user| user.name == name } + resources[name].provider = provider + end + end + end + + def grant(user, table, privileges, options) + user_string = self.class.cmd_user(user) + priv_string = self.class.cmd_privs(privileges) + table_string = self.class.cmd_table(table) + query = "GRANT #{priv_string}" + query << " ON #{table_string}" + query << " TO #{user_string}" + query << self.class.cmd_options(options) unless options.nil? + mysql([defaults_file, '-e', query].compact) + end + + def create + grant(@resource[:user], @resource[:table], @resource[:privileges], @resource[:options]) + + @property_hash[:ensure] = :present + @property_hash[:table] = @resource[:table] + @property_hash[:user] = @resource[:user] + @property_hash[:options] = @resource[:options] if @resource[:options] + @property_hash[:privileges] = @resource[:privileges] + + exists? ? (return true) : (return false) + end + + def revoke(user, table, revoke_privileges = ['ALL']) + user_string = self.class.cmd_user(user) + table_string = self.class.cmd_table(table) + priv_string = self.class.cmd_privs(revoke_privileges) + # revoke grant option needs to be a extra query, because + # "REVOKE ALL PRIVILEGES, GRANT OPTION [..]" is only valid mysql syntax + # if no ON clause is used. + # It hast to be executed before "REVOKE ALL [..]" since a GRANT has to + # exist to be executed successfully + if revoke_privileges.include? 'ALL' + query = "REVOKE GRANT OPTION ON #{table_string} FROM #{user_string}" + mysql([defaults_file, '-e', query].compact) + end + query = "REVOKE #{priv_string} ON #{table_string} FROM #{user_string}" + mysql([defaults_file, '-e', query].compact) + end + + def destroy + # if the user was dropped, it'll have been removed from the user hash + # as the grants are alraedy removed by the DROP statement + if self.class.users.include? @property_hash[:user] + revoke(@property_hash[:user], @property_hash[:table]) + end + @property_hash.clear + + exists? ? (return false) : (return true) + end + + def exists? + @property_hash[:ensure] == :present || false + end + + def flush + @property_hash.clear + mysql([defaults_file, '-NBe', 'FLUSH PRIVILEGES'].compact) + end + + mk_resource_methods + + def diff_privileges(privileges_old, privileges_new) + diff = {:revoke => Array.new, :grant => Array.new} + if privileges_old.include? 'ALL' + diff[:revoke] = privileges_old + diff[:grant] = privileges_new + elsif privileges_new.include? 'ALL' + diff[:grant] = privileges_new + else + diff[:revoke] = privileges_old - privileges_new + diff[:grant] = privileges_new - privileges_old + end + return diff + end + + def privileges=(privileges) + diff = diff_privileges(@property_hash[:privileges], privileges) + if not diff[:revoke].empty? + revoke(@property_hash[:user], @property_hash[:table], diff[:revoke]) + end + if not diff[:grant].empty? + grant(@property_hash[:user], @property_hash[:table], diff[:grant], @property_hash[:options]) + end + @property_hash[:privileges] = privileges + self.privileges + end + + def options=(options) + revoke(@property_hash[:user], @property_hash[:table]) + grant(@property_hash[:user], @property_hash[:table], @property_hash[:privileges], options) + @property_hash[:options] = options + + self.options + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_plugin/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_plugin/mysql.rb new file mode 100644 index 000000000..2cb640bd8 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_plugin/mysql.rb @@ -0,0 +1,53 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) +Puppet::Type.type(:mysql_plugin).provide(:mysql, :parent => Puppet::Provider::Mysql) do + desc 'Manages MySQL plugins.' + + commands :mysql => 'mysql' + + def self.instances + mysql([defaults_file, '-NBe', 'show plugins'].compact).split("\n").collect do |line| + name, status, type, library, license = line.split(/\t/) + new(:name => name, + :ensure => :present, + :soname => library + ) + end + end + + # We iterate over each mysql_plugin entry in the catalog and compare it against + # the contents of the property_hash generated by self.instances + def self.prefetch(resources) + plugins = instances + resources.keys.each do |plugin| + if provider = plugins.find { |pl| pl.name == plugin } + resources[plugin].provider = provider + end + end + end + + def create + # Use plugin_name.so as soname if it's not specified. This won't work on windows as + # there it should be plugin_name.dll + @resource[:soname].nil? ? (soname=@resource[:name] + '.so') : (soname=@resource[:soname]) + mysql([defaults_file, '-NBe', "install plugin #{@resource[:name]} soname '#{soname}'"].compact) + + @property_hash[:ensure] = :present + @property_hash[:soname] = @resource[:soname] + + exists? ? (return true) : (return false) + end + + def destroy + mysql([defaults_file, '-NBe', "uninstall plugin #{@resource[:name]}"].compact) + + @property_hash.clear + exists? ? (return false) : (return true) + end + + def exists? + @property_hash[:ensure] == :present || false + end + + mk_resource_methods + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_user/mysql.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_user/mysql.rb new file mode 100644 index 000000000..bc4014f41 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/provider/mysql_user/mysql.rb @@ -0,0 +1,155 @@ +require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) +Puppet::Type.type(:mysql_user).provide(:mysql, :parent => Puppet::Provider::Mysql) do + + desc 'manage users for a mysql database.' + commands :mysql => 'mysql' + + # Build a property_hash containing all the discovered information about MySQL + # users. + def self.instances + users = mysql([defaults_file, '-NBe', + "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"].compact).split("\n") + # To reduce the number of calls to MySQL we collect all the properties in + # one big swoop. + users.collect do |name| + if mysqld_version.nil? + ## Default ... + query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" + else + if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 + query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" + else + query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" + end + end + @max_user_connections, @max_connections_per_hour, @max_queries_per_hour, + @max_updates_per_hour, @password, @plugin = mysql([defaults_file, "-NBe", query].compact).split(/\s/) + + new(:name => name, + :ensure => :present, + :password_hash => @password, + :plugin => @plugin, + :max_user_connections => @max_user_connections, + :max_connections_per_hour => @max_connections_per_hour, + :max_queries_per_hour => @max_queries_per_hour, + :max_updates_per_hour => @max_updates_per_hour + ) + end + end + + # We iterate over each mysql_user entry in the catalog and compare it against + # the contents of the property_hash generated by self.instances + def self.prefetch(resources) + users = instances + resources.keys.each do |name| + if provider = users.find { |user| user.name == name } + resources[name].provider = provider + end + end + end + + def create + merged_name = @resource[:name].sub('@', "'@'") + password_hash = @resource.value(:password_hash) + plugin = @resource.value(:plugin) + max_user_connections = @resource.value(:max_user_connections) || 0 + max_connections_per_hour = @resource.value(:max_connections_per_hour) || 0 + max_queries_per_hour = @resource.value(:max_queries_per_hour) || 0 + max_updates_per_hour = @resource.value(:max_updates_per_hour) || 0 + + # Use CREATE USER to be compatible with NO_AUTO_CREATE_USER sql_mode + # This is also required if you want to specify a authentication plugin + if !plugin.nil? + if plugin == 'sha256_password' and !password_hash.nil? + mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED WITH '#{plugin}' AS '#{password_hash}'"].compact) + else + mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED WITH '#{plugin}'"].compact) + end + @property_hash[:ensure] = :present + @property_hash[:plugin] = plugin + else + mysql([defaults_file, '-e', "CREATE USER '#{merged_name}' IDENTIFIED BY PASSWORD '#{password_hash}'"].compact) + @property_hash[:ensure] = :present + @property_hash[:password_hash] = password_hash + end + mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO '#{merged_name}' WITH MAX_USER_CONNECTIONS #{max_user_connections} MAX_CONNECTIONS_PER_HOUR #{max_connections_per_hour} MAX_QUERIES_PER_HOUR #{max_queries_per_hour} MAX_UPDATES_PER_HOUR #{max_updates_per_hour}"].compact) + @property_hash[:max_user_connections] = max_user_connections + @property_hash[:max_connections_per_hour] = max_connections_per_hour + @property_hash[:max_queries_per_hour] = max_queries_per_hour + @property_hash[:max_updates_per_hour] = max_updates_per_hour + + exists? ? (return true) : (return false) + end + + def destroy + merged_name = @resource[:name].sub('@', "'@'") + mysql([defaults_file, '-e', "DROP USER '#{merged_name}'"].compact) + + @property_hash.clear + exists? ? (return false) : (return true) + end + + def exists? + @property_hash[:ensure] == :present || false + end + + ## + ## MySQL user properties + ## + + # Generates method for all properties of the property_hash + mk_resource_methods + + def password_hash=(string) + merged_name = self.class.cmd_user(@resource[:name]) + + # We have a fact for the mysql version ... + if mysqld_version.nil? + # default ... if mysqld_version does not work + mysql([defaults_file, '-e', "SET PASSWORD FOR #{merged_name} = '#{string}'"].compact) + else + # Version >= 5.7.6 (many password related changes) + if mysqld_type == "mysql" and Puppet::Util::Package.versioncmp(mysqld_version, '5.7.6') >= 0 + if string.match(/^\*/) + mysql([defaults_file, '-e', "ALTER USER #{merged_name} IDENTIFIED WITH mysql_native_password AS '#{string}'"].compact) + else + raise ArgumentError, "Only mysql_native_password (*ABCD...XXX) hashes are supported" + end + else + # older versions + mysql([defaults_file, '-e', "SET PASSWORD FOR #{merged_name} = '#{string}'"].compact) + end + end + + password_hash == string ? (return true) : (return false) + end + + def max_user_connections=(int) + merged_name = self.class.cmd_user(@resource[:name]) + mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_USER_CONNECTIONS #{int}"].compact).chomp + + max_user_connections == int ? (return true) : (return false) + end + + def max_connections_per_hour=(int) + merged_name = self.class.cmd_user(@resource[:name]) + mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_CONNECTIONS_PER_HOUR #{int}"].compact).chomp + + max_connections_per_hour == int ? (return true) : (return false) + end + + def max_queries_per_hour=(int) + merged_name = self.class.cmd_user(@resource[:name]) + mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_QUERIES_PER_HOUR #{int}"].compact).chomp + + max_queries_per_hour == int ? (return true) : (return false) + end + + def max_updates_per_hour=(int) + merged_name = self.class.cmd_user(@resource[:name]) + mysql([defaults_file, '-e', "GRANT USAGE ON *.* TO #{merged_name} WITH MAX_UPDATES_PER_HOUR #{int}"].compact).chomp + + max_updates_per_hour == int ? (return true) : (return false) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_database.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_database.rb new file mode 100644 index 000000000..1f94d5f88 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_database.rb @@ -0,0 +1,25 @@ +Puppet::Type.newtype(:mysql_database) do + @doc = 'Manage MySQL databases.' + + ensurable + + autorequire(:file) { '/root/.my.cnf' } + autorequire(:class) { 'mysql::server' } + + newparam(:name, :namevar => true) do + desc 'The name of the MySQL database to manage.' + end + + newproperty(:charset) do + desc 'The CHARACTER SET setting for the database' + defaultto :utf8 + newvalue(/^\S+$/) + end + + newproperty(:collate) do + desc 'The COLLATE setting for the database' + defaultto :utf8_general_ci + newvalue(/^\S+$/) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_datadir.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_datadir.rb new file mode 100644 index 000000000..156b82766 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_datadir.rb @@ -0,0 +1,30 @@ +Puppet::Type.newtype(:mysql_datadir) do + @doc = 'Manage MySQL datadirs with mysql_install_db OR mysqld (5.7.6 and above).' + + ensurable + + autorequire(:package) { 'mysql-server' } + + newparam(:datadir, :namevar => true) do + desc "The datadir name" + end + + newparam(:basedir) do + desc 'The basedir name, default /usr.' + newvalues(/^\//) + end + + newparam(:user) do + desc 'The user for the directory default mysql (name, not uid).' + end + + newparam(:defaults_extra_file) do + desc "MySQL defaults-extra-file with absolute path (*.cnf)." + newvalues(/^\/.*\.cnf$/) + end + + newparam(:insecure, :boolean => true) do + desc "Insecure initialization (needed for 5.7.6++)." + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_grant.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_grant.rb new file mode 100644 index 000000000..999100a0c --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_grant.rb @@ -0,0 +1,101 @@ +# This has to be a separate type to enable collecting +Puppet::Type.newtype(:mysql_grant) do + @doc = "Manage a MySQL user's rights." + ensurable + + autorequire(:file) { '/root/.my.cnf' } + autorequire(:mysql_user) { self[:user] } + + def initialize(*args) + super + # Forcibly munge any privilege with 'ALL' in the array to exist of just + # 'ALL'. This can't be done in the munge in the property as that iterates + # over the array and there's no way to replace the entire array before it's + # returned to the provider. + if self[:ensure] == :present and Array(self[:privileges]).count > 1 and self[:privileges].to_s.include?('ALL') + self[:privileges] = 'ALL' + end + # Sort the privileges array in order to ensure the comparision in the provider + # self.instances method match. Otherwise this causes it to keep resetting the + # privileges. + self[:privileges] = Array(self[:privileges]).map{ |priv| + # split and sort the column_privileges in the parentheses and rejoin + if priv.include?('(') + type, col=priv.strip.split(/\s+|\b/,2) + type.upcase + " (" + col.slice(1...-1).strip.split(/\s*,\s*/).sort.join(', ') + ")" + else + priv.strip.upcase + end + }.uniq.reject{|k| k == 'GRANT' or k == 'GRANT OPTION'}.sort! + end + + validate do + fail('privileges parameter is required.') if self[:ensure] == :present and self[:privileges].nil? + fail('table parameter is required.') if self[:ensure] == :present and self[:table].nil? + fail('user parameter is required.') if self[:ensure] == :present and self[:user].nil? + fail('name must match user and table parameters') if self[:name] != "#{self[:user]}/#{self[:table]}" + end + + newparam(:name, :namevar => true) do + desc 'Name to describe the grant.' + + munge do |value| + value.delete("'") + end + end + + newproperty(:privileges, :array_matching => :all) do + desc 'Privileges for user' + end + + newproperty(:table) do + desc 'Table to apply privileges to.' + + munge do |value| + value.delete("`") + end + + newvalues(/.*\..*/,/@/) + end + + newproperty(:user) do + desc 'User to operate on.' + validate do |value| + # http://dev.mysql.com/doc/refman/5.5/en/identifiers.html + # If at least one special char is used, string must be quoted + + # http://stackoverflow.com/questions/8055727/negating-a-backreference-in-regular-expressions/8057827#8057827 + if matches = /^(['`"])((?!\1).)*\1@([\w%\.:\-\/]+)$/.match(value) + user_part = matches[2] + host_part = matches[3] + elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-\/]+)$/.match(value) + user_part = matches[1] + host_part = matches[2] + elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) + user_part = matches[1] + host_part = matches[2] + else + raise(ArgumentError, "Invalid database user #{value}") + end + + mysql_version = Facter.value(:mysql_version) + unless mysql_version.nil? + if Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') < 0 and user_part.size > 16 + raise(ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters') + elsif Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') > 0 and user_part.size > 80 + raise(ArgumentError, 'MySQL usernames are limited to a maximum of 80 characters') + end + end + end + + munge do |value| + matches = /^((['`"]?).*\2)@(.+)$/.match(value) + "#{matches[1]}@#{matches[3].downcase}" + end + end + + newproperty(:options, :array_matching => :all) do + desc 'Options to grant.' + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_plugin.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_plugin.rb new file mode 100644 index 000000000..e8279209f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_plugin.rb @@ -0,0 +1,17 @@ +Puppet::Type.newtype(:mysql_plugin) do + @doc = 'Manage MySQL plugins.' + + ensurable + + autorequire(:file) { '/root/.my.cnf' } + + newparam(:name, :namevar => true) do + desc 'The name of the MySQL plugin to manage.' + end + + newproperty(:soname) do + desc 'The name of the library' + newvalue(/^\w+\.\w+$/) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_user.rb b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_user.rb new file mode 100644 index 000000000..94f36858b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/lib/puppet/type/mysql_user.rb @@ -0,0 +1,76 @@ +# This has to be a separate type to enable collecting +Puppet::Type.newtype(:mysql_user) do + @doc = 'Manage a MySQL user. This includes management of users password as well as privileges.' + + ensurable + + autorequire(:file) { '/root/.my.cnf' } + autorequire(:class) { 'mysql::server' } + + newparam(:name, :namevar => true) do + desc "The name of the user. This uses the 'username@hostname' or username@hostname." + validate do |value| + # http://dev.mysql.com/doc/refman/5.5/en/identifiers.html + # If at least one special char is used, string must be quoted + + # http://stackoverflow.com/questions/8055727/negating-a-backreference-in-regular-expressions/8057827#8057827 + if matches = /^(['`"])((?:(?!\1).)*)\1@([\w%\.:\-\/]+)$/.match(value) + user_part = matches[2] + host_part = matches[3] + elsif matches = /^([0-9a-zA-Z$_]*)@([\w%\.:\-\/]+)$/.match(value) + user_part = matches[1] + host_part = matches[2] + elsif matches = /^((?!['`"]).*[^0-9a-zA-Z$_].*)@(.+)$/.match(value) + user_part = matches[1] + host_part = matches[2] + else + raise(ArgumentError, "Invalid database user #{value}") + end + + mysql_version = Facter.value(:mysql_version) + unless mysql_version.nil? + if Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') < 0 and user_part.size > 16 + raise(ArgumentError, 'MySQL usernames are limited to a maximum of 16 characters') + elsif Puppet::Util::Package.versioncmp(mysql_version, '10.0.0') > 0 and user_part.size > 80 + raise(ArgumentError, 'MySQL usernames are limited to a maximum of 80 characters') + end + end + end + + munge do |value| + matches = /^((['`"]?).*\2)@(.+)$/.match(value) + "#{matches[1]}@#{matches[3].downcase}" + end + end + + newproperty(:password_hash) do + desc 'The password hash of the user. Use mysql_password() for creating such a hash.' + newvalue(/\w*/) + end + + newproperty(:plugin) do + desc 'The authentication plugin of the user.' + newvalue(/\w+/) + end + + newproperty(:max_user_connections) do + desc "Max concurrent connections for the user. 0 means no (or global) limit." + newvalue(/\d+/) + end + + newproperty(:max_connections_per_hour) do + desc "Max connections per hour for the user. 0 means no (or global) limit." + newvalue(/\d+/) + end + + newproperty(:max_queries_per_hour) do + desc "Max queries per hour for the user. 0 means no (or global) limit." + newvalue(/\d+/) + end + + newproperty(:max_updates_per_hour) do + desc "Max updates per hour for the user. 0 means no (or global) limit." + newvalue(/\d+/) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqlbackup.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqlbackup.pp new file mode 100644 index 000000000..320a780b3 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqlbackup.pp @@ -0,0 +1,105 @@ +# See README.me for usage. +class mysql::backup::mysqlbackup ( + $backupuser = '', + $backuppassword = '', + $backupdir = '', + $backupdirmode = '0700', + $backupdirowner = 'root', + $backupdirgroup = $mysql::params::root_group, + $backupcompress = true, + $backuprotate = 30, + $ignore_events = true, + $delete_before_dump = false, + $backupdatabases = [], + $file_per_database = false, + $include_triggers = true, + $include_routines = false, + $ensure = 'present', + $time = ['23', '5'], + $prescript = false, + $postscript = false, + $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', +) { + + mysql_user { "${backupuser}@localhost": + ensure => $ensure, + password_hash => mysql_password($backuppassword), + require => Class['mysql::server::root_password'], + } + + package { 'meb': + ensure => $ensure, + } + + # http://dev.mysql.com/doc/mysql-enterprise-backup/3.11/en/mysqlbackup.privileges.html + mysql_grant { "${backupuser}@localhost/*.*": + ensure => $ensure, + user => "${backupuser}@localhost", + table => '*.*', + privileges => [ 'RELOAD', 'SUPER', 'REPLICATION CLIENT' ], + require => Mysql_user["${backupuser}@localhost"], + } + + mysql_grant { "${backupuser}@localhost/mysql.backup_progress": + ensure => $ensure, + user => "${backupuser}@localhost", + table => 'mysql.backup_progress', + privileges => [ 'CREATE', 'INSERT', 'DROP', 'UPDATE' ], + require => Mysql_user["${backupuser}@localhost"], + } + + mysql_grant { "${backupuser}@localhost/mysql.backup_history": + ensure => $ensure, + user => "${backupuser}@localhost", + table => 'mysql.backup_history', + privileges => [ 'CREATE', 'INSERT', 'SELECT', 'DROP', 'UPDATE' ], + require => Mysql_user["${backupuser}@localhost"], + } + + cron { 'mysqlbackup-weekly': + ensure => $ensure, + command => 'mysqlbackup backup', + user => 'root', + hour => $time[0], + minute => $time[1], + weekday => '0', + require => Package['meb'], + } + + cron { 'mysqlbackup-daily': + ensure => $ensure, + command => 'mysqlbackup --incremental backup', + user => 'root', + hour => $time[0], + minute => $time[1], + weekday => '1-6', + require => Package['meb'], + } + + $default_options = { + 'mysqlbackup' => { + 'backup-dir' => $backupdir, + 'with-timestamp' => true, + 'incremental_base' => 'history:last_backup', + 'incremental_backup_dir' => $backupdir, + 'user' => $backupuser, + 'password' => $backuppassword, + } + } + $options = mysql_deepmerge($default_options, $mysql::server::override_options) + + file { 'mysqlbackup-config-file': + path => '/etc/mysql/conf.d/meb.cnf', + content => template('mysql/meb.cnf.erb'), + mode => '0600', + } + + file { 'mysqlbackupdir': + ensure => 'directory', + path => $backupdir, + mode => $backupdirmode, + owner => $backupdirowner, + group => $backupdirgroup, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqldump.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqldump.pp new file mode 100644 index 000000000..543476d8b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/mysqldump.pp @@ -0,0 +1,70 @@ +# See README.me for usage. +class mysql::backup::mysqldump ( + $backupuser = '', + $backuppassword = '', + $backupdir = '', + $backupdirmode = '0700', + $backupdirowner = 'root', + $backupdirgroup = $mysql::params::root_group, + $backupcompress = true, + $backuprotate = 30, + $ignore_events = true, + $delete_before_dump = false, + $backupdatabases = [], + $file_per_database = false, + $include_triggers = false, + $include_routines = false, + $ensure = 'present', + $time = ['23', '5'], + $prescript = false, + $postscript = false, + $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', +) { + + mysql_user { "${backupuser}@localhost": + ensure => $ensure, + password_hash => mysql_password($backuppassword), + require => Class['mysql::server::root_password'], + } + + if $include_triggers { + $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ] + } else { + $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ] + } + + mysql_grant { "${backupuser}@localhost/*.*": + ensure => $ensure, + user => "${backupuser}@localhost", + table => '*.*', + privileges => $privs, + require => Mysql_user["${backupuser}@localhost"], + } + + cron { 'mysql-backup': + ensure => $ensure, + command => '/usr/local/sbin/mysqlbackup.sh', + user => 'root', + hour => $time[0], + minute => $time[1], + require => File['mysqlbackup.sh'], + } + + file { 'mysqlbackup.sh': + ensure => $ensure, + path => '/usr/local/sbin/mysqlbackup.sh', + mode => '0700', + owner => 'root', + group => $mysql::params::root_group, + content => template('mysql/mysqlbackup.sh.erb'), + } + + file { 'mysqlbackupdir': + ensure => 'directory', + path => $backupdir, + mode => $backupdirmode, + owner => $backupdirowner, + group => $backupdirgroup, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/xtrabackup.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/xtrabackup.pp new file mode 100644 index 000000000..e82fad47a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/backup/xtrabackup.pp @@ -0,0 +1,65 @@ +# See README.me for usage. +class mysql::backup::xtrabackup ( + $backupuser = '', + $backuppassword = '', + $backupdir = '', + $backupmethod = 'mysqldump', + $backupdirmode = '0700', + $backupdirowner = 'root', + $backupdirgroup = $mysql::params::root_group, + $backupcompress = true, + $backuprotate = 30, + $ignore_events = true, + $delete_before_dump = false, + $backupdatabases = [], + $file_per_database = false, + $include_triggers = true, + $include_routines = false, + $ensure = 'present', + $time = ['23', '5'], + $prescript = false, + $postscript = false, + $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', +) { + + package{ 'percona-xtrabackup': + ensure => $ensure, + } + + cron { 'xtrabackup-weekly': + ensure => $ensure, + command => "/usr/local/sbin/xtrabackup.sh ${backupdir}", + user => 'root', + hour => $time[0], + minute => $time[1], + weekday => '0', + require => Package['percona-xtrabackup'], + } + + cron { 'xtrabackup-daily': + ensure => $ensure, + command => "/usr/local/sbin/xtrabackup.sh --incremental ${backupdir}", + user => 'root', + hour => $time[0], + minute => $time[1], + weekday => '1-6', + require => Package['percona-xtrabackup'], + } + + file { 'mysqlbackupdir': + ensure => 'directory', + path => $backupdir, + mode => $backupdirmode, + owner => $backupdirowner, + group => $backupdirgroup, + } + + file { 'xtrabackup.sh': + ensure => $ensure, + path => '/usr/local/sbin/xtrabackup.sh', + mode => '0700', + owner => 'root', + group => $mysql::params::root_group, + content => template('mysql/xtrabackup.sh.erb'), + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings.pp new file mode 100644 index 000000000..fa7b870ff --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings.pp @@ -0,0 +1,57 @@ +# See README.md. +class mysql::bindings ( + $install_options = undef, + # Boolean to determine if we should include the classes. + $java_enable = false, + $perl_enable = false, + $php_enable = false, + $python_enable = false, + $ruby_enable = false, + $client_dev = false, + $daemon_dev = false, + # Settings for the various classes. + $java_package_ensure = $mysql::params::java_package_ensure, + $java_package_name = $mysql::params::java_package_name, + $java_package_provider = $mysql::params::java_package_provider, + $perl_package_ensure = $mysql::params::perl_package_ensure, + $perl_package_name = $mysql::params::perl_package_name, + $perl_package_provider = $mysql::params::perl_package_provider, + $php_package_ensure = $mysql::params::php_package_ensure, + $php_package_name = $mysql::params::php_package_name, + $php_package_provider = $mysql::params::php_package_provider, + $python_package_ensure = $mysql::params::python_package_ensure, + $python_package_name = $mysql::params::python_package_name, + $python_package_provider = $mysql::params::python_package_provider, + $ruby_package_ensure = $mysql::params::ruby_package_ensure, + $ruby_package_name = $mysql::params::ruby_package_name, + $ruby_package_provider = $mysql::params::ruby_package_provider, + $client_dev_package_ensure = $mysql::params::client_dev_package_ensure, + $client_dev_package_name = $mysql::params::client_dev_package_name, + $client_dev_package_provider = $mysql::params::client_dev_package_provider, + $daemon_dev_package_ensure = $mysql::params::daemon_dev_package_ensure, + $daemon_dev_package_name = $mysql::params::daemon_dev_package_name, + $daemon_dev_package_provider = $mysql::params::daemon_dev_package_provider +) inherits mysql::params { + + case $::osfamily { + 'Archlinux': { + if $java_enable { fail("::mysql::bindings::java cannot be managed by puppet on ${::osfamily} as it is not in official repositories. Please disable java mysql binding.") } + if $perl_enable { include '::mysql::bindings::perl' } + if $php_enable { warning("::mysql::bindings::php does not need to be managed by puppet on ${::osfamily} as it is included in mysql package by default.") } + if $python_enable { include '::mysql::bindings::python' } + if $ruby_enable { fail("::mysql::bindings::ruby cannot be managed by puppet on ${::osfamily} as it is not in official repositories. Please disable ruby mysql binding.") } + } + + default: { + if $java_enable { include '::mysql::bindings::java' } + if $perl_enable { include '::mysql::bindings::perl' } + if $php_enable { include '::mysql::bindings::php' } + if $python_enable { include '::mysql::bindings::python' } + if $ruby_enable { include '::mysql::bindings::ruby' } + } + } + + if $client_dev { include '::mysql::bindings::client_dev' } + if $daemon_dev { include '::mysql::bindings::daemon_dev' } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/client_dev.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/client_dev.pp new file mode 100644 index 000000000..ee3c2fedd --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/client_dev.pp @@ -0,0 +1,15 @@ +# Private class +class mysql::bindings::client_dev { + + if $mysql::bindings::client_dev_package_name { + package { 'mysql-client_dev': + ensure => $mysql::bindings::client_dev_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::client_dev_package_name, + provider => $mysql::bindings::client_dev_package_provider, + } + } else { + warning("No MySQL client development package configured for ${::operatingsystem}.") + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/daemon_dev.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/daemon_dev.pp new file mode 100644 index 000000000..051535893 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/daemon_dev.pp @@ -0,0 +1,15 @@ +# Private class +class mysql::bindings::daemon_dev { + + if $mysql::bindings::daemon_dev_package_name { + package { 'mysql-daemon_dev': + ensure => $mysql::bindings::daemon_dev_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::daemon_dev_package_name, + provider => $mysql::bindings::daemon_dev_package_provider, + } + } else { + warning("No MySQL daemon development package configured for ${::operatingsystem}.") + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/java.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/java.pp new file mode 100644 index 000000000..db93ac282 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/java.pp @@ -0,0 +1,11 @@ +# Private class +class mysql::bindings::java { + + package { 'mysql-connector-java': + ensure => $mysql::bindings::java_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::java_package_name, + provider => $mysql::bindings::java_package_provider, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/perl.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/perl.pp new file mode 100644 index 000000000..99d429c46 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/perl.pp @@ -0,0 +1,11 @@ +# Private class +class mysql::bindings::perl { + + package{ 'perl_mysql': + ensure => $mysql::bindings::perl_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::perl_package_name, + provider => $mysql::bindings::perl_package_provider, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/php.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/php.pp new file mode 100644 index 000000000..9af706962 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/php.pp @@ -0,0 +1,11 @@ +# Private class: See README.md +class mysql::bindings::php { + + package { 'php-mysql': + ensure => $mysql::bindings::php_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::php_package_name, + provider => $mysql::bindings::php_package_provider, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/python.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/python.pp new file mode 100644 index 000000000..a44c8fa15 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/python.pp @@ -0,0 +1,11 @@ +# Private class +class mysql::bindings::python { + + package { 'python-mysqldb': + ensure => $mysql::bindings::python_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::python_package_name, + provider => $mysql::bindings::python_package_provider, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/ruby.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/ruby.pp new file mode 100644 index 000000000..d431efedc --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/bindings/ruby.pp @@ -0,0 +1,11 @@ +# Private class +class mysql::bindings::ruby { + + package{ 'ruby_mysql': + ensure => $mysql::bindings::ruby_package_ensure, + install_options => $mysql::bindings::install_options, + name => $mysql::bindings::ruby_package_name, + provider => $mysql::bindings::ruby_package_provider, + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/client.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/client.pp new file mode 100644 index 000000000..3d5d706f9 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/client.pp @@ -0,0 +1,29 @@ +# +class mysql::client ( + $bindings_enable = $mysql::params::bindings_enable, + $install_options = undef, + $package_ensure = $mysql::params::client_package_ensure, + $package_manage = $mysql::params::client_package_manage, + $package_name = $mysql::params::client_package_name, +) inherits mysql::params { + + include '::mysql::client::install' + + if $bindings_enable { + class { 'mysql::bindings': + java_enable => true, + perl_enable => true, + php_enable => true, + python_enable => true, + ruby_enable => true, + } + } + + + # Anchor pattern workaround to avoid resources of mysql::client::install to + # "float off" outside mysql::client + anchor { 'mysql::client::start': } -> + Class['mysql::client::install'] -> + anchor { 'mysql::client::end': } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/client/install.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/client/install.pp new file mode 100644 index 000000000..26e5ec276 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/client/install.pp @@ -0,0 +1,14 @@ +# See README.md. +class mysql::client::install { + + if $mysql::client::package_manage { + + package { 'mysql_client': + ensure => $mysql::client::package_ensure, + install_options => $mysql::client::install_options, + name => $mysql::client::package_name, + } + + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/db.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/db.pp new file mode 100644 index 000000000..c74b64d58 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/db.pp @@ -0,0 +1,75 @@ +# See README.md for details. +define mysql::db ( + $user, + $password, + $dbname = $name, + $charset = 'utf8', + $collate = 'utf8_general_ci', + $host = 'localhost', + $grant = 'ALL', + $sql = undef, + $enforce_sql = false, + $ensure = 'present', + $import_timeout = 300, +) { + #input validation + validate_re($ensure, '^(present|absent)$', + "${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.") + $table = "${dbname}.*" + + if !(is_array($sql) or is_string($sql)) { + fail('$sql must be either a string or an array.') + } + + $sql_inputs = join([$sql], ' ') + + include '::mysql::client' + + anchor{"mysql::db_${name}::begin": }-> + Class['::mysql::client']-> + anchor{"mysql::db_${name}::end": } + + $db_resource = { + ensure => $ensure, + charset => $charset, + collate => $collate, + provider => 'mysql', + require => [ Class['mysql::client'] ], + } + ensure_resource('mysql_database', $dbname, $db_resource) + + $user_resource = { + ensure => $ensure, + password_hash => mysql_password($password), + provider => 'mysql', + } + ensure_resource('mysql_user', "${user}@${host}", $user_resource) + + if $ensure == 'present' { + mysql_grant { "${user}@${host}/${table}": + privileges => $grant, + provider => 'mysql', + user => "${user}@${host}", + table => $table, + require => [ + Mysql_database[$dbname], + Mysql_user["${user}@${host}"], + ], + } + + $refresh = ! $enforce_sql + + if $sql { + exec{ "${dbname}-import": + command => "cat ${sql_inputs} | mysql ${dbname}", + logoutput => true, + environment => "HOME=${::root_home}", + refreshonly => $refresh, + path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin', + require => Mysql_grant["${user}@${host}/${table}"], + subscribe => Mysql_database[$dbname], + timeout => $import_timeout, + } + } + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/params.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/params.pp new file mode 100644 index 000000000..a85187b3b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/params.pp @@ -0,0 +1,438 @@ +# Private class: See README.md. +class mysql::params { + + $manage_config_file = true + $purge_conf_dir = false + $restart = false + $root_password = 'UNSET' + $install_secret_file = '/.mysql_secret' + $server_package_ensure = 'present' + $server_package_manage = true + $server_service_manage = true + $server_service_enabled = true + $client_package_ensure = 'present' + $client_package_manage = true + $create_root_user = true + $create_root_my_cnf = true + # mysql::bindings + $bindings_enable = false + $java_package_ensure = 'present' + $java_package_provider = undef + $perl_package_ensure = 'present' + $perl_package_provider = undef + $php_package_ensure = 'present' + $php_package_provider = undef + $python_package_ensure = 'present' + $python_package_provider = undef + $ruby_package_ensure = 'present' + $ruby_package_provider = undef + $client_dev_package_ensure = 'present' + $client_dev_package_provider = undef + $daemon_dev_package_ensure = 'present' + $daemon_dev_package_provider = undef + + + case $::osfamily { + 'RedHat': { + case $::operatingsystem { + 'Fedora': { + if versioncmp($::operatingsystemrelease, '19') >= 0 or $::operatingsystemrelease == 'Rawhide' { + $provider = 'mariadb' + } else { + $provider = 'mysql' + } + } + /^(RedHat|CentOS|Scientific|OracleLinux)$/: { + if versioncmp($::operatingsystemmajrelease, '7') >= 0 { + $provider = 'mariadb' + } else { + $provider = 'mysql' + } + } + default: { + $provider = 'mysql' + } + } + + if $provider == 'mariadb' { + $client_package_name = 'mariadb' + $server_package_name = 'mariadb-server' + $server_service_name = 'mariadb' + $log_error = '/var/log/mariadb/mariadb.log' + $config_file = '/etc/my.cnf.d/server.cnf' + # mariadb package by default has !includedir set in my.cnf to /etc/my.cnf.d + $includedir = undef + $pidfile = '/var/run/mariadb/mariadb.pid' + $daemon_dev_package_name = 'mariadb-devel' + } else { + $client_package_name = 'mysql' + $server_package_name = 'mysql-server' + $server_service_name = 'mysqld' + $log_error = '/var/log/mysqld.log' + $config_file = '/etc/my.cnf' + $includedir = '/etc/my.cnf.d' + $pidfile = '/var/run/mysqld/mysqld.pid' + $daemon_dev_package_name = 'mysql-devel' + } + + $basedir = '/usr' + $datadir = '/var/lib/mysql' + $root_group = 'root' + $mysql_group = 'mysql' + $socket = '/var/lib/mysql/mysql.sock' + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'mysql-connector-java' + $perl_package_name = 'perl-DBD-MySQL' + $php_package_name = 'php-mysql' + $python_package_name = 'MySQL-python' + $ruby_package_name = 'ruby-mysql' + $client_dev_package_name = undef + } + + 'Suse': { + case $::operatingsystem { + 'OpenSuSE': { + if versioncmp( $::operatingsystemmajrelease, '13' ) >= 0 { + $client_package_name = 'mariadb-client' + $server_package_name = 'mariadb' + # First service start fails if this is set. Runs fine without + # it being set, in any case. Leaving it as-is for the mysql. + $basedir = undef + } else { + $client_package_name = 'mysql-community-server-client' + $server_package_name = 'mysql-community-server' + $basedir = '/usr' + } + } + 'SLES','SLED': { + if versioncmp($::operatingsystemrelease, '12') >= 0 { + $client_package_name = 'mariadb-client' + $server_package_name = 'mariadb' + $basedir = undef + } else { + $client_package_name = 'mysql-client' + $server_package_name = 'mysql' + $basedir = '/usr' + } + } + default: { + fail("Unsupported platform: puppetlabs-${module_name} currently doesn't support ${::operatingsystem}") + } + } + $config_file = '/etc/my.cnf' + $includedir = '/etc/my.cnf.d' + $datadir = '/var/lib/mysql' + $log_error = $::operatingsystem ? { + /OpenSuSE/ => '/var/log/mysql/mysqld.log', + /(SLES|SLED)/ => '/var/log/mysqld.log', + } + $pidfile = $::operatingsystem ? { + /OpenSuSE/ => '/var/run/mysql/mysqld.pid', + /(SLES|SLED)/ => '/var/lib/mysql/mysqld.pid', + } + $root_group = 'root' + $mysql_group = 'mysql' + $server_service_name = 'mysql' + $socket = $::operatingsystem ? { + /OpenSuSE/ => '/var/run/mysql/mysql.sock', + /(SLES|SLED)/ => '/var/lib/mysql/mysql.sock', + } + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'mysql-connector-java' + $perl_package_name = 'perl-DBD-mysql' + $php_package_name = 'apache2-mod_php53' + $python_package_name = 'python-mysql' + $ruby_package_name = $::operatingsystem ? { + /OpenSuSE/ => 'rubygem-mysql', + /(SLES|SLED)/ => 'ruby-mysql', + } + $client_dev_package_name = 'libmysqlclient-devel' + $daemon_dev_package_name = 'mysql-devel' + } + + 'Debian': { + $client_package_name = 'mysql-client' + $server_package_name = 'mysql-server' + + $basedir = '/usr' + $config_file = '/etc/mysql/my.cnf' + $includedir = '/etc/mysql/conf.d' + $datadir = '/var/lib/mysql' + $log_error = '/var/log/mysql/error.log' + $pidfile = '/var/run/mysqld/mysqld.pid' + $root_group = 'root' + $mysql_group = 'mysql' + $server_service_name = 'mysql' + $socket = '/var/run/mysqld/mysqld.sock' + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'libmysql-java' + $perl_package_name = 'libdbd-mysql-perl' + $php_package_name = 'php5-mysql' + $python_package_name = 'python-mysqldb' + $ruby_package_name = $::lsbdistcodename ? { + 'trusty' => 'ruby-mysql', + 'jessie' => 'ruby-mysql', + default => 'libmysql-ruby', + } + $client_dev_package_name = 'libmysqlclient-dev' + $daemon_dev_package_name = 'libmysqld-dev' + } + + 'Archlinux': { + $client_package_name = 'mariadb-clients' + $server_package_name = 'mariadb' + $basedir = '/usr' + $config_file = '/etc/mysql/my.cnf' + $datadir = '/var/lib/mysql' + $log_error = '/var/log/mysqld.log' + $pidfile = '/var/run/mysqld/mysqld.pid' + $root_group = 'root' + $mysql_group = 'mysql' + $server_service_name = 'mysqld' + $socket = '/var/lib/mysql/mysql.sock' + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'mysql-connector-java' + $perl_package_name = 'perl-dbd-mysql' + $php_package_name = undef + $python_package_name = 'mysql-python' + $ruby_package_name = 'mysql-ruby' + } + + 'Gentoo': { + $client_package_name = 'virtual/mysql' + $server_package_name = 'virtual/mysql' + $basedir = '/usr' + $config_file = '/etc/mysql/my.cnf' + $datadir = '/var/lib/mysql' + $log_error = '/var/log/mysql/mysqld.err' + $pidfile = '/run/mysqld/mysqld.pid' + $root_group = 'root' + $mysql_group = 'mysql' + $server_service_name = 'mysql' + $socket = '/run/mysqld/mysqld.sock' + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'dev-java/jdbc-mysql' + $perl_package_name = 'dev-perl/DBD-mysql' + $php_package_name = undef + $python_package_name = 'dev-python/mysql-python' + $ruby_package_name = 'dev-ruby/mysql-ruby' + } + + 'FreeBSD': { + $client_package_name = 'databases/mysql56-client' + $server_package_name = 'databases/mysql56-server' + $basedir = '/usr/local' + $config_file = '/usr/local/etc/my.cnf' + $includedir = '/usr/local/etc/my.cnf.d' + $datadir = '/var/db/mysql' + $log_error = '/var/log/mysqld.log' + $pidfile = '/var/run/mysql.pid' + $root_group = 'wheel' + $mysql_group = 'mysql' + $server_service_name = 'mysql-server' + $socket = '/var/db/mysql/mysql.sock' + $ssl_ca = undef + $ssl_cert = undef + $ssl_key = undef + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'databases/mysql-connector-java' + $perl_package_name = 'p5-DBD-mysql' + $php_package_name = 'php5-mysql' + $python_package_name = 'databases/py-MySQLdb' + $ruby_package_name = 'databases/ruby-mysql' + # The libraries installed by these packages are included in client and server packages, no installation required. + $client_dev_package_name = undef + $daemon_dev_package_name = undef + } + + 'OpenBSD': { + $client_package_name = 'mariadb-client' + $server_package_name = 'mariadb-server' + $basedir = '/usr/local' + $config_file = '/etc/my.cnf' + $includedir = undef + $datadir = '/var/mysql' + $log_error = "/var/mysql/${::hostname}.err" + $pidfile = '/var/mysql/mysql.pid' + $root_group = 'wheel' + $mysql_group = '_mysql' + $server_service_name = 'mysqld' + $socket = '/var/run/mysql/mysql.sock' + $ssl_ca = undef + $ssl_cert = undef + $ssl_key = undef + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = undef + $perl_package_name = 'p5-DBD-mysql' + $php_package_name = 'php-mysql' + $python_package_name = 'py-mysql' + $ruby_package_name = 'ruby-mysql' + # The libraries installed by these packages are included in client and server packages, no installation required. + $client_dev_package_name = undef + $daemon_dev_package_name = undef + } + + 'Solaris': { + $client_package_name = 'database/mysql-55/client' + $server_package_name = 'database/mysql-55' + $basedir = undef + $config_file = '/etc/mysql/5.5/my.cnf' + $datadir = '/var/mysql/5.5/data' + $log_error = "/var/mysql/5.5/data/${::hostname}.err" + $pidfile = "/var/mysql/5.5/data/${::hostname}.pid" + $root_group = 'bin' + $server_service_name = 'application/database/mysql:version_55' + $socket = '/tmp/mysql.sock' + $ssl_ca = undef + $ssl_cert = undef + $ssl_key = undef + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = undef + $perl_package_name = undef + $php_package_name = 'web/php-53/extension/php-mysql' + $python_package_name = 'library/python/python-mysql' + $ruby_package_name = undef + # The libraries installed by these packages are included in client and server packages, no installation required. + $client_dev_package_name = undef + $daemon_dev_package_name = undef + } + + default: { + case $::operatingsystem { + 'Amazon': { + $client_package_name = 'mysql' + $server_package_name = 'mysql-server' + $basedir = '/usr' + $config_file = '/etc/my.cnf' + $includedir = '/etc/my.cnf.d' + $datadir = '/var/lib/mysql' + $log_error = '/var/log/mysqld.log' + $pidfile = '/var/run/mysqld/mysqld.pid' + $root_group = 'root' + $mysql_group = 'mysql' + $server_service_name = 'mysqld' + $socket = '/var/lib/mysql/mysql.sock' + $ssl_ca = '/etc/mysql/cacert.pem' + $ssl_cert = '/etc/mysql/server-cert.pem' + $ssl_key = '/etc/mysql/server-key.pem' + $tmpdir = '/tmp' + # mysql::bindings + $java_package_name = 'mysql-connector-java' + $perl_package_name = 'perl-DBD-MySQL' + $php_package_name = 'php-mysql' + $python_package_name = 'MySQL-python' + $ruby_package_name = 'ruby-mysql' + # The libraries installed by these packages are included in client and server packages, no installation required. + $client_dev_package_name = undef + $daemon_dev_package_name = undef + } + + default: { + fail("Unsupported platform: puppetlabs-${module_name} currently doesn't support ${::osfamily} or ${::operatingsystem}") + } + } + } + } + + case $::operatingsystem { + 'Ubuntu': { + if versioncmp($::operatingsystemmajrelease, '14.10') > 0 { + $server_service_provider = 'systemd' + } else { + $server_service_provider = 'upstart' + } + } + default: { + $server_service_provider = undef + } + } + + $default_options = { + 'client' => { + 'port' => '3306', + 'socket' => $mysql::params::socket, + }, + 'mysqld_safe' => { + 'nice' => '0', + 'log-error' => $mysql::params::log_error, + 'socket' => $mysql::params::socket, + }, + 'mysqld-5.0' => { + 'myisam-recover' => 'BACKUP', + }, + 'mysqld-5.1' => { + 'myisam-recover' => 'BACKUP', + }, + 'mysqld-5.5' => { + 'myisam-recover' => 'BACKUP', + }, + 'mysqld-5.6' => { + 'myisam-recover-options' => 'BACKUP', + }, + 'mysqld-5.7' => { + 'myisam-recover-options' => 'BACKUP', + }, + 'mysqld' => { + 'basedir' => $mysql::params::basedir, + 'bind-address' => '127.0.0.1', + 'datadir' => $mysql::params::datadir, + 'expire_logs_days' => '10', + 'key_buffer_size' => '16M', + 'log-error' => $mysql::params::log_error, + 'max_allowed_packet' => '16M', + 'max_binlog_size' => '100M', + 'max_connections' => '151', + 'pid-file' => $mysql::params::pidfile, + 'port' => '3306', + 'query_cache_limit' => '1M', + 'query_cache_size' => '16M', + 'skip-external-locking' => true, + 'socket' => $mysql::params::socket, + 'ssl' => false, + 'ssl-ca' => $mysql::params::ssl_ca, + 'ssl-cert' => $mysql::params::ssl_cert, + 'ssl-key' => $mysql::params::ssl_key, + 'ssl-disable' => false, + 'thread_cache_size' => '8', + 'thread_stack' => '256K', + 'tmpdir' => $mysql::params::tmpdir, + 'user' => 'mysql', + }, + 'mysqldump' => { + 'max_allowed_packet' => '16M', + 'quick' => true, + 'quote-names' => true, + }, + 'isamchk' => { + 'key_buffer_size' => '16M', + }, + } + + ## Additional graceful failures + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '4' { + fail("Unsupported platform: puppetlabs-${module_name} only supports RedHat 5.0 and beyond") + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server.pp new file mode 100644 index 000000000..2016bb1e0 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server.pp @@ -0,0 +1,87 @@ +# Class: mysql::server: See README.md for documentation. +class mysql::server ( + $config_file = $mysql::params::config_file, + $includedir = $mysql::params::includedir, + $install_options = undef, + $install_secret_file = $mysql::params::install_secret_file, + $manage_config_file = $mysql::params::manage_config_file, + $override_options = {}, + $package_ensure = $mysql::params::server_package_ensure, + $package_manage = $mysql::params::server_package_manage, + $package_name = $mysql::params::server_package_name, + $purge_conf_dir = $mysql::params::purge_conf_dir, + $remove_default_accounts = false, + $restart = $mysql::params::restart, + $root_group = $mysql::params::root_group, + $mysql_group = $mysql::params::mysql_group, + $root_password = $mysql::params::root_password, + $service_enabled = $mysql::params::server_service_enabled, + $service_manage = $mysql::params::server_service_manage, + $service_name = $mysql::params::server_service_name, + $service_provider = $mysql::params::server_service_provider, + $create_root_user = $mysql::params::create_root_user, + $create_root_my_cnf = $mysql::params::create_root_my_cnf, + $users = {}, + $grants = {}, + $databases = {}, + + # Deprecated parameters + $enabled = undef, + $manage_service = undef, + $old_root_password = undef +) inherits mysql::params { + + # Deprecated parameters. + if $enabled { + crit('This parameter has been renamed to service_enabled.') + $real_service_enabled = $enabled + } else { + $real_service_enabled = $service_enabled + } + if $manage_service { + crit('This parameter has been renamed to service_manage.') + $real_service_manage = $manage_service + } else { + $real_service_manage = $service_manage + } + if $old_root_password { + warning('old_root_password is no longer used and will be removed in a future release') + } + + # Create a merged together set of options. Rightmost hashes win over left. + $options = mysql_deepmerge($mysql::params::default_options, $override_options) + + Class['mysql::server::root_password'] -> Mysql::Db <| |> + + include '::mysql::server::install' + include '::mysql::server::config' + include '::mysql::server::installdb' + include '::mysql::server::service' + include '::mysql::server::root_password' + include '::mysql::server::providers' + + if $remove_default_accounts { + class { '::mysql::server::account_security': + require => Anchor['mysql::server::end'], + } + } + + anchor { 'mysql::server::start': } + anchor { 'mysql::server::end': } + + if $restart { + Class['mysql::server::config'] ~> + Class['mysql::server::service'] + } + + Anchor['mysql::server::start'] -> + Class['mysql::server::install'] -> + Class['mysql::server::config'] -> + Class['mysql::server::installdb'] -> + Class['mysql::server::service'] -> + Class['mysql::server::root_password'] -> + Class['mysql::server::providers'] -> + Anchor['mysql::server::end'] + + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/account_security.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/account_security.pp new file mode 100644 index 000000000..252572e88 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/account_security.pp @@ -0,0 +1,39 @@ +# See README.md. +class mysql::server::account_security { + mysql_user { + [ 'root@127.0.0.1', + 'root@::1', + '@localhost', + '@%']: + ensure => 'absent', + require => Anchor['mysql::server::end'], + } + if ($::fqdn != 'localhost.localdomain') { + mysql_user { + [ 'root@localhost.localdomain', + '@localhost.localdomain']: + ensure => 'absent', + require => Anchor['mysql::server::end'], + } + } + if ($::fqdn != 'localhost') { + mysql_user { + [ "root@${::fqdn}", + "@${::fqdn}"]: + ensure => 'absent', + require => Anchor['mysql::server::end'], + } + } + if ($::fqdn != $::hostname) { + if ($::hostname != 'localhost') { + mysql_user { ["root@${::hostname}", "@${::hostname}"]: + ensure => 'absent', + require => Anchor['mysql::server::end'], + } + } + } + mysql_database { 'test': + ensure => 'absent', + require => Anchor['mysql::server::end'], + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/backup.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/backup.pp new file mode 100644 index 000000000..2c98284a9 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/backup.pp @@ -0,0 +1,53 @@ +# See README.me for usage. +class mysql::server::backup ( + $backupuser = undef, + $backuppassword = undef, + $backupdir = undef, + $backupdirmode = '0700', + $backupdirowner = 'root', + $backupdirgroup = 'root', + $backupcompress = true, + $backuprotate = 30, + $ignore_events = true, + $delete_before_dump = false, + $backupdatabases = [], + $file_per_database = false, + $include_routines = false, + $include_triggers = false, + $ensure = 'present', + $time = ['23', '5'], + $prescript = false, + $postscript = false, + $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', + $provider = 'mysqldump', +) { + + if $prescript and $provider =~ /(mysqldump|mysqlbackup)/ { + warning("The \$prescript option is not currently implemented for the ${provider} backup provider.") + } + + create_resources('class', { + "mysql::backup::${provider}" => { + 'backupuser' => $backupuser, + 'backuppassword' => $backuppassword, + 'backupdir' => $backupdir, + 'backupdirmode' => $backupdirmode, + 'backupdirowner' => $backupdirowner, + 'backupdirgroup' => $backupdirgroup, + 'backupcompress' => $backupcompress, + 'backuprotate' => $backuprotate, + 'ignore_events' => $ignore_events, + 'delete_before_dump' => $delete_before_dump, + 'backupdatabases' => $backupdatabases, + 'file_per_database' => $file_per_database, + 'include_routines' => $include_routines, + 'include_triggers' => $include_triggers, + 'ensure' => $ensure, + 'time' => $time, + 'prescript' => $prescript, + 'postscript' => $postscript, + 'execpath' => $execpath, + } + }) + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/config.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/config.pp new file mode 100644 index 000000000..d6c0c8395 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/config.pp @@ -0,0 +1,52 @@ +# See README.me for options. +class mysql::server::config { + + $options = $mysql::server::options + $includedir = $mysql::server::includedir + + File { + owner => 'root', + group => $mysql::server::root_group, + mode => '0400', + } + + if $includedir and $includedir != '' { + file { $includedir: + ensure => directory, + mode => '0755', + recurse => $mysql::server::purge_conf_dir, + purge => $mysql::server::purge_conf_dir, + } + } + + $logbin = pick($options['mysqld']['log-bin'], $options['mysqld']['log_bin'], false) + + if $logbin { + $logbindir = mysql_dirname($logbin) + + #Stop puppet from managing directory if just a filename/prefix is specified + if $logbindir != '.' { + file { $logbindir: + ensure => directory, + mode => '0755', + owner => $options['mysqld']['user'], + group => $options['mysqld']['user'], + } + } + } + + if $mysql::server::manage_config_file { + file { 'mysql-config-file': + path => $mysql::server::config_file, + content => template('mysql/my.cnf.erb'), + mode => '0644', + selinux_ignore_defaults => true, + } + } + + if $options['mysqld']['ssl-disable'] { + notify {'ssl-disable': + message =>'Disabling SSL is evil! You should never ever do this except if you are forced to use a mysql version compiled without SSL support' + } + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/install.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/install.pp new file mode 100644 index 000000000..3b9601def --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/install.pp @@ -0,0 +1,13 @@ +# +class mysql::server::install { + + if $mysql::server::package_manage { + + package { 'mysql-server': + ensure => $mysql::server::package_ensure, + install_options => $mysql::server::install_options, + name => $mysql::server::package_name, + } + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/installdb.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/installdb.pp new file mode 100644 index 000000000..78e08f521 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/installdb.pp @@ -0,0 +1,33 @@ +# +class mysql::server::installdb { + + if $mysql::server::package_manage { + + # Build the initial databases. + $mysqluser = $mysql::server::options['mysqld']['user'] + $datadir = $mysql::server::options['mysqld']['datadir'] + $basedir = $mysql::server::options['mysqld']['basedir'] + $config_file = $mysql::server::config_file + + if $mysql::server::manage_config_file { + $_config_file=$config_file + } else { + $_config_file=undef + } + + mysql_datadir { $datadir: + ensure => 'present', + datadir => $datadir, + basedir => $basedir, + user => $mysqluser, + defaults_extra_file => $_config_file, + } + + if $mysql::server::restart { + Mysql_datadir[$datadir] { + notify => Class['mysql::server::service'], + } + } + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/monitor.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/monitor.pp new file mode 100644 index 000000000..6b1860983 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/monitor.pp @@ -0,0 +1,24 @@ +#This is a helper class to add a monitoring user to the database +class mysql::server::monitor ( + $mysql_monitor_username = '', + $mysql_monitor_password = '', + $mysql_monitor_hostname = '' +) { + + Anchor['mysql::server::end'] -> Class['mysql::server::monitor'] + + mysql_user { "${mysql_monitor_username}@${mysql_monitor_hostname}": + ensure => present, + password_hash => mysql_password($mysql_monitor_password), + require => Class['mysql::server::service'], + } + + mysql_grant { "${mysql_monitor_username}@${mysql_monitor_hostname}/*.*": + ensure => present, + user => "${mysql_monitor_username}@${mysql_monitor_hostname}", + table => '*.*', + privileges => [ 'PROCESS', 'SUPER' ], + require => Mysql_user["${mysql_monitor_username}@${mysql_monitor_hostname}"], + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/mysqltuner.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/mysqltuner.pp new file mode 100644 index 000000000..bc5fcadc0 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/mysqltuner.pp @@ -0,0 +1,52 @@ +# +class mysql::server::mysqltuner( + $ensure = 'present', + $version = 'v1.3.0', + $source = undef, +) { + + if $source { + $_version = $source + $_source = $source + } else { + $_version = $version + $_source = "https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl" + } + + if $ensure == 'present' { + # $::puppetversion doesn't exist in puppet 4.x so would break strict + # variables + if ! $::settings::strict_variables { + $_puppetversion = $::puppetversion + } else { + # defined only works with puppet >= 3.5.0, so don't use it unless we're + # actually using strict variables + $_puppetversion = defined('$puppetversion') ? { + true => $::puppetversion, + default => undef, + } + } + # see https://tickets.puppetlabs.com/browse/ENTERPRISE-258 + if $_puppetversion and $_puppetversion =~ /Puppet Enterprise/ and versioncmp($_puppetversion, '3.8.0') < 0 { + class { 'staging': + path => '/opt/mysql_staging', + } + } else { + class { 'staging': } + } + + staging::file { "mysqltuner-${_version}": + source => $_source, + } + file { '/usr/local/bin/mysqltuner': + ensure => $ensure, + mode => '0550', + source => "${::staging::path}/mysql/mysqltuner-${_version}", + require => Staging::File["mysqltuner-${_version}"], + } + } else { + file { '/usr/local/bin/mysqltuner': + ensure => $ensure, + } + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/providers.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/providers.pp new file mode 100644 index 000000000..b651172fc --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/providers.pp @@ -0,0 +1,8 @@ +# Convenience class to call each of the three providers with the corresponding +# hashes provided in mysql::server. +# See README.md for details. +class mysql::server::providers { + create_resources('mysql_user', $mysql::server::users) + create_resources('mysql_grant', $mysql::server::grants) + create_resources('mysql_database', $mysql::server::databases) +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/root_password.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/root_password.pp new file mode 100644 index 000000000..9ebc10398 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/root_password.pp @@ -0,0 +1,46 @@ +# +class mysql::server::root_password { + + $options = $mysql::server::options + $secret_file = $mysql::server::install_secret_file + + # New installations of MySQL will configure a default random password for the root user + # with an expiration. No actions can be performed until this password is changed. The + # below exec will remove this default password. If the user has supplied a root + # password it will be set further down with the mysql_user resource. + $rm_pass_cmd = join([ + "mysqladmin -u root --password=\$(grep -o '[^ ]\\+\$' ${secret_file}) password ''", + "rm -f ${secret_file}" + ], ' && ') + exec { 'remove install pass': + command => $rm_pass_cmd, + onlyif => "test -f ${secret_file}", + path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' + } + + # manage root password if it is set + if $mysql::server::create_root_user == true and $mysql::server::root_password != 'UNSET' { + mysql_user { 'root@localhost': + ensure => present, + password_hash => mysql_password($mysql::server::root_password), + require => Exec['remove install pass'] + } + } + + if $mysql::server::create_root_my_cnf == true and $mysql::server::root_password != 'UNSET' { + file { "${::root_home}/.my.cnf": + content => template('mysql/my.cnf.pass.erb'), + owner => 'root', + mode => '0600', + } + + # show_diff was added with puppet 3.0 + if versioncmp($::puppetversion, '3.0') >= 0 { + File["${::root_home}/.my.cnf"] { show_diff => false } + } + if $mysql::server::create_root_user == true { + Mysql_user['root@localhost'] -> File["${::root_home}/.my.cnf"] + } + } + +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/manifests/server/service.pp b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/service.pp new file mode 100644 index 000000000..9aa60f1b2 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/manifests/server/service.pp @@ -0,0 +1,66 @@ +# +class mysql::server::service { + $options = $mysql::server::options + + if $mysql::server::real_service_manage { + if $mysql::server::real_service_enabled { + $service_ensure = 'running' + } else { + $service_ensure = 'stopped' + } + } else { + $service_ensure = undef + } + + if $mysql::server::override_options and $mysql::server::override_options['mysqld'] and $mysql::server::override_options['mysqld']['user'] { + $mysqluser = $mysql::server::override_options['mysqld']['user'] + } else { + $mysqluser = $options['mysqld']['user'] + } + + if $options['mysqld']['log-error'] { + file { $options['mysqld']['log-error']: + ensure => present, + owner => $mysqluser, + group => $::mysql::server::mysql_group, + } + } + + if $mysql::server::real_service_manage { + service { 'mysqld': + ensure => $service_ensure, + name => $mysql::server::service_name, + enable => $mysql::server::real_service_enabled, + provider => $mysql::server::service_provider, + } + + # only establish ordering between service and package if + # we're managing the package. + if $mysql::server::package_manage { + Service['mysqld'] { + require => Package['mysql-server'], + } + } + + # only establish ordering between config file and service if + # we're managing the config file. + if $mysql::server::manage_config_file { + File['mysql-config-file'] -> Service['mysqld'] + } + + if $mysql::server::override_options and $mysql::server::override_options['mysqld'] and $mysql::server::override_options['mysqld']['socket'] { + $mysqlsocket = $mysql::server::override_options['mysqld']['socket'] + } else { + $mysqlsocket = $options['mysqld']['socket'] + } + + exec { 'wait_for_mysql_socket_to_open': + command => "test -S ${mysqlsocket}", + unless => "test -S ${mysqlsocket}", + tries => '3', + try_sleep => '10', + require => Service['mysqld'], + path => '/bin:/usr/bin', + } + } +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/metadata.json b/modules/services/unix/mysql/mysql/module/mysql/metadata.json new file mode 100644 index 000000000..933d6aeb0 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/metadata.json @@ -0,0 +1,83 @@ +{ + "name": "puppetlabs-mysql", + "version": "3.7.0", + "author": "Puppet Labs", + "summary": "Installs, configures, and manages the MySQL service.", + "license": "Apache-2.0", + "source": "git://github.com/puppetlabs/puppetlabs-mysql.git", + "project_page": "http://github.com/puppetlabs/puppetlabs-mysql", + "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", + "dependencies": [ + {"name":"puppetlabs/stdlib","version_requirement":">= 3.2.0 < 5.0.0"}, + {"name":"nanliu/staging","version_requirement":">= 1.0.1 < 2.0.0"} + ], + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "5", + "6", + "7" + ] + }, + { + "operatingsystem": "SLES", + "operatingsystemrelease": [ + "11 SP1", + "12" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7", + "8" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04", + "14.04", + "16.04" + ] + } + ], + "requirements": [ + { + "name": "pe", + "version_requirement": ">= 3.0.0 < 2015.4.0" + }, + { + "name": "puppet", + "version_requirement": ">= 3.0.0 < 5.0.0" + } + ], + "description": "Mysql module" +} diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_backup_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_backup_spec.rb new file mode 100644 index 000000000..c33fcf5a8 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_backup_spec.rb @@ -0,0 +1,187 @@ +require 'spec_helper_acceptance' +require 'puppet' +require 'puppet/util/package' + +describe 'mysql::server::backup class' do + + def pre_run + apply_manifest("class { 'mysql::server': root_password => 'password' }", :catch_failures => true) + @mysql_version = (on default, 'mysql --version').output.chomp.match(/\d+\.\d+\.\d+/)[0] + end + + def version_is_greater_than(version) + return Puppet::Util::Package.versioncmp(@mysql_version, version) > 0 + end + + context 'should work with no errors' do + it 'when configuring mysql backups' do + pp = <<-EOS + class { 'mysql::server': root_password => 'password' } + mysql::db { [ + 'backup1', + 'backup2' + ]: + user => 'backup', + password => 'secret', + } + + class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + backupcompress => true, + postscript => [ + 'rm -rf /var/tmp/mysqlbackups', + 'rm -f /var/tmp/mysqlbackups.done', + 'cp -r /tmp/backups /var/tmp/mysqlbackups', + 'touch /var/tmp/mysqlbackups.done', + ], + execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'mysqlbackup.sh' do + it 'should run mysqlbackup.sh with no errors' do + shell("/usr/local/sbin/mysqlbackup.sh") do |r| + expect(r.stderr).to eq("") + end + end + + it 'should dump all databases to single file' do + shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| + expect(r.stdout).to match(/1/) + expect(r.exit_code).to be_zero + end + end + + context 'should create one file per database per run' do + it 'executes mysqlbackup.sh a second time' do + shell('sleep 1') + shell('/usr/local/sbin/mysqlbackup.sh') + end + + it 'creates at least one backup tarball' do + shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| + expect(r.stdout).to match(/2/) + expect(r.exit_code).to be_zero + end + end + end + end + + context 'with one file per database' do + context 'should work with no errors' do + it 'when configuring mysql backups' do + pp = <<-EOS + class { 'mysql::server': root_password => 'password' } + mysql::db { [ + 'backup1', + 'backup2' + ]: + user => 'backup', + password => 'secret', + } + + class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + backupcompress => true, + file_per_database => true, + postscript => [ + 'rm -rf /var/tmp/mysqlbackups', + 'rm -f /var/tmp/mysqlbackups.done', + 'cp -r /tmp/backups /var/tmp/mysqlbackups', + 'touch /var/tmp/mysqlbackups.done', + ], + execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'mysqlbackup.sh' do + it 'should run mysqlbackup.sh with no errors without root credentials' do + shell("HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh") do |r| + expect(r.stderr).to eq("") + end + end + + it 'should create one file per database' do + ['backup1', 'backup2'].each do |database| + shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| + expect(r.stdout).to match(/1/) + expect(r.exit_code).to be_zero + end + end + end + + context 'should create one file per database per run' do + it 'executes mysqlbackup.sh a second time' do + shell('sleep 1') + shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') + end + + it 'has one file per database per run' do + ['backup1', 'backup2'].each do |database| + shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| + expect(r.stdout).to match(/2/) + expect(r.exit_code).to be_zero + end + end + end + end + end + end + + context 'with triggers and routines' do + it 'when configuring mysql backups with triggers and routines' do + pre_run + pp = <<-EOS + class { 'mysql::server': root_password => 'password' } + mysql::db { [ + 'backup1', + 'backup2' + ]: + user => 'backup', + password => 'secret', + } + package { 'bzip2': + ensure => present, + } + class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + backupcompress => true, + file_per_database => true, + include_triggers => #{version_is_greater_than('5.1.5')}, + include_routines => true, + postscript => [ + 'rm -rf /var/tmp/mysqlbackups', + 'rm -f /var/tmp/mysqlbackups.done', + 'cp -r /tmp/backups /var/tmp/mysqlbackups', + 'touch /var/tmp/mysqlbackups.done', + ], + execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + require => Package['bzip2'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + it 'should run mysqlbackup.sh with no errors' do + shell("/usr/local/sbin/mysqlbackup.sh") do |r| + expect(r.stderr).to eq("") + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_db_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_db_spec.rb new file mode 100644 index 000000000..8c571608e --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_db_spec.rb @@ -0,0 +1,65 @@ +require 'spec_helper_acceptance' + +describe 'mysql::db define' do + describe 'creating a database' do + let(:pp) do + <<-EOS + class { 'mysql::server': root_password => 'password' } + mysql::db { 'spec1': + user => 'root1', + password => 'password', + } + EOS + end + it_behaves_like "a idempotent resource" + + describe command("mysql -e 'show databases;'") do + its(:exit_status) { is_expected.to eq 0 } + its(:stdout) { is_expected.to match /^spec1$/ } + end + end + + describe 'creating a database with post-sql' do + let(:pp) do + <<-EOS + class { 'mysql::server': override_options => { 'root_password' => 'password' } } + file { '/tmp/spec.sql': + ensure => file, + content => 'CREATE TABLE table1 (id int);', + before => Mysql::Db['spec2'], + } + mysql::db { 'spec2': + user => 'root1', + password => 'password', + sql => '/tmp/spec.sql', + } + EOS + end + it_behaves_like "a idempotent resource" + + describe command("mysql -e 'show tables;' spec2") do + its(:exit_status) { is_expected.to eq 0 } + its(:stdout) { is_expected.to match /^table1$/ } + end + end + + describe 'creating a database with dbname parameter' do + let(:check_command) { " | grep realdb" } + let(:pp) do + <<-EOS + class { 'mysql::server': override_options => { 'root_password' => 'password' } } + mysql::db { 'spec1': + user => 'root1', + password => 'password', + dbname => 'realdb', + } + EOS + end + it_behaves_like "a idempotent resource" + + describe command("mysql -e 'show databases;'") do + its(:exit_status) { is_expected.to eq 0 } + its(:stdout) { is_expected.to match /^realdb$/ } + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_server_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_server_spec.rb new file mode 100644 index 000000000..06ea0ba04 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/mysql_server_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper_acceptance' + +describe 'mysql class' do + describe 'advanced config' do + before(:all) do + @tmpdir = default.tmpdir('mysql') + end + let(:pp) do + <<-EOS + class { 'mysql::server': + config_file => '#{@tmpdir}/my.cnf', + includedir => '#{@tmpdir}/include', + manage_config_file => 'true', + override_options => { 'mysqld' => { 'key_buffer_size' => '32M' }}, + package_ensure => 'present', + purge_conf_dir => 'true', + remove_default_accounts => 'true', + restart => 'true', + root_group => 'root', + root_password => 'test', + service_enabled => 'true', + service_manage => 'true', + users => { + 'someuser@localhost' => { + ensure => 'present', + max_connections_per_hour => '0', + max_queries_per_hour => '0', + max_updates_per_hour => '0', + max_user_connections => '0', + password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', + }}, + grants => { + 'someuser@localhost/somedb.*' => { + ensure => 'present', + options => ['GRANT'], + privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], + table => 'somedb.*', + user => 'someuser@localhost', + }, + }, + databases => { + 'somedb' => { + ensure => 'present', + charset => 'utf8', + }, + } + } + EOS + end + + it_behaves_like "a idempotent resource" + end + + describe 'syslog configuration' do + let(:pp) do + <<-EOS + class { 'mysql::server': + override_options => { 'mysqld' => { 'log-error' => undef }, 'mysqld_safe' => { 'log-error' => false, 'syslog' => true }}, + } + EOS + end + + it_behaves_like "a idempotent resource" + end + + context 'when changing the password' do + let(:password) { 'THE NEW SECRET' } + let(:pp) { "class { 'mysql::server': root_password => '#{password}' }" } + + it 'should not display the password' do + result = apply_manifest(pp, :catch_failures => true) + # this does not actually prove anything, as show_diff in the puppet config defaults to false. + expect(result.stdout).not_to match /#{password}/ + end + + it_behaves_like "a idempotent resource" + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-510-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-510-x64.yml new file mode 100644 index 000000000..12c9e7893 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-510-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-510-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-510-x64-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-59-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-59-x64.yml new file mode 100644 index 000000000..2ad90b86a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-59-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-59-x64: + roles: + - master + platform: el-5-x86_64 + box : centos-59-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: git diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml new file mode 100644 index 000000000..7d9242f1b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-64-x64-pe.yml @@ -0,0 +1,12 @@ +HOSTS: + centos-64-x64: + roles: + - master + - database + - dashboard + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: pe diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-65-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 000000000..4e2cb809e --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_64 + box : centos-65-x64-vbox436-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/default.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..6505c6ded --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/default.yml @@ -0,0 +1,11 @@ +HOSTS: + centos-64-x64: + roles: + - master + - default + platform: el-6-x86_64 + box : centos-64-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/fedora-18-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/fedora-18-x64.yml new file mode 100644 index 000000000..136164983 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/fedora-18-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + fedora-18-x64: + roles: + - master + platform: fedora-18-x86_64 + box : fedora-18-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/fedora-18-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/sles-11-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/sles-11-x64.yml new file mode 100644 index 000000000..41abe2135 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/sles-11-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + sles-11-x64.local: + roles: + - master + platform: sles-11-x64 + box : sles-11sp1-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/sles-11sp1-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml new file mode 100644 index 000000000..5ca1514e4 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-10044-x64: + roles: + - master + platform: ubuntu-10.04-amd64 + box : ubuntu-server-10044-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml new file mode 100644 index 000000000..d065b304f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml @@ -0,0 +1,10 @@ +HOSTS: + ubuntu-server-12042-x64: + roles: + - master + platform: ubuntu-12.04-amd64 + box : ubuntu-server-12042-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box + hypervisor : vagrant +CONFIG: + type: foss diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 000000000..cba1cd04c --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_database_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_database_spec.rb new file mode 100644 index 000000000..b19026ddb --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_database_spec.rb @@ -0,0 +1,64 @@ +require 'spec_helper_acceptance' + +describe 'mysql_database' do + describe 'setup' do + it 'should work with no errors' do + pp = <<-EOS + class { 'mysql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'creating database' do + it 'should work without errors' do + pp = <<-EOS + mysql_database { 'spec_db': + ensure => present, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the database' do + shell("mysql -NBe \"SHOW DATABASES LIKE 'spec_db'\"") do |r| + expect(r.stdout).to match(/^spec_db$/) + expect(r.stderr).to be_empty + end + end + end + + describe 'charset and collate' do + it 'should create two db of different types idempotently' do + pp = <<-EOS + mysql_database { 'spec_latin1': + charset => 'latin1', + collate => 'latin1_swedish_ci', + } + mysql_database { 'spec_utf8': + charset => 'utf8', + collate => 'utf8_general_ci', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + it 'should find latin1 db' do + shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_latin1") do |r| + expect(r.stdout).to match(/^character_set_database\tlatin1\ncollation_database\tlatin1_swedish_ci$/) + expect(r.stderr).to be_empty + end + end + + it 'should find utf8 db' do + shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_utf8") do |r| + expect(r.stdout).to match(/^character_set_database\tutf8\ncollation_database\tutf8_general_ci$/) + expect(r.stderr).to be_empty + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_grant_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_grant_spec.rb new file mode 100644 index 000000000..d1bfa2573 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_grant_spec.rb @@ -0,0 +1,488 @@ +require 'spec_helper_acceptance' + +describe 'mysql_grant' do + + describe 'setup' do + it 'setup mysql::server' do + pp = <<-EOS + class { 'mysql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'missing privileges for user' do + it 'should fail' do + pp = <<-EOS + mysql_grant { 'test1@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test1@tester', + } + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/privileges parameter is required/) + end + + it 'should not find the user' do + expect(shell("mysql -NBe \"SHOW GRANTS FOR test1@tester\"", { :acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'test1' on host 'tester'/) + end + end + + describe 'missing table for user' do + it 'should fail' do + pp = <<-EOS + mysql_grant { 'atest@tester/test.*': + ensure => 'present', + user => 'atest@tester', + privileges => ['ALL'], + } + EOS + + apply_manifest(pp, :expect_failures => true) + end + + it 'should not find the user' do + expect(shell("mysql -NBe \"SHOW GRANTS FOR atest@tester\"", {:acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'atest' on host 'tester'/) + end + end + + describe 'adding privileges' do + it 'should work without errors' do + pp = <<-EOS + mysql_grant { 'test2@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test2@tester', + privileges => ['SELECT', 'UPDATE'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR test2@tester\"") do |r| + expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test2'@'tester'/) + expect(r.stderr).to be_empty + end + end + end + + describe 'adding privileges with special character in name' do + it 'should work without errors' do + pp = <<-EOS + mysql_grant { 'test-2@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test-2@tester', + privileges => ['SELECT', 'UPDATE'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test-2'@tester\"") do |r| + expect(r.stdout).to match(/GRANT SELECT, UPDATE.*TO 'test-2'@'tester'/) + expect(r.stderr).to be_empty + end + end + end + + describe 'adding privileges with invalid name' do + it 'should fail' do + pp = <<-EOS + mysql_grant { 'test': + ensure => 'present', + table => 'test.*', + user => 'test2@tester', + privileges => ['SELECT', 'UPDATE'], + } + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/name must match user and table parameters/) + end + end + + describe 'adding option' do + it 'should work without errors' do + pp = <<-EOS + mysql_grant { 'test3@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test3@tester', + options => ['GRANT'], + privileges => ['SELECT', 'UPDATE'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR test3@tester\"") do |r| + expect(r.stdout).to match(/GRANT SELECT, UPDATE ON `test`.* TO 'test3'@'tester' WITH GRANT OPTION$/) + expect(r.stderr).to be_empty + end + end + end + + describe 'adding all privileges without table' do + it 'should fail' do + pp = <<-EOS + mysql_grant { 'test4@tester/test.*': + ensure => 'present', + user => 'test4@tester', + options => ['GRANT'], + privileges => ['SELECT', 'UPDATE', 'ALL'], + } + EOS + + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/table parameter is required./) + end + end + + describe 'adding all privileges' do + it 'should only try to apply ALL' do + pp = <<-EOS + mysql_grant { 'test4@tester/test.*': + ensure => 'present', + table => 'test.*', + user => 'test4@tester', + options => ['GRANT'], + privileges => ['SELECT', 'UPDATE', 'ALL'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR test4@tester\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test4'@'tester' WITH GRANT OPTION/) + expect(r.stderr).to be_empty + end + end + end + + # Test combinations of user@host to ensure all cases work. + describe 'short hostname' do + it 'should apply' do + pp = <<-EOS + mysql_grant { 'test@short/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@short', + privileges => 'ALL', + } + mysql_grant { 'test@long.hostname.com/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@long.hostname.com', + privileges => 'ALL', + } + mysql_grant { 'test@192.168.5.6/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@192.168.5.6', + privileges => 'ALL', + } + mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004', + privileges => 'ALL', + } + mysql_grant { 'test@::1/128/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@::1/128', + privileges => 'ALL', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'finds short hostname' do + shell("mysql -NBe \"SHOW GRANTS FOR test@short\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'short'/) + expect(r.stderr).to be_empty + end + end + it 'finds long hostname' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'long.hostname.com'\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'long.hostname.com'/) + expect(r.stderr).to be_empty + end + end + it 'finds ipv4' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.6'\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.6'/) + expect(r.stderr).to be_empty + end + end + it 'finds ipv6' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'/) + expect(r.stderr).to be_empty + end + end + it 'finds short ipv6' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'::1/128'\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'::1\/128'/) + expect(r.stderr).to be_empty + end + end + end + + describe 'complex test' do + it 'setup mysql::server' do + pp = <<-EOS + $dbSubnet = '10.10.10.%' + + mysql_database { 'foo': + ensure => present, + } + + exec { 'mysql-create-table': + command => '/usr/bin/mysql -NBe "CREATE TABLE foo.bar (name VARCHAR(20))"', + environment => "HOME=${::root_home}", + unless => '/usr/bin/mysql -NBe "SELECT 1 FROM foo.bar LIMIT 1;"', + require => Mysql_database['foo'], + } + + Mysql_grant { + ensure => present, + options => ['GRANT'], + privileges => ['ALL'], + table => '*.*', + require => [ Mysql_database['foo'], Exec['mysql-create-table'] ], + } + + mysql_grant { "user1@${dbSubnet}/*.*": + user => "user1@${dbSubnet}", + } + mysql_grant { "user2@${dbSubnet}/foo.bar": + privileges => ['SELECT', 'INSERT', 'UPDATE'], + user => "user2@${dbSubnet}", + table => 'foo.bar', + } + mysql_grant { "user3@${dbSubnet}/foo.*": + privileges => ['SELECT', 'INSERT', 'UPDATE'], + user => "user3@${dbSubnet}", + table => 'foo.*', + } + mysql_grant { 'web@%/*.*': + user => 'web@%', + } + mysql_grant { "web@${dbSubnet}/*.*": + user => "web@${dbSubnet}", + } + mysql_grant { "web@${fqdn}/*.*": + user => "web@${fqdn}", + } + mysql_grant { 'web@localhost/*.*': + user => 'web@localhost', + } + EOS + + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + end + + describe 'lower case privileges' do + it 'create ALL privs' do + pp = <<-EOS + mysql_grant { 'lowercase@localhost/*.*': + user => 'lowercase@localhost', + privileges => 'ALL', + table => '*.*', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'create lowercase all privs' do + pp = <<-EOS + mysql_grant { 'lowercase@localhost/*.*': + user => 'lowercase@localhost', + privileges => 'all', + table => '*.*', + } + EOS + + expect(apply_manifest(pp, :catch_failures => true).exit_code).to eq(0) + end + end + + describe 'adding procedure privileges' do + it 'should work without errors' do + pp = <<-EOS + mysql_grant { 'test2@tester/PROCEDURE test.simpleproc': + ensure => 'present', + table => 'PROCEDURE test.simpleproc', + user => 'test2@tester', + privileges => ['EXECUTE'], + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"SHOW GRANTS FOR test2@tester\"") do |r| + expect(r.stdout).to match(/GRANT EXECUTE ON PROCEDURE `test`.`simpleproc` TO 'test2'@'tester'/) + expect(r.stderr).to be_empty + end + end + end + + describe 'grants with skip-name-resolve specified' do + it 'setup mysql::server' do + pp = <<-EOS + class { 'mysql::server': + override_options => { + 'mysqld' => {'skip-name-resolve' => true} + }, + restart => true, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should apply' do + pp = <<-EOS + mysql_grant { 'test@fqdn.com/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@fqdn.com', + privileges => 'ALL', + } + mysql_grant { 'test@192.168.5.7/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@192.168.5.7', + privileges => 'ALL', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should fail with fqdn' do + expect(shell("mysql -NBe \"SHOW GRANTS FOR test@fqdn.com\"", { :acceptable_exit_codes => 1}).stderr).to match(/There is no such grant defined for user 'test' on host 'fqdn.com'/) + end + it 'finds ipv4' do + shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.7'\"") do |r| + expect(r.stdout).to match(/GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.7'/) + expect(r.stderr).to be_empty + end + end + + it 'should fail to execute while applying' do + pp = <<-EOS + mysql_grant { 'test@fqdn.com/test.*': + ensure => 'present', + table => 'test.*', + user => 'test@fqdn.com', + privileges => 'ALL', + } + EOS + + mysql_cmd = shell('which mysql').stdout.chomp + shell("mv #{mysql_cmd} #{mysql_cmd}.bak") + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Command mysql is missing/) + shell("mv #{mysql_cmd}.bak #{mysql_cmd}") + end + + it 'reset mysql::server config' do + pp = <<-EOS + class { 'mysql::server': + restart => true, + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'adding privileges to specific table' do + # Using puppet_apply as a helper + it 'setup mysql server' do + pp = <<-EOS + class { 'mysql::server': override_options => { 'root_password' => 'password' } } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'creates grant on missing table will fail' do + pp = <<-EOS + mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': + user => 'test@localhost', + privileges => ['SELECT'], + table => 'grant_spec_db.grant_spec_table', + } + EOS + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/Table 'grant_spec_db\.grant_spec_table' doesn't exist/) + end + + it 'checks if table exists before grant' do + pp = <<-EOS + if mysql_table_exists('grant_spec_db.grant_spec_table') { + mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': + user => 'test@localhost', + privileges => 'ALL', + table => 'grant_spec_db.grant_spec_table', + } + } + EOS + apply_manifest(pp, :catch_changes => true) + end + + it 'creates table' do + pp = <<-EOS + file { '/tmp/grant_spec_table.sql': + ensure => file, + content => 'CREATE TABLE grant_spec_table (id int);', + before => Mysql::Db['grant_spec_db'], + } + mysql::db { 'grant_spec_db': + user => 'root1', + password => 'password', + sql => '/tmp/grant_spec_table.sql', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should have the table' do + expect(shell("mysql -e 'show tables;' grant_spec_db|grep grant_spec_table").exit_code).to be_zero + end + + it 'checks if table exists before grant' do + pp = <<-EOS + if mysql_table_exists('grant_spec_db.grant_spec_table') { + mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table': + user => 'test@localhost', + privileges => ['SELECT'], + table => 'grant_spec_db.grant_spec_table', + } + } + EOS + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_plugin_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_plugin_spec.rb new file mode 100644 index 000000000..ccc827c7a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_plugin_spec.rb @@ -0,0 +1,72 @@ +require 'spec_helper_acceptance' + +# Different operating systems (and therefore different versions/forks +# of mysql) have varying levels of support for plugins and have +# different plugins available. Choose a plugin that works or don't try +# to test plugins if not available. +if fact('osfamily') =~ /RedHat/ + if fact('operatingsystemrelease') =~ /^5\./ + plugin = nil # Plugins not supported on mysql on RHEL 5 + elsif fact('operatingsystemrelease') =~ /^6\./ + plugin = 'example' + plugin_lib = 'ha_example.so' + elsif fact('operatingsystemrelease') =~ /^7\./ + plugin = 'pam' + plugin_lib = 'auth_pam.so' + end +elsif fact('osfamily') =~ /Debian/ + if fact('operatingsystem') =~ /Debian/ + if fact('operatingsystemrelease') =~ /^6\./ + # Only available plugin is innodb which is already loaded and not unload- or reload-able + plugin = nil + elsif fact('operatingsystemrelease') =~ /^7\./ + plugin = 'example' + plugin_lib = 'ha_example.so' + end + elsif fact('operatingsystem') =~ /Ubuntu/ + if fact('operatingsystemrelease') =~ /^10\.04/ + # Only available plugin is innodb which is already loaded and not unload- or reload-able + plugin = nil + else + plugin = 'example' + plugin_lib = 'ha_example.so' + end + end +elsif fact('osfamily') =~ /Suse/ + plugin = nil # Plugin library path is broken on Suse http://lists.opensuse.org/opensuse-bugs/2013-08/msg01123.html +end + +describe 'mysql_plugin' do + if plugin # if plugins are supported + describe 'setup' do + it 'should work with no errors' do + pp = <<-EOS + class { 'mysql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + + describe 'load plugin' do + it 'should work without errors' do + pp = <<-EOS + mysql_plugin { #{plugin}: + ensure => present, + soname => '#{plugin_lib}', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the plugin' do + shell("mysql -NBe \"select plugin_name from information_schema.plugins where plugin_name='#{plugin}'\"") do |r| + expect(r.stdout).to match(/^#{plugin}$/i) + expect(r.stderr).to be_empty + end + end + end + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_user_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_user_spec.rb new file mode 100644 index 000000000..565fee3e2 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/acceptance/types/mysql_user_spec.rb @@ -0,0 +1,86 @@ +require 'spec_helper_acceptance' + +describe 'mysql_user' do + describe 'setup' do + it 'should work with no errors' do + pp = <<-EOS + class { 'mysql::server': } + EOS + + apply_manifest(pp, :catch_failures => true) + end + end + + context 'using ashp@localhost' do + describe 'adding user' do + it 'should work without errors' do + pp = <<-EOS + mysql_user { 'ashp@localhost': + password_hash => '6f8c114b58f2ce9e', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| + expect(r.stdout).to match(/^1$/) + expect(r.stderr).to be_empty + end + end + end + end + + context 'using ashp-dash@localhost' do + describe 'adding user' do + it 'should work without errors' do + pp = <<-EOS + mysql_user { 'ashp-dash@localhost': + password_hash => '6f8c114b58f2ce9e', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp-dash@localhost'\"") do |r| + expect(r.stdout).to match(/^1$/) + expect(r.stderr).to be_empty + end + end + end + end + + context 'using ashp@LocalHost' do + describe 'adding user' do + it 'should work without errors' do + pp = <<-EOS + mysql_user { 'ashp@LocalHost': + password_hash => '6f8c114b58f2ce9e', + } + EOS + + apply_manifest(pp, :catch_failures => true) + end + + it 'should find the user' do + shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| + expect(r.stdout).to match(/^1$/) + expect(r.stderr).to be_empty + end + end + end + end + context 'using resource should throw no errors' do + describe 'find users' do + it { + on default, puppet('resource mysql_user'), {:catch_failures => true} do |r| + expect(r.stdout).to_not match(/Error:/) + expect(r.stdout).to_not match(/must be properly quoted, invalid character:/) + end + } + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/graceful_failures_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/graceful_failures_spec.rb new file mode 100644 index 000000000..9fb811786 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/graceful_failures_spec.rb @@ -0,0 +1,19 @@ +require 'spec_helper' + +describe 'mysql::server' do + context "on an unsupported OS" do + # fetch any sets of facts to modify them + os, facts = on_supported_os.first + + let(:facts) { + facts.merge({ + :osfamily => 'UNSUPPORTED', + :operatingsystem => 'UNSUPPORTED', + }) + } + + it 'should gracefully fail' do + is_expected.to compile.and_raise_error(/Unsupported platform:/) + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mycnf_template_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mycnf_template_spec.rb new file mode 100644 index 000000000..9c0c433e1 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mycnf_template_spec.rb @@ -0,0 +1,86 @@ +require 'spec_helper' + +describe 'mysql::server' do + context 'my.cnf template' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + context 'normal entry' do + let(:params) {{ :override_options => { 'mysqld' => { 'socket' => '/var/lib/mysql/mysql.sock' } } }} + it do + is_expected.to contain_file('mysql-config-file').with({ + :mode => '0644', + :selinux_ignore_defaults => true, + }).with_content(/socket = \/var\/lib\/mysql\/mysql.sock/) + end + end + + describe 'array entry' do + let(:params) {{ :override_options => { 'mysqld' => { 'replicate-do-db' => ['base1', 'base2'], } }}} + it do + is_expected.to contain_file('mysql-config-file').with_content( + /.*replicate-do-db = base1\nreplicate-do-db = base2.*/ + ) + end + end + + describe 'skip-name-resolve set to an empty string' do + let(:params) {{ :override_options => { 'mysqld' => { 'skip-name-resolve' => '' }}}} + it { is_expected.to contain_file('mysql-config-file').with_content(/^skip-name-resolve$/) } + end + + describe 'ssl set to true' do + let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => true }}}} + it { is_expected.to contain_file('mysql-config-file').with_content(/ssl/) } + it { is_expected.to contain_file('mysql-config-file').without_content(/ssl = true/) } + end + + describe 'ssl set to false' do + let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => false }}}} + it { is_expected.to contain_file('mysql-config-file').with_content(/ssl = false/) } + end + + # ssl-disable (and ssl) are special cased within mysql. + describe 'possibility of disabling ssl completely' do + let(:params) {{ :override_options => { 'mysqld' => { 'ssl' => true, 'ssl-disable' => true }}}} + it { is_expected.to contain_file('mysql-config-file').without_content(/ssl = true/) } + end + + describe 'a non ssl option set to true' do + let(:params) {{ :override_options => { 'mysqld' => { 'test' => true }}}} + it { is_expected.to contain_file('mysql-config-file').with_content(/^test$/) } + it { is_expected.to contain_file('mysql-config-file').without_content(/test = true/) } + end + + context 'with includedir' do + let(:params) {{ :includedir => '/etc/my.cnf.d' }} + it 'makes the directory' do + is_expected.to contain_file('/etc/my.cnf.d').with({ + :ensure => :directory, + :mode => '0755', + }) + end + + it { is_expected.to contain_file('mysql-config-file').with_content(/!includedir/) } + end + + context 'without includedir' do + let(:params) {{ :includedir => '' }} + it 'shouldnt contain the directory' do + is_expected.not_to contain_file('mysql-config-file').with({ + :ensure => :directory, + :mode => '0755', + }) + end + + it { is_expected.to contain_file('mysql-config-file').without_content(/!includedir/) } + end + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_bindings_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_bindings_spec.rb new file mode 100644 index 000000000..066e87635 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_bindings_spec.rb @@ -0,0 +1,32 @@ +require 'spec_helper' + +describe 'mysql::bindings' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + let(:params) {{ + 'java_enable' => true, + 'perl_enable' => true, + 'php_enable' => true, + 'python_enable' => true, + 'ruby_enable' => true, + 'client_dev' => true, + 'daemon_dev' => true, + 'client_dev_package_name' => 'libmysqlclient-devel', + 'daemon_dev_package_name' => 'mysql-devel', + }} + + it { is_expected.to contain_package('mysql-connector-java') } + it { is_expected.to contain_package('perl_mysql') } + it { is_expected.to contain_package('python-mysqldb') } + it { is_expected.to contain_package('ruby_mysql') } + it { is_expected.to contain_package('mysql-client_dev') } + it { is_expected.to contain_package('mysql-daemon_dev') } + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_client_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_client_spec.rb new file mode 100644 index 000000000..fdbcc1975 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_client_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' + +describe 'mysql::client' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + context 'with defaults' do + it { is_expected.not_to contain_class('mysql::bindings') } + it { is_expected.to contain_package('mysql_client') } + end + + context 'with bindings enabled' do + let(:params) {{ :bindings_enable => true }} + + it { is_expected.to contain_class('mysql::bindings') } + it { is_expected.to contain_package('mysql_client') } + end + + context 'with package_manage set to true' do + let(:params) {{ :package_manage => true }} + + it { is_expected.to contain_package('mysql_client') } + end + + context 'with package_manage set to false' do + let(:params) {{ :package_manage => false }} + + it { is_expected.not_to contain_package('mysql_client') } + end + + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_account_security_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_account_security_spec.rb new file mode 100644 index 000000000..d45c46e27 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_account_security_spec.rb @@ -0,0 +1,86 @@ +require 'spec_helper' + +describe 'mysql::server::account_security' do + on_supported_os.each do |os, facts| + context "on #{os}" do + context "with fqdn==myhost.mydomain" do + let(:facts) { + facts.merge({ + :root_home => '/root', + :fqdn => 'myhost.mydomain', + :hostname => 'myhost', + }) + } + + [ 'root@myhost.mydomain', + 'root@127.0.0.1', + 'root@::1', + '@myhost.mydomain', + '@localhost', + '@%', + ].each do |user| + it "removes Mysql_User[#{user}]" do + is_expected.to contain_mysql_user(user).with_ensure('absent') + end + end + + # When the hostname doesn't match the fqdn we also remove these. + # We don't need to test the inverse as when they match they are + # covered by the above list. + [ 'root@myhost', '@myhost' ].each do |user| + it "removes Mysql_User[#{user}]" do + is_expected.to contain_mysql_user(user).with_ensure('absent') + end + end + + it 'should remove Mysql_database[test]' do + is_expected.to contain_mysql_database('test').with_ensure('absent') + end + end + + context "with fqdn==localhost" do + let(:facts) { + facts.merge({ + :root_home => '/root', + :fqdn => 'localhost', + :hostname => 'localhost', + }) + } + + [ 'root@127.0.0.1', + 'root@::1', + '@localhost', + 'root@localhost.localdomain', + '@localhost.localdomain', + '@%', + ].each do |user| + it "removes Mysql_User[#{user}]" do + is_expected.to contain_mysql_user(user).with_ensure('absent') + end + end + end + + context "with fqdn==localhost.localdomain" do + let(:facts) { + facts.merge({ + :root_home => '/root', + :fqdn => 'localhost.localdomain', + :hostname => 'localhost', + }) + } + + [ 'root@127.0.0.1', + 'root@::1', + '@localhost', + 'root@localhost.localdomain', + '@localhost.localdomain', + '@%', + ].each do |user| + it "removes Mysql_User[#{user}]" do + is_expected.to contain_mysql_user(user).with_ensure('absent') + end + end + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_backup_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_backup_spec.rb new file mode 100644 index 000000000..c1bc3745f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_backup_spec.rb @@ -0,0 +1,405 @@ +require 'spec_helper' + +describe 'mysql::server::backup' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + let(:default_params) { + { 'backupuser' => 'testuser', + 'backuppassword' => 'testpass', + 'backupdir' => '/tmp', + 'backuprotate' => '25', + 'delete_before_dump' => true, + 'execpath' => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', + } + } + + context 'standard conditions' do + let(:params) { default_params } + + # Cannot use that_requires here, doesn't work on classes. + it { is_expected.to contain_mysql_user('testuser@localhost').with( + :require => 'Class[Mysql::Server::Root_password]') } + + it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( + :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] + ).that_requires('Mysql_user[testuser@localhost]') } + + context 'with triggers included' do + let(:params) do + { :include_triggers => true }.merge(default_params) + end + it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( + :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'] + ).that_requires('Mysql_user[testuser@localhost]') } + end + + it { is_expected.to contain_cron('mysql-backup').with( + :command => '/usr/local/sbin/mysqlbackup.sh', + :ensure => 'present' + )} + + it { is_expected.to contain_file('mysqlbackup.sh').with( + :path => '/usr/local/sbin/mysqlbackup.sh', + :ensure => 'present' + ) } + + it { is_expected.to contain_file('mysqlbackupdir').with( + :path => '/tmp', + :ensure => 'directory' + )} + + it 'should have compression by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /bzcat -zc/ + ) + end + + it 'should skip backing up events table by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="--ignore-table=mysql.event"/ + ) + end + + it 'should not mention triggers by default because file_per_database is false' do + is_expected.to contain_file('mysqlbackup.sh').without_content( + /.*triggers.*/ + ) + end + + it 'should not mention routines by default because file_per_database is false' do + is_expected.to contain_file('mysqlbackup.sh').without_content( + /.*routines.*/ + ) + end + + it 'should have 25 days of rotation' do + # MySQL counts from 0 + is_expected.to contain_file('mysqlbackup.sh').with_content(/.*ROTATE=24.*/) + end + + it 'should have a standard PATH' do + is_expected.to contain_file('mysqlbackup.sh').with_content(%r{PATH=/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin}) + end + end + + context 'custom ownership and mode for backupdir' do + let(:params) do + { :backupdirmode => '0750', + :backupdirowner => 'testuser', + :backupdirgroup => 'testgrp', + }.merge(default_params) + end + + it { is_expected.to contain_file('mysqlbackupdir').with( + :path => '/tmp', + :ensure => 'directory', + :mode => '0750', + :owner => 'testuser', + :group => 'testgrp' + ) } + end + + context 'with compression disabled' do + let(:params) do + { :backupcompress => false }.merge(default_params) + end + + it { is_expected.to contain_file('mysqlbackup.sh').with( + :path => '/usr/local/sbin/mysqlbackup.sh', + :ensure => 'present' + ) } + + it 'should be able to disable compression' do + is_expected.to contain_file('mysqlbackup.sh').without_content( + /.*bzcat -zc.*/ + ) + end + end + + context 'with mysql.events backedup' do + let(:params) do + { :ignore_events => false }.merge(default_params) + end + + it { is_expected.to contain_file('mysqlbackup.sh').with( + :path => '/usr/local/sbin/mysqlbackup.sh', + :ensure => 'present' + ) } + + it 'should be able to backup events table' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="--events"/ + ) + end + end + + context 'with database list specified' do + let(:params) do + { :backupdatabases => ['mysql'] }.merge(default_params) + end + + it { is_expected.to contain_file('mysqlbackup.sh').with( + :path => '/usr/local/sbin/mysqlbackup.sh', + :ensure => 'present' + ) + } + + it 'should have a backup file for each database' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /mysql | bzcat -zc \${DIR}\\\${PREFIX}mysql_`date'/ + ) + end + + it 'should skip backup triggers by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ + ) + end + + it 'should skip backing up routines by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ + ) + end + + context 'with include_triggers set to true' do + let(:params) do + default_params.merge({ + :backupdatabases => ['mysql'], + :include_triggers => true + }) + end + + it 'should backup triggers when asked' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ + ) + end + end + + context 'with include_triggers set to false' do + let(:params) do + default_params.merge({ + :backupdatabases => ['mysql'], + :include_triggers => false + }) + end + + it 'should skip backing up triggers when asked to skip' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ + ) + end + end + + context 'with include_routines set to true' do + let(:params) do + default_params.merge({ + :backupdatabases => ['mysql'], + :include_routines => true + }) + end + + it 'should backup routines when asked' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"/ + ) + end + end + + context 'with include_routines set to false' do + let(:params) do + default_params.merge({ + :backupdatabases => ['mysql'], + :include_triggers => true + }) + end + + it 'should skip backing up routines when asked to skip' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ + ) + end + end + end + + context 'with file per database' do + let(:params) do + default_params.merge({ :file_per_database => true }) + end + + it 'should loop through backup all databases' do + is_expected.to contain_file('mysqlbackup.sh').with_content(/.*SHOW DATABASES.*/) + end + + context 'with compression disabled' do + let(:params) do + default_params.merge({ :file_per_database => true, :backupcompress => false }) + end + + it 'should loop through backup all databases without compression' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /.*SHOW DATABASES.*/ + ) + is_expected.to contain_file('mysqlbackup.sh').without_content( + /.*bzcat -zc.*/ + ) + end + end + + it 'should skip backup triggers by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ + ) + end + + it 'should skip backing up routines by default' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ + ) + end + + context 'with include_triggers set to true' do + let(:params) do + default_params.merge({ + :file_per_database => true, + :include_triggers => true + }) + end + + it 'should backup triggers when asked' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"/ + ) + end + end + + context 'with include_triggers set to false' do + let(:params) do + default_params.merge({ + :file_per_database => true, + :include_triggers => false + }) + end + + it 'should skip backing up triggers when asked to skip' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"/ + ) + end + end + + context 'with include_routines set to true' do + let(:params) do + default_params.merge({ + :file_per_database => true, + :include_routines => true + }) + end + + it 'should backup routines when asked' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"/ + ) + end + end + + context 'with include_routines set to false' do + let(:params) do + default_params.merge({ + :file_per_database => true, + :include_triggers => true + }) + end + + it 'should skip backing up routines when asked to skip' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"/ + ) + end + end + end + + context 'with postscript' do + let(:params) do + default_params.merge({ :postscript => 'rsync -a /tmp backup01.local-lan:' }) + end + + it 'should be add postscript' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /rsync -a \/tmp backup01.local-lan:/ + ) + end + end + + context 'with postscripts' do + let(:params) do + default_params.merge({ :postscript => [ + 'rsync -a /tmp backup01.local-lan:', + 'rsync -a /tmp backup02.local-lan:', + ]}) + end + + it 'should be add postscript' do + is_expected.to contain_file('mysqlbackup.sh').with_content( + /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ + ) + end + end + + context 'with the xtrabackup provider' do + let(:params) do + default_params.merge({:provider => 'xtrabackup'}) + end + + it 'should contain the wrapper script' do + is_expected.to contain_file('xtrabackup.sh').with_content( + /^innobackupex\s+"\$@"/ + ) + end + + context 'with prescript defined' do + let(:params) do + default_params.merge({ + :provider => 'xtrabackup', + :prescript => [ + 'rsync -a /tmp backup01.local-lan:', + 'rsync -a /tmp backup02.local-lan:', + ] + }) + end + + it 'should contain the prescript' do + is_expected.to contain_file('xtrabackup.sh').with_content( + /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ + ) + end + end + + context 'with postscript defined' do + let(:params) do + default_params.merge({ + :provider => 'xtrabackup', + :postscript => [ + 'rsync -a /tmp backup01.local-lan:', + 'rsync -a /tmp backup02.local-lan:', + ] + }) + end + + it 'should contain the prostscript' do + is_expected.to contain_file('xtrabackup.sh').with_content( + /.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*/ + ) + end + end + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_monitor_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_monitor_spec.rb new file mode 100644 index 000000000..27fab17d4 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_monitor_spec.rb @@ -0,0 +1,38 @@ +require 'spec_helper' +describe 'mysql::server::monitor' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + let :pre_condition do + "include 'mysql::server'" + end + + let :default_params do + { + :mysql_monitor_username => 'monitoruser', + :mysql_monitor_password => 'monitorpass', + :mysql_monitor_hostname => 'monitorhost', + } + end + + let :params do + default_params + end + + it { is_expected.to contain_mysql_user('monitoruser@monitorhost')} + + it { is_expected.to contain_mysql_grant('monitoruser@monitorhost/*.*').with( + :ensure => 'present', + :user => 'monitoruser@monitorhost', + :table => '*.*', + :privileges => ["PROCESS", "SUPER"], + :require => 'Mysql_user[monitoruser@monitorhost]' + )} + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_mysqltuner_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_mysqltuner_spec.rb new file mode 100644 index 000000000..207246af6 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_mysqltuner_spec.rb @@ -0,0 +1,45 @@ +require 'spec_helper' + +describe 'mysql::server::mysqltuner' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + context 'ensure => present' do + it { is_expected.to compile } + it { is_expected.to contain_staging__file('mysqltuner-v1.3.0').with({ + :source => 'https://github.com/major/MySQLTuner-perl/raw/v1.3.0/mysqltuner.pl', + }) + } + end + + context 'ensure => absent' do + let(:params) {{ :ensure => 'absent' }} + it { is_expected.to compile } + it { is_expected.to contain_file('/usr/local/bin/mysqltuner').with(:ensure => 'absent') } + end + + context 'custom version' do + let(:params) {{ :version => 'v1.2.0' }} + it { is_expected.to compile } + it { is_expected.to contain_staging__file('mysqltuner-v1.2.0').with({ + :source => 'https://github.com/major/MySQLTuner-perl/raw/v1.2.0/mysqltuner.pl', + }) + } + end + + context 'custom source' do + let(:params) {{ :source => '/tmp/foo' }} + it { is_expected.to compile } + it { is_expected.to contain_staging__file('mysqltuner-/tmp/foo').with({ + :source => '/tmp/foo', + }) + } + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_spec.rb new file mode 100644 index 000000000..6f682888a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/classes/mysql_server_spec.rb @@ -0,0 +1,214 @@ +require 'spec_helper' + +describe 'mysql::server' do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + context 'with defaults' do + it { is_expected.to contain_class('mysql::server::install') } + it { is_expected.to contain_class('mysql::server::config') } + it { is_expected.to contain_class('mysql::server::service') } + it { is_expected.to contain_class('mysql::server::root_password') } + it { is_expected.to contain_class('mysql::server::providers') } + end + + context 'with remove_default_accounts set' do + let(:params) {{ :remove_default_accounts => true }} + it { is_expected.to contain_class('mysql::server::account_security') } + end + + context 'when not managing config file' do + let(:params) {{ :manage_config_file => false }} + it { is_expected.to compile.with_all_deps } + end + + context 'mysql::server::install' do + it 'contains the package by default' do + is_expected.to contain_package('mysql-server').with({ + :ensure => :present, + }) + end + context 'with package_manage set to true' do + let(:params) {{ :package_manage => true }} + it { is_expected.to contain_package('mysql-server') } + end + context 'with package_manage set to false' do + let(:params) {{ :package_manage => false }} + it { is_expected.not_to contain_package('mysql-server') } + end + context 'with datadir overridden' do + let(:params) {{ :override_options => { 'mysqld' => { 'datadir' => '/tmp' }} }} + it { is_expected.to contain_mysql_datadir('/tmp') } + end + end + + context 'mysql::server::service' do + context 'with defaults' do + it { is_expected.to contain_service('mysqld') } + end + context 'with package_manage set to true' do + let(:params) {{ :package_manage => true }} + it { is_expected.to contain_service('mysqld').that_requires('Package[mysql-server]') } + end + context 'with package_manage set to false' do + let(:params) {{ :package_manage => false }} + it { is_expected.to contain_service('mysqld') } + it { is_expected.not_to contain_service('mysqld').that_requires('Package[mysql-server]') } + end + context 'service_enabled set to false' do + let(:params) {{ :service_enabled => false }} + + it do + is_expected.to contain_service('mysqld').with({ + :ensure => :stopped + }) + end + context 'with package_manage set to true' do + let(:params) {{ :package_manage => true }} + it { is_expected.to contain_package('mysql-server') } + end + context 'with package_manage set to false' do + let(:params) {{ :package_manage => false }} + it { is_expected.not_to contain_package('mysql-server') } + end + context 'with datadir overridden' do + let(:params) {{ :override_options => { 'mysqld' => { 'datadir' => '/tmp' }} }} + it { is_expected.to contain_mysql_datadir('/tmp') } + end + end + context 'with log-error overridden' do + let(:params) {{ :override_options => { 'mysqld' => { 'log-error' => '/tmp/error.log' }} }} + it { is_expected.to contain_file('/tmp/error.log') } + end + end + + context 'mysql::server::root_password' do + describe 'when defaults' do + it { + is_expected.to contain_exec('remove install pass').with( + :command => 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /.mysql_secret) password \'\' && rm -f /.mysql_secret', + :onlyif => 'test -f /.mysql_secret', + :path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' + ) + } + it { is_expected.not_to contain_mysql_user('root@localhost') } + it { is_expected.not_to contain_file('/root/.my.cnf') } + end + describe 'when root_password set' do + let(:params) {{:root_password => 'SET' }} + it { is_expected.to contain_mysql_user('root@localhost') } + if Puppet.version.to_f >= 3.0 + it { is_expected.to contain_file('/root/.my.cnf').with(:show_diff => false).that_requires('Mysql_user[root@localhost]') } + else + it { is_expected.to contain_file('/root/.my.cnf').that_requires('Mysql_user[root@localhost]') } + end + end + describe 'when root_password set, create_root_user set to false' do + let(:params) {{ :root_password => 'SET', :create_root_user => false }} + it { is_expected.not_to contain_mysql_user('root@localhost') } + if Puppet.version.to_f >= 3.0 + it { is_expected.to contain_file('/root/.my.cnf').with(:show_diff => false) } + else + it { is_expected.to contain_file('/root/.my.cnf') } + end + end + describe 'when root_password set, create_root_my_cnf set to false' do + let(:params) {{ :root_password => 'SET', :create_root_my_cnf => false }} + it { is_expected.to contain_mysql_user('root@localhost') } + it { is_expected.not_to contain_file('/root/.my.cnf') } + end + describe 'when root_password set, create_root_user and create_root_my_cnf set to false' do + let(:params) {{ :root_password => 'SET', :create_root_user => false, :create_root_my_cnf => false }} + it { is_expected.not_to contain_mysql_user('root@localhost') } + it { is_expected.not_to contain_file('/root/.my.cnf') } + end + describe 'when install_secret_file set to /root/.mysql_secret' do + let(:params) {{ :install_secret_file => '/root/.mysql_secret' }} + it { + is_expected.to contain_exec('remove install pass').with( + :command => 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /root/.mysql_secret) password \'\' && rm -f /root/.mysql_secret', + :onlyif => 'test -f /root/.mysql_secret' + ) + } + end + end + + context 'mysql::server::providers' do + describe 'with users' do + let(:params) {{:users => { + 'foo@localhost' => { + 'max_connections_per_hour' => '1', + 'max_queries_per_hour' => '2', + 'max_updates_per_hour' => '3', + 'max_user_connections' => '4', + 'password_hash' => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' + }, + 'foo2@localhost' => {} + }}} + it { is_expected.to contain_mysql_user('foo@localhost').with( + :max_connections_per_hour => '1', + :max_queries_per_hour => '2', + :max_updates_per_hour => '3', + :max_user_connections => '4', + :password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' + )} + it { is_expected.to contain_mysql_user('foo2@localhost').with( + :max_connections_per_hour => nil, + :max_queries_per_hour => nil, + :max_updates_per_hour => nil, + :max_user_connections => nil, + :password_hash => nil + )} + end + + describe 'with grants' do + let(:params) {{:grants => { + 'foo@localhost/somedb.*' => { + 'user' => 'foo@localhost', + 'table' => 'somedb.*', + 'privileges' => ["SELECT", "UPDATE"], + 'options' => ["GRANT"], + }, + 'foo2@localhost/*.*' => { + 'user' => 'foo2@localhost', + 'table' => '*.*', + 'privileges' => ["SELECT"], + }, + }}} + it { is_expected.to contain_mysql_grant('foo@localhost/somedb.*').with( + :user => 'foo@localhost', + :table => 'somedb.*', + :privileges => ["SELECT", "UPDATE"], + :options => ["GRANT"] + )} + it { is_expected.to contain_mysql_grant('foo2@localhost/*.*').with( + :user => 'foo2@localhost', + :table => '*.*', + :privileges => ["SELECT"], + :options => nil + )} + end + + describe 'with databases' do + let(:params) {{:databases => { + 'somedb' => { + 'charset' => 'latin1', + 'collate' => 'latin1', + }, + 'somedb2' => {} + }}} + it { is_expected.to contain_mysql_database('somedb').with( + :charset => 'latin1', + :collate => 'latin1' + )} + it { is_expected.to contain_mysql_database('somedb2')} + end + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/defines/mysql_db_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/defines/mysql_db_spec.rb new file mode 100644 index 000000000..15c00f653 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/defines/mysql_db_spec.rb @@ -0,0 +1,77 @@ +require 'spec_helper' + +describe 'mysql::db', :type => :define do + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts.merge({ + :root_home => '/root', + }) + } + + let(:title) { 'test_db' } + + let(:params) { + { 'user' => 'testuser', + 'password' => 'testpass', + } + } + + it 'should report an error when ensure is not present or absent' do + params.merge!({'ensure' => 'invalid_val'}) + expect { catalogue }.to raise_error(Puppet::Error, + /invalid_val is not supported for ensure\. Allowed values are 'present' and 'absent'\./) + end + + it 'should not notify the import sql exec if no sql script was provided' do + is_expected.to contain_mysql_database('test_db').without_notify + end + + it 'should subscribe to database if sql script is given' do + params.merge!({'sql' => 'test_sql'}) + is_expected.to contain_exec('test_db-import').with_subscribe('Mysql_database[test_db]') + end + + it 'should only import sql script on creation if not enforcing' do + params.merge!({'sql' => 'test_sql', 'enforce_sql' => false}) + is_expected.to contain_exec('test_db-import').with_refreshonly(true) + end + + it 'should import sql script on creation if enforcing' do + params.merge!({'sql' => 'test_sql', 'enforce_sql' => true}) + is_expected.to contain_exec('test_db-import').with_refreshonly(false) + is_expected.to contain_exec('test_db-import').with_command("cat test_sql | mysql test_db") + end + + it 'should import sql scripts when more than one is specified' do + params.merge!({'sql' => ['test_sql', 'test_2_sql']}) + is_expected.to contain_exec('test_db-import').with_command('cat test_sql test_2_sql | mysql test_db') + end + + it 'should report an error if sql isn\'t a string or an array' do + params.merge!({'sql' => {'foo' => 'test_sql', 'bar' => 'test_2_sql'}}) + expect { catalogue }.to raise_error(Puppet::Error, + /\$sql must be either a string or an array\./) + end + + it 'should not create database and database user' do + params.merge!({'ensure' => 'absent', 'host' => 'localhost'}) + is_expected.to contain_mysql_database('test_db').with_ensure('absent') + is_expected.to contain_mysql_user('testuser@localhost').with_ensure('absent') + end + + it 'should create with an appropriate collate and charset' do + params.merge!({'charset' => 'utf8', 'collate' => 'utf8_danish_ci'}) + is_expected.to contain_mysql_database('test_db').with({ + 'charset' => 'utf8', + 'collate' => 'utf8_danish_ci', + }) + end + + it 'should use dbname parameter as database name instead of name' do + params.merge!({'dbname' => 'real_db'}) + is_expected.to contain_mysql_database('real_db') + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/spec.opts b/modules/services/unix/mysql/mysql/module/mysql/spec/spec.opts new file mode 100644 index 000000000..91cd6427e --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper.rb new file mode 100644 index 000000000..22d5d689f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper.rb @@ -0,0 +1,8 @@ +#This file is generated by ModuleSync, do not edit. +require 'puppetlabs_spec_helper/module_spec_helper' + +# put local configuration and setup into spec_helper_local +begin + require 'spec_helper_local' +rescue LoadError +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_acceptance.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..d25f6a8b1 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_acceptance.rb @@ -0,0 +1,65 @@ +require 'beaker-rspec' +require 'beaker/puppet_install_helper' + +run_puppet_install_helper + +UNSUPPORTED_PLATFORMS = [ 'Windows', 'Solaris', 'AIX' ] + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # detect the situation where PUP-5016 is triggered and skip the idempotency tests in that case + # also note how fact('puppetversion') is not available because of PUP-4359 + if fact('osfamily') == 'Debian' && fact('operatingsystemmajrelease') == '8' && shell('puppet --version').stdout =~ /^4\.2/ + c.filter_run_excluding :skip_pup_5016 => true + end + + # Configure all nodes in nodeset + c.before :suite do + # Install module and dependencies + puppet_module_install(:source => proj_root, :module_name => 'mysql') + hosts.each do |host| + # Required for binding tests. + if fact('osfamily') == 'RedHat' + version = fact("operatingsystemmajrelease") + if fact('operatingsystemmajrelease') =~ /7/ || fact('operatingsystem') =~ /Fedora/ + shell("yum install -y bzip2") + end + end + + # Solaris 11 doesn't ship the SSL CA root for the forgeapi server + # therefore we need to use a different way to deploy the module to + # the host + if host['platform'] =~ /solaris-11/i + apply_manifest_on(host, 'package { "git": }') + # PE 3.x and 2015.2 require different locations to install modules + modulepath = host.puppet['modulepath'] + modulepath = modulepath.split(':').first if modulepath + + environmentpath = host.puppet['environmentpath'] + environmentpath = environmentpath.split(':').first if environmentpath + + destdir = modulepath || "#{environmentpath}/production/modules" + on host, "git clone https://github.com/puppetlabs/puppetlabs-stdlib #{destdir}/stdlib && cd #{destdir}/stdlib && git checkout 3.2.0" + on host, "git clone https://github.com/stahnma/puppet-module-epel.git #{destdir}/epel && cd #{destdir}/epel && git checkout 1.0.2" + else + on host, puppet('module','install','puppetlabs-stdlib','--version','3.2.0') + on host, puppet('module','install','stahnma/epel') + end + end + end +end + +shared_examples "a idempotent resource" do + it 'should apply with no errors' do + apply_manifest(pp, :catch_failures => true) + end + + it 'should apply a second time without changes', :skip_pup_5016 do + apply_manifest(pp, :catch_changes => true) + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_local.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_local.rb new file mode 100644 index 000000000..9a86ccd1b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/spec_helper_local.rb @@ -0,0 +1,3 @@ +require 'rspec-puppet-facts' +include RspecPuppetFacts + diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_server_id_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_server_id_spec.rb new file mode 100644 index 000000000..e82a2bce8 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_server_id_spec.rb @@ -0,0 +1,27 @@ +require "spec_helper" + +describe Facter::Util::Fact do + before { + Facter.clear + } + + describe "mysql_server_id" do + context "igalic's laptop" do + before :each do + Facter.fact(:macaddress).stubs(:value).returns('3c:97:0e:69:fb:e1') + end + it do + Facter.fact(:mysql_server_id).value.to_s.should == '66961985441' + end + end + + context "node with lo only" do + before :each do + Facter.fact(:macaddress).stubs(:value).returns('00:00:00:00:00:00') + end + it do + Facter.fact(:mysql_server_id).value.to_s.should == '0' + end + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_version_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_version_spec.rb new file mode 100644 index 000000000..60379f64f --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/facter/mysql_version_spec.rb @@ -0,0 +1,20 @@ +require "spec_helper" + +describe Facter::Util::Fact do + before { + Facter.clear + } + + describe "mysql_version" do + context 'with value' do + before :each do + Facter::Util::Resolution.stubs(:exec).with('mysql --version').returns('mysql Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using readline 5.1') + end + it { + expect(Facter.fact(:mysql_version).value).to eq('5.0.95') + } + end + + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb new file mode 100644 index 000000000..18cb26bfa --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_deepmerge_spec.rb @@ -0,0 +1,91 @@ +#! /usr/bin/env ruby -S rspec + +require 'spec_helper' + +describe Puppet::Parser::Functions.function(:mysql_deepmerge) do + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + describe 'when calling mysql_deepmerge from puppet' do + it "should not compile when no arguments are passed" do + skip("Fails on 2.6.x, see bug #15912") if Puppet.version =~ /^2\.6\./ + Puppet[:code] = '$x = mysql_deepmerge()' + expect { + scope.compiler.compile + }.to raise_error(Puppet::ParseError, /wrong number of arguments/) + end + + it "should not compile when 1 argument is passed" do + skip("Fails on 2.6.x, see bug #15912") if Puppet.version =~ /^2\.6\./ + Puppet[:code] = "$my_hash={'one' => 1}\n$x = mysql_deepmerge($my_hash)" + expect { + scope.compiler.compile + }.to raise_error(Puppet::ParseError, /wrong number of arguments/) + end + end + + describe 'when calling mysql_deepmerge on the scope instance' do + it 'should require all parameters are hashes' do + expect { new_hash = scope.function_mysql_deepmerge([{}, '2'])}.to raise_error(Puppet::ParseError, /unexpected argument type String/) + expect { new_hash = scope.function_mysql_deepmerge([{}, 2])}.to raise_error(Puppet::ParseError, /unexpected argument type Fixnum/) + end + + it 'should accept empty strings as puppet undef' do + expect { new_hash = scope.function_mysql_deepmerge([{}, ''])}.not_to raise_error + end + + it 'should be able to mysql_deepmerge two hashes' do + new_hash = scope.function_mysql_deepmerge([{'one' => '1', 'two' => '1'}, {'two' => '2', 'three' => '2'}]) + expect(new_hash['one']).to eq('1') + expect(new_hash['two']).to eq('2') + expect(new_hash['three']).to eq('2') + end + + it 'should mysql_deepmerge multiple hashes' do + hash = scope.function_mysql_deepmerge([{'one' => 1}, {'one' => '2'}, {'one' => '3'}]) + expect(hash['one']).to eq('3') + end + + it 'should accept empty hashes' do + expect(scope.function_mysql_deepmerge([{},{},{}])).to eq({}) + end + + it 'should mysql_deepmerge subhashes' do + hash = scope.function_mysql_deepmerge([{'one' => 1}, {'two' => 2, 'three' => { 'four' => 4 } }]) + expect(hash['one']).to eq(1) + expect(hash['two']).to eq(2) + expect(hash['three']).to eq({ 'four' => 4 }) + end + + it 'should append to subhashes' do + hash = scope.function_mysql_deepmerge([{'one' => { 'two' => 2 } }, { 'one' => { 'three' => 3 } }]) + expect(hash['one']).to eq({ 'two' => 2, 'three' => 3 }) + end + + it 'should append to subhashes 2' do + hash = scope.function_mysql_deepmerge([{'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } }, {'two' => 'dos', 'three' => { 'five' => 5 } }]) + expect(hash['one']).to eq(1) + expect(hash['two']).to eq('dos') + expect(hash['three']).to eq({ 'four' => 4, 'five' => 5 }) + end + + it 'should append to subhashes 3' do + hash = scope.function_mysql_deepmerge([{ 'key1' => { 'a' => 1, 'b' => 2 }, 'key2' => { 'c' => 3 } }, { 'key1' => { 'b' => 99 } }]) + expect(hash['key1']).to eq({ 'a' => 1, 'b' => 99 }) + expect(hash['key2']).to eq({ 'c' => 3 }) + end + + it 'should equate keys mod dash and underscore' do + hash = scope.function_mysql_deepmerge([{ 'a-b-c' => 1 } , { 'a_b_c' => 10 }]) + expect(hash['a_b_c']).to eq(10) + expect(hash).not_to have_key('a-b-c') + end + + it 'should keep style of the last when keys are euqal mod dash and underscore' do + hash = scope.function_mysql_deepmerge([{ 'a-b-c' => 1, 'b_c_d' => { 'c-d-e' => 2, 'e-f-g' => 3 }} , { 'a_b_c' => 10, 'b-c-d' => { 'c_d_e' => 12 } }]) + expect(hash['a_b_c']).to eq(10) + expect(hash).not_to have_key('a-b-c') + expect(hash['b-c-d']).to eq({ 'e-f-g' => 3, 'c_d_e' => 12 }) + expect(hash).not_to have_key('b_c_d') + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_password_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_password_spec.rb new file mode 100644 index 000000000..2d5feea41 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_password_spec.rb @@ -0,0 +1,37 @@ +require 'spec_helper' + +describe 'the mysql_password function' do + before :all do + Puppet::Parser::Functions.autoloader.loadall + end + + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + it 'should exist' do + expect(Puppet::Parser::Functions.function('mysql_password')).to eq('function_mysql_password') + end + + it 'should raise a ParseError if there is less than 1 arguments' do + expect { scope.function_mysql_password([]) }.to( raise_error(Puppet::ParseError)) + end + + it 'should raise a ParseError if there is more than 1 arguments' do + expect { scope.function_mysql_password(%w(foo bar)) }.to( raise_error(Puppet::ParseError)) + end + + it 'should convert password into a hash' do + result = scope.function_mysql_password(%w(password)) + expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) + end + + it 'should convert an empty password into a empty string' do + result = scope.function_mysql_password([""]) + expect(result).to(eq('')) + end + + it 'should not convert a password that is already a hash' do + result = scope.function_mysql_password(['*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19']) + expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb new file mode 100644 index 000000000..03fb1cb92 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/functions/mysql_table_exists_spec.rb @@ -0,0 +1,26 @@ +require 'spec_helper' + +describe 'the mysql_table_exists function' do + before :all do + Puppet::Parser::Functions.autoloader.loadall + end + + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } + + it 'should exist' do + expect(Puppet::Parser::Functions.function('mysql_table_exists')).to eq('function_mysql_table_exists') + end + + it 'should raise a ParseError if there is less than 1 arguments' do + expect { scope.function_mysql_table_exists([]) }.to( raise_error(Puppet::ParseError)) + end + + it 'should raise a ParserError if argument doesn\'t look like database_name.table_name' do + expect { scope.function_mysql_table_exists(['foo_bar']) }.to( raise_error(Puppet::ParseError)) + end + + it 'should raise a ParseError if there is more than 1 arguments' do + expect { scope.function_mysql_table_exists(%w(foo.bar foo.bar)) }.to( raise_error(Puppet::ParseError)) + end + +end \ No newline at end of file diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb new file mode 100644 index 000000000..465e59dd5 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb @@ -0,0 +1,118 @@ +require 'spec_helper' + +describe Puppet::Type.type(:mysql_database).provider(:mysql) do + + let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } + + let(:raw_databases) do + <<-SQL_OUTPUT +information_schema +mydb +mysql +performance_schema +test + SQL_OUTPUT + end + + let(:parsed_databases) { %w(information_schema mydb mysql performance_schema test) } + + let(:resource) { Puppet::Type.type(:mysql_database).new( + { :ensure => :present, + :charset => 'latin1', + :collate => 'latin1_swedish_ci', + :name => 'new_database', + :provider => described_class.name + } + )} + let(:provider) { resource.provider } + + before :each do + Facter.stubs(:value).with(:root_home).returns('/root') + Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') + File.stubs(:file?).with('/root/.my.cnf').returns(true) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show databases']).returns('new_database') + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "show variables like '%_database'", 'new_database']).returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") + end + + let(:instance) { provider.class.instances.first } + + describe 'self.instances' do + it 'returns an array of databases' do + provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show databases']).returns(raw_databases) + raw_databases.each_line do |db| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "show variables like '%_database'", db.chomp]).returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") + end + databases = provider.class.instances.collect {|x| x.name } + expect(parsed_databases).to match_array(databases) + end + end + + describe 'self.prefetch' do + it 'exists' do + provider.class.instances + provider.class.prefetch({}) + end + end + + describe 'create' do + it 'makes a database' do + provider.expects(:mysql).with([defaults_file, '-NBe', "create database if not exists `#{resource[:name]}` character set `#{resource[:charset]}` collate `#{resource[:collate]}`"]) + provider.expects(:exists?).returns(true) + expect(provider.create).to be_truthy + end + end + + describe 'destroy' do + it 'removes a database if present' do + provider.expects(:mysql).with([defaults_file, '-NBe', "drop database if exists `#{resource[:name]}`"]) + provider.expects(:exists?).returns(false) + expect(provider.destroy).to be_truthy + end + end + + describe 'exists?' do + it 'checks if database exists' do + expect(instance.exists?).to be_truthy + end + end + + describe 'self.defaults_file' do + it 'sets --defaults-extra-file' do + File.stubs(:file?).with('/root/.my.cnf').returns(true) + expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' + end + it 'fails if file missing' do + File.stubs(:file?).with('/root/.my.cnf').returns(false) + expect(provider.defaults_file).to be_nil + end + end + + describe 'charset' do + it 'returns a charset' do + expect(instance.charset).to eq('latin1') + end + end + + describe 'charset=' do + it 'changes the charset' do + provider.expects(:mysql).with([defaults_file, '-NBe', "alter database `#{resource[:name]}` CHARACTER SET blah"]).returns('0') + + provider.charset=('blah') + end + end + + describe 'collate' do + it 'returns a collate' do + expect(instance.collate).to eq('latin1_swedish_ci') + end + end + + describe 'collate=' do + it 'changes the collate' do + provider.expects(:mysql).with([defaults_file, '-NBe', "alter database `#{resource[:name]}` COLLATE blah"]).returns('0') + + provider.collate=('blah') + end + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb new file mode 100644 index 000000000..340562ff8 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb @@ -0,0 +1,71 @@ +require 'spec_helper' + +describe Puppet::Type.type(:mysql_plugin).provider(:mysql) do + + let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } + + let(:resource) { Puppet::Type.type(:mysql_plugin).new( + { :ensure => :present, + :soname => 'auth_socket.so', + :name => 'auth_socket', + :provider => described_class.name + } + )} + let(:provider) { resource.provider } + + before :each do + Facter.stubs(:value).with(:root_home).returns('/root') + Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') + File.stubs(:file?).with('/root/.my.cnf').returns(true) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', 'show plugins']).returns('auth_socket ACTIVE AUTHENTICATION auth_socket.so GPL') + end + + let(:instance) { provider.class.instances.first } + + describe 'self.prefetch' do + it 'exists' do + provider.class.instances + provider.class.prefetch({}) + end + end + + describe 'create' do + it 'loads a plugin' do + provider.expects(:mysql).with([defaults_file, '-NBe', "install plugin #{resource[:name]} soname '#{resource[:soname]}'"]) + provider.expects(:exists?).returns(true) + expect(provider.create).to be_truthy + end + end + + describe 'destroy' do + it 'unloads a plugin if present' do + provider.expects(:mysql).with([defaults_file, '-NBe', "uninstall plugin #{resource[:name]}"]) + provider.expects(:exists?).returns(false) + expect(provider.destroy).to be_truthy + end + end + + describe 'exists?' do + it 'checks if plugin exists' do + expect(instance.exists?).to be_truthy + end + end + + describe 'self.defaults_file' do + it 'sets --defaults-extra-file' do + File.stubs(:file?).with('/root/.my.cnf').returns(true) + expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' + end + it 'fails if file missing' do + File.stubs(:file?).with('/root/.my.cnf').returns(false) + expect(provider.defaults_file).to be_nil + end + end + + describe 'soname' do + it 'returns a soname' do + expect(instance.soname).to eq('auth_socket.so') + end + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb new file mode 100644 index 000000000..7eff67fec --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb @@ -0,0 +1,299 @@ +require 'spec_helper' + +describe Puppet::Type.type(:mysql_user).provider(:mysql) do + + # Output of mysqld -V + mysql_version_string_hash = { + 'mysql-5.5' => + { + :version => '5.5.46', + :string => '/usr/sbin/mysqld Ver 5.5.46-log for Linux on x86_64 (MySQL Community Server (GPL))', + :mysql_type => 'mysql', + }, + 'mysql-5.6' => + { + :version => '5.6.27', + :string => '/usr/sbin/mysqld Ver 5.6.27 for Linux on x86_64 (MySQL Community Server (GPL))', + :mysql_type => 'mysql', + }, + 'mysql-5.7.1' => + { + :version => '5.7.1', + :string => '/usr/sbin/mysqld Ver 5.7.1 for Linux on x86_64 (MySQL Community Server (GPL))', + :mysql_type => 'mysql', + }, + 'mysql-5.7.6' => + { + :version => '5.7.8', + :string => '/usr/sbin/mysqld Ver 5.7.8-rc for Linux on x86_64 (MySQL Community Server (GPL))', + :mysql_type => 'mysql', + }, + 'mariadb-10.0' => + { + :version => '10.0.21', + :string => '/usr/sbin/mysqld Ver 10.0.21-MariaDB for Linux on x86_64 (MariaDB Server)', + :mysql_type => 'mariadb', + }, + 'percona-5.5' => + { + :version => '5.5.39', + :string => 'mysqld Ver 5.5.39-36.0-55 for Linux on x86_64 (Percona XtraDB Cluster (GPL), Release rel36.0, Revision 824, WSREP version 25.11, wsrep_25.11.r4023)', + :mysql_type => 'percona', + }, + } + + let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } + let(:newhash) { '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' } + + let(:raw_users) do + <<-SQL_OUTPUT +root@127.0.0.1 +root@::1 +@localhost +debian-sys-maint@localhost +root@localhost +usvn_user@localhost +@vagrant-ubuntu-raring-64 + SQL_OUTPUT + end + + let(:parsed_users) { %w(root@127.0.0.1 root@::1 @localhost debian-sys-maint@localhost root@localhost usvn_user@localhost @vagrant-ubuntu-raring-64) } + + let(:resource) { Puppet::Type.type(:mysql_user).new( + { :ensure => :present, + :password_hash => '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', + :name => 'joe@localhost', + :max_user_connections => '10', + :max_connections_per_hour => '10', + :max_queries_per_hour => '10', + :max_updates_per_hour => '10', + :provider => described_class.name + } + )} + let(:provider) { resource.provider } + + before :each do + # Set up the stubs for an instances call. + Facter.stubs(:value).with(:root_home).returns('/root') + Facter.stubs(:value).with(:mysql_version).returns('5.6.24') + provider.class.instance_variable_set(:@mysqld_version_string, '5.6.24') + Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') + Puppet::Util.stubs(:which).with('mysqld').returns('/usr/sbin/mysqld') + File.stubs(:file?).with('/root/.my.cnf').returns(true) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns('joe@localhost') + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = 'joe@localhost'"]).returns('10 10 10 10 *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') + end + + let(:instance) { provider.class.instances.first } + + describe 'self.instances' do + it 'returns an array of users MySQL 5.5' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + it 'returns an array of users MySQL 5.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + it 'returns an array of users MySQL >= 5.7.0 < 5.7.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + it 'returns an array of users MySQL >= 5.7.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + it 'returns an array of users mariadb 10.0' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + it 'returns an array of users percona 5.5' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT CONCAT(User, '@',Host) AS User FROM mysql.user"]).returns(raw_users) + parsed_users.each do |user| + provider.class.stubs(:mysql).with([defaults_file, '-NBe', "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'"]).returns('10 10 10 10 ') + end + + usernames = provider.class.instances.collect {|x| x.name } + expect(parsed_users).to match_array(usernames) + end + end + + describe 'mysql version and type detection' do + mysql_version_string_hash.each do |name,line| + version=line[:version] + string=line[:string] + mysql_type=line[:mysql_type] + it "detects type '#{mysql_type}' with version '#{version}'" do + provider.class.instance_variable_set(:@mysqld_version_string, string) + expect(provider.mysqld_version).to eq(version) + expect(provider.mysqld_type).to eq(mysql_type) + end + end + end + + describe 'self.prefetch' do + it 'exists' do + provider.class.instances + provider.class.prefetch({}) + end + end + + describe 'create' do + it 'makes a user' do + provider.expects(:mysql).with([defaults_file, '-e', "CREATE USER 'joe'@'localhost' IDENTIFIED BY PASSWORD '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'"]) + provider.expects(:mysql).with([defaults_file, '-e', "GRANT USAGE ON *.* TO 'joe'@'localhost' WITH MAX_USER_CONNECTIONS 10 MAX_CONNECTIONS_PER_HOUR 10 MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 10"]) + provider.expects(:exists?).returns(true) + expect(provider.create).to be_truthy + end + end + + describe 'destroy' do + it 'removes a user if present' do + provider.expects(:mysql).with([defaults_file, '-e', "DROP USER 'joe'@'localhost'"]) + provider.expects(:exists?).returns(false) + expect(provider.destroy).to be_truthy + end + end + + describe 'exists?' do + it 'checks if user exists' do + expect(instance.exists?).to be_truthy + end + end + + describe 'self.mysqld_version' do + it 'queries mysql if unset' do + provider.class.instance_variable_set(:@mysqld_version_string, nil) + provider.class.expects(:mysqld).with(['-V']) + expect(provider.mysqld_version).to be_nil + end + it 'returns 5.7.6 for "mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))"' do + provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))') + expect(provider.mysqld_version).to eq '5.7.6' + end + it 'returns 5.7.6 for "mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))"' do + provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))') + expect(provider.mysqld_version).to eq '5.7.6' + end + it 'detects >= 5.7.6 for 5.7.7-log' do + provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.7-log for Linux on x86_64 (MySQL Community Server (GPL))') + expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be >= 0 + end + it 'detects < 5.7.6 for 5.7.5-log' do + provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.5-log for Linux on x86_64 (MySQL Community Server (GPL))') + expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be < 0 + end + end + + describe 'self.defaults_file' do + it 'sets --defaults-extra-file' do + File.stubs(:file?).with('/root/.my.cnf').returns(true) + expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' + end + it 'fails if file missing' do + File.expects(:file?).with('/root/.my.cnf').returns(false) + expect(provider.defaults_file).to be_nil + end + end + + describe 'password_hash' do + it 'returns a hash' do + expect(instance.password_hash).to eq('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') + end + end + + describe 'password_hash=' do + it 'changes the hash mysql 5.5' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + it 'changes the hash mysql 5.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + it 'changes the hash mysql < 5.7.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + it 'changes the hash MySQL >= 5.7.6' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "ALTER USER 'joe'@'localhost' IDENTIFIED WITH mysql_native_password AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + it 'changes the hash mariadb-10.0' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + it 'changes the hash percona-5.5' do + provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) + provider.expects(:mysql).with([defaults_file, '-e', "SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'"]).returns('0') + + provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + provider.password_hash=('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') + end + end + + ['max_user_connections', 'max_connections_per_hour', 'max_queries_per_hour', + 'max_updates_per_hour'].each do |property| + + describe property do + it "returns #{property}" do + expect(instance.send("#{property}".to_sym)).to eq('10') + end + end + + describe "#{property}=" do + it "changes #{property}" do + provider.expects(:mysql).with([defaults_file, '-e', "GRANT USAGE ON *.* TO 'joe'@'localhost' WITH #{property.upcase} 42"]).returns('0') + provider.expects(property.to_sym).returns('42') + provider.send("#{property}=".to_sym, '42') + end + end + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_database_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_database_spec.rb new file mode 100644 index 000000000..7897d8109 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_database_spec.rb @@ -0,0 +1,29 @@ +require 'puppet' +require 'puppet/type/mysql_database' +describe Puppet::Type.type(:mysql_database) do + + before :each do + @user = Puppet::Type.type(:mysql_database).new(:name => 'test', :charset => 'utf8', :collate => 'utf8_blah_ci') + end + + it 'should accept a database name' do + expect(@user[:name]).to eq('test') + end + + it 'should accept a charset' do + @user[:charset] = 'latin1' + expect(@user[:charset]).to eq('latin1') + end + + it 'should accept a collate' do + @user[:collate] = 'latin1_swedish_ci' + expect(@user[:collate]).to eq('latin1_swedish_ci') + end + + it 'should require a name' do + expect { + Puppet::Type.type(:mysql_database).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_grant_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_grant_spec.rb new file mode 100644 index 000000000..9b33058bc --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_grant_spec.rb @@ -0,0 +1,74 @@ +require 'puppet' +require 'puppet/type/mysql_grant' +describe Puppet::Type.type(:mysql_grant) do + + before :each do + @user = Puppet::Type.type(:mysql_grant).new(:name => 'foo@localhost/*.*', :privileges => ['ALL', 'PROXY'], :table => ['*.*','@'], :user => 'foo@localhost') + end + + it 'should accept a grant name' do + expect(@user[:name]).to eq('foo@localhost/*.*') + end + + it 'should accept ALL privileges' do + @user[:privileges] = 'ALL' + expect(@user[:privileges]).to eq(['ALL']) + end + + it 'should accept PROXY privilege' do + @user[:privileges] = 'PROXY' + expect(@user[:privileges]).to eq(['PROXY']) + end + + it 'should accept a table' do + @user[:table] = '*.*' + expect(@user[:table]).to eq('*.*') + end + + it 'should accept @ for table' do + @user[:table] = '@' + expect(@user[:table]).to eq('@') + end + + it 'should accept a user' do + @user[:user] = 'foo@localhost' + expect(@user[:user]).to eq('foo@localhost') + end + + it 'should require a name' do + expect { + Puppet::Type.type(:mysql_grant).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + + it 'should require the name to match the user and table' do + expect { + Puppet::Type.type(:mysql_grant).new(:name => 'foo', :privileges => ['ALL', 'PROXY'], :table => ['*.*','@'], :user => 'foo@localhost') + }.to raise_error /name must match user and table parameters/ + end + + describe 'it should munge privileges' do + + it 'to just ALL' do + @user = Puppet::Type.type(:mysql_grant).new( + :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', + :privileges => ['ALL', 'PROXY'] ) + expect(@user[:privileges]).to eq(['ALL']) + end + + it 'to upcase and ordered' do + @user = Puppet::Type.type(:mysql_grant).new( + :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', + :privileges => ['select', 'Insert'] ) + expect(@user[:privileges]).to eq(['INSERT', 'SELECT']) + end + + it 'ordered including column privileges' do + @user = Puppet::Type.type(:mysql_grant).new( + :name => 'foo@localhost/*.*', :table => ['*.*','@'], :user => 'foo@localhost', + :privileges => ['SELECT(Host,Address)', 'Insert'] ) + expect(@user[:privileges]).to eq(['INSERT', 'SELECT (Address, Host)']) + end + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb new file mode 100644 index 000000000..e94c518b7 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb @@ -0,0 +1,24 @@ +require 'puppet' +require 'puppet/type/mysql_plugin' +describe Puppet::Type.type(:mysql_plugin) do + + before :each do + @plugin = Puppet::Type.type(:mysql_plugin).new(:name => 'test', :soname => 'test.so') + end + + it 'should accept a plugin name' do + expect(@plugin[:name]).to eq('test') + end + + it 'should accept a library name' do + @plugin[:soname] = 'test.so' + expect(@plugin[:soname]).to eq('test.so') + end + + it 'should require a name' do + expect { + Puppet::Type.type(:mysql_plugin).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_user_spec.rb b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_user_spec.rb new file mode 100644 index 000000000..24530d8a3 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/spec/unit/puppet/type/mysql_user_spec.rb @@ -0,0 +1,131 @@ +require 'puppet' +require 'puppet/type/mysql_user' +describe Puppet::Type.type(:mysql_user) do + + context "On MySQL 5.x" do + let(:facts) {{ :mysql_version => '5.6.24' }} + it 'should fail with a long user name' do + expect { + Puppet::Type.type(:mysql_user).new({:name => '12345678901234567@localhost', :password_hash => 'pass'}) + }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ + end + end + + context "On MariaDB 10.0.0+" do + let(:facts) {{ :mysql_version => '10.0.19' }} + it 'should succeed with a long user name on MariaDB' do + expect { + Puppet::Type.type(:mysql_user).new({:name => '12345678901234567@localhost', :password_hash => 'pass'}) + }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ + end + end + + it 'should require a name' do + expect { + Puppet::Type.type(:mysql_user).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + + context 'using foo@localhost' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@localhost', :password_hash => 'pass') + end + + it 'should accept a user name' do + expect(@user[:name]).to eq('foo@localhost') + end + + it 'should accept a password' do + @user[:password_hash] = 'foo' + expect(@user[:password_hash]).to eq('foo') + end + end + + context 'using foo@LocalHost' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@LocalHost', :password_hash => 'pass') + end + + it 'should lowercase the user name' do + expect(@user[:name]).to eq('foo@localhost') + end + end + + context 'using foo@192.168.1.0/255.255.255.0' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'foo@192.168.1.0/255.255.255.0', :password_hash => 'pass') + end + + it 'should create the user with the netmask' do + expect(@user[:name]).to eq('foo@192.168.1.0/255.255.255.0') + end + end + + context 'using allo_wed$char@localhost' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'allo_wed$char@localhost', :password_hash => 'pass') + end + + it 'should accept a user name' do + expect(@user[:name]).to eq('allo_wed$char@localhost') + end + end + + context 'ensure the default \'debian-sys-main\'@localhost user can be parsed' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => '\'debian-sys-maint\'@localhost', :password_hash => 'pass') + end + + it 'should accept a user name' do + expect(@user[:name]).to eq('\'debian-sys-maint\'@localhost') + end + end + + context 'using a quoted 16 char username' do + let(:facts) {{ :mysql_version => '5.6.24' }} + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint"@localhost', :password_hash => 'pass') + end + + it 'should accept a user name' do + expect(@user[:name]).to eq('"debian-sys-maint"@localhost') + end + end + + context 'using a quoted username that is too long ' do + let(:facts) {{ :mysql_version => '5.6.24' }} + it 'should fail with a size error' do + expect { + Puppet::Type.type(:mysql_user).new(:name => '"debian-sys-maint2"@localhost', :password_hash => 'pass') + }.to raise_error /MySQL usernames are limited to a maximum of 16 characters/ + end + end + + context 'using `speci!al#`@localhost' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => '`speci!al#`@localhost', :password_hash => 'pass') + end + + it 'should accept a quoted user name with special chatracters' do + expect(@user[:name]).to eq('`speci!al#`@localhost') + end + end + + context 'using in-valid@localhost' do + before :each do + @user = Puppet::Type.type(:mysql_user).new(:name => 'in-valid@localhost', :password_hash => 'pass') + end + + it 'should accept a user name with special chatracters' do + expect(@user[:name]).to eq('in-valid@localhost') + end + end + + context 'using "misquoted@localhost' do + it 'should fail with a misquoted username is used' do + expect { + Puppet::Type.type(:mysql_user).new(:name => '"misquoted@localhost', :password_hash => 'pass') + }.to raise_error /Invalid database user "misquoted@localhost/ + end + end +end diff --git a/modules/services/unix/mysql/mysql/module/mysql/templates/meb.cnf.erb b/modules/services/unix/mysql/mysql/module/mysql/templates/meb.cnf.erb new file mode 100644 index 000000000..d157af99a --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/templates/meb.cnf.erb @@ -0,0 +1,18 @@ +### MANAGED BY PUPPET ### + +<% @options.sort.map do |k,v| -%> +<% if v.is_a?(Hash) -%> +[<%= k %>] +<% v.sort.map do |ki, vi| -%> +<% if vi == true or v == '' -%> +<%= ki %> +<% elsif vi.is_a?(Array) -%> +<% vi.each do |vii| -%> +<%= ki %> = <%= vii %> +<% end -%> +<% elsif ![nil, '', :undef].include?(vi) -%> +<%= ki %> = <%= vi %> +<% end -%> +<% end -%> +<% end %> +<% end -%> diff --git a/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.erb b/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.erb new file mode 100644 index 000000000..7d1f1486b --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.erb @@ -0,0 +1,24 @@ +### MANAGED BY PUPPET ### + +<% @options.sort.map do |k,v| -%> +<% if v.is_a?(Hash) -%> +[<%= k %>] +<% v.sort.map do |ki, vi| -%> +<% if ki == 'ssl-disable' or (ki =~ /^ssl/ and v['ssl-disable'] == true) -%> +<% next %> +<% elsif vi == true or vi == '' -%> +<%= ki %> +<% elsif vi.is_a?(Array) -%> +<% vi.each do |vii| -%> +<%= ki %> = <%= vii %> +<% end -%> +<% elsif ![nil, '', :undef].include?(vi) -%> +<%= ki %> = <%= vi %> +<% end -%> +<% end -%> +<% end %> +<% end -%> + +<% if @includedir and @includedir != '' %> +!includedir <%= @includedir %> +<% end %> diff --git a/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.pass.erb b/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.pass.erb new file mode 100644 index 000000000..b82cca3f7 --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/templates/my.cnf.pass.erb @@ -0,0 +1,11 @@ +### MANAGED BY PUPPET ### + +<% %w(mysql client mysqldump mysqladmin mysqlcheck).each do |section| %> +[<%= section -%>] +user=root +host=localhost +<% unless scope.lookupvar('mysql::server::root_password') == 'UNSET' -%> +password='<%= scope.lookupvar('mysql::server::root_password') %>' +<% end -%> +socket=<%= @options['client']['socket'] %> +<% end %> diff --git a/modules/services/unix/mysql/mysql/module/mysql/templates/mysqlbackup.sh.erb b/modules/services/unix/mysql/mysql/module/mysql/templates/mysqlbackup.sh.erb new file mode 100755 index 000000000..42464329c --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/templates/mysqlbackup.sh.erb @@ -0,0 +1,100 @@ +<%- if @kernel == 'Linux' -%> +#!/bin/bash +<%- else -%> +#!/bin/sh +<%- end -%> +# +# MySQL Backup Script +# Dumps mysql databases to a file for another backup tool to pick up. +# +# MySQL code: +# GRANT SELECT, RELOAD, LOCK TABLES ON *.* TO 'user'@'localhost' +# IDENTIFIED BY 'password'; +# FLUSH PRIVILEGES; +# +##### START CONFIG ################################################### + +USER=<%= @backupuser %> +PASS='<%= @backuppassword %>' +DIR=<%= @backupdir %> +ROTATE=<%= [ Integer(@backuprotate) - 1, 0 ].max %> + +# Create temporary mysql cnf file. +TMPFILE=`mktemp /tmp/backup.XXXXXX` || exit 1 +echo -e "[client]\npassword=$PASS\nuser=$USER" > $TMPFILE + +PREFIX=mysql_backup_ +<% if @ignore_events %> +ADDITIONAL_OPTIONS="--ignore-table=mysql.event" +<% else %> +ADDITIONAL_OPTIONS="--events" +<% end %> +<%# Only include routines or triggers if we're doing a file per database -%> +<%# backup. This happens if we named databases, or if we explicitly set -%> +<%# file per database mode -%> +<% if !@backupdatabases.empty? || @file_per_database -%> +<% if @include_triggers -%> +ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --triggers" +<% else -%> +ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --skip-triggers" +<% end -%> +<% if @include_routines -%> +ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --routines" +<% else -%> +ADDITIONAL_OPTIONS="$ADDITIONAL_OPTIONS --skip-routines" +<% end -%> +<% end -%> + +##### STOP CONFIG #################################################### +PATH=<%= @execpath %> + + + +<%- if @kernel == 'Linux' -%> +set -o pipefail +<%- end -%> + +cleanup() +{ + find "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | xargs -0 -r rm -f +} + +<% if @delete_before_dump -%> +cleanup + +<% end -%> +<% if @backupdatabases.empty? -%> +<% if @file_per_database -%> +mysql --defaults-file=$TMPFILE -s -r -N -e 'SHOW DATABASES' | while read dbname +do + mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ + ${ADDITIONAL_OPTIONS} \ + ${dbname} <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}${dbname}_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> +done +<% else -%> +mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ + ${ADDITIONAL_OPTIONS} \ + --all-databases <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> +<% end -%> +<% else -%> +<% @backupdatabases.each do |db| -%> +mysqldump --defaults-file=$TMPFILE --opt --flush-logs --single-transaction \ + ${ADDITIONAL_OPTIONS} \ + <%= db %><% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}<%= db %>_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> +<% end -%> +<% end -%> + +<% unless @delete_before_dump -%> +if [ $? -eq 0 ] ; then + cleanup +fi +<% end -%> + +<% if @postscript -%> + <%- [@postscript].flatten.compact.each do |script|%> +<%= script %> + <%- end -%> +<% end -%> + +# Remove temporary file +rm -f $TMPFILE diff --git a/modules/services/unix/mysql/mysql/module/mysql/templates/xtrabackup.sh.erb b/modules/services/unix/mysql/mysql/module/mysql/templates/xtrabackup.sh.erb new file mode 100644 index 000000000..14493983e --- /dev/null +++ b/modules/services/unix/mysql/mysql/module/mysql/templates/xtrabackup.sh.erb @@ -0,0 +1,21 @@ +<%- if @kernel == 'Linux' -%> +#!/bin/bash +<%- else -%> +#!/bin/sh +<%- end -%> +# +# A wrapper for Xtrabackup +# +<% if @prescript -%> + <%- [@prescript].flatten.compact.each do |script| %> +<%= script %> + <%- end -%> +<% end -%> + +innobackupex "$@" + +<% if @postscript -%> + <%- [@postscript].flatten.compact.each do |script| %> +<%= script %> + <%- end -%> +<% end -%> From 1e40e2e3d668bbab89baf0fa244706e0acf6e4ef Mon Sep 17 00:00:00 2001 From: Emilia Lewandowska Date: Tue, 29 Mar 2016 18:26:58 +0100 Subject: [PATCH 10/13] Relates to SG-31: Moves managers into logical directory --- lib/{ => managers}/base_manager.rb | 0 lib/{ => managers}/network_manager.rb | 0 lib/{ => managers}/service_manager.rb | 0 lib/systemreader.rb | 6 +++--- 4 files changed, 3 insertions(+), 3 deletions(-) rename lib/{ => managers}/base_manager.rb (100%) rename lib/{ => managers}/network_manager.rb (100%) rename lib/{ => managers}/service_manager.rb (100%) diff --git a/lib/base_manager.rb b/lib/managers/base_manager.rb similarity index 100% rename from lib/base_manager.rb rename to lib/managers/base_manager.rb diff --git a/lib/network_manager.rb b/lib/managers/network_manager.rb similarity index 100% rename from lib/network_manager.rb rename to lib/managers/network_manager.rb diff --git a/lib/service_manager.rb b/lib/managers/service_manager.rb similarity index 100% rename from lib/service_manager.rb rename to lib/managers/service_manager.rb diff --git a/lib/systemreader.rb b/lib/systemreader.rb index 86d46cffe..2bff9e13a 100644 --- a/lib/systemreader.rb +++ b/lib/systemreader.rb @@ -1,7 +1,7 @@ require_relative 'configuration.rb' -require_relative 'network_manager.rb' -require_relative 'service_manager.rb' -require_relative 'base_manager.rb' +require_relative 'managers/network_manager' +require_relative 'managers/service_manager' +require_relative 'managers/base_manager' require_relative 'helpers/vulnerability_processor' require_relative 'objects/base_box' require_relative 'objects/network' From 31215bbbe9a62a7e866676e6e2ed592cfa5da390 Mon Sep 17 00:00:00 2001 From: Emilia Lewandowska Date: Tue, 29 Mar 2016 18:37:38 +0100 Subject: [PATCH 11/13] Relates to SG-33: Updates readme with current information. --- README.md | 87 ++++++++++++------------------------------------------- 1 file changed, 19 insertions(+), 68 deletions(-) diff --git a/README.md b/README.md index 6ae510d9a..b5c2b7618 100644 --- a/README.md +++ b/README.md @@ -38,90 +38,41 @@ It should work on most linux distros but if there are any problems contact me. Usage -- -ruby securitysimulator.rb -r -This will create you a new project in /projects/Project and will create a Vagrant File / Report for you to view and see what has been installed, this will also give you a feel for how Vagrant spins up virtual machines. +```bash +ruby secgen.rb +``` + +SecGen accepts arguments to change the way that it behaves, the currently implemented arguments are: + +``` + --run, -r: builds vagrant config and then builds the VMs + --build-config, -c: builds vagrant config, but does not build VMs + --build-vms, -v: builds VMs from previously generated vagrant config + --help, -h: shows this usage information +``` + Puppet -- -mount/puppet/module -contains all currently useable puppet module some self-created some taken from https://forge.puppetlabs.com/ +The puppet modules that are currently included can be found under the 'modules' directory. -mount/puppet/manifests -contains all the includes and modifications that are used to create vulnerabilities e.g - -include nfslewis::config - -which includes all of the class information of nfslewis and config.pp +Please see the wiki for guides on contributing modules to SecGen to learn more about puppet and understand the code check out http://puppetlabs.com/ -Boxes --- -by default the 'system machines' are specified to boxes.xml you will need to modify this file to create a new system e.g. - -each system must be incremented by system3, system4, etc to work. Each vulnerability must match a type from vulns.xml or be blank or you will be returned an error. - -Networking --- -by default the networking is specified in networks.xml you will need to modify the range to you want. Each network is set to a range e.g: - - -You can modify this to whatever range you desire and vagrant will build it. - -An example of how the program sets up the ip range for each system: - -System1 - - homeonly1 = 172.16.0.10 - homeonly2 = 172.17.0.10 - -System2 - - homeonly1 = 172.16.0.20 - homeonly2 = 172.17.0.20 - -The reason why is in lib/templates/vagrantbase.erb it appends the system number along with a 0 at the end to remove the issue of system1 being on the .1 network. - Bases -- -Currently the only tested base is puppettest, however any debian system should work if it has puppet installed, you can add new bases to bases.xml by following the current structure. +by default the 'system machines' are specified to bases.xml you will need to modify this file to create a new system e.g. -Vulnerabilities --- -Vulnerabilities are specified in vulns.xml, these are the 'useable' vulnerabilities currently, so when specifing vulnerabilities in boxes.xml you must use from this list or leave the name blank. current automated vulnerabilities are: - - ftp - commandinjection - nfs - samba - writeableshadow - distcc - ftpbackdoor - sqlinjection - -Kali --- -A Kali image is built with every project, this is very slow and can be tedious, if you already have your own hack lab then you can remove this from vagrantbase.erb, but you will need to modify your IP address so it is on the network range, or modify networks.xml. +each system must be incremented by system3, system4, etc to work. Mount -- -the mount file contains all of the puppet information, ssh keys for the default kali image, along with files to be transfered during the installation phase, this is mounted to each machine but removed once the installation has completed. - -Cleanup --- -After each system is installed, the systems will clean up after itself. - - Removes internet access to each host - unmounting the /mount/ - clober files to all look like they were installed in 2006 - change vagrant password +When initialized, SecGen will bootstrap itself and move all currently implemented puppet modules into the 'mount' directory. Contributing -- -If you like the idea of SecGen, you are more than welcome to contribute to the project. +If you like the idea of SecGen, you are more than welcome to contribute to the project, please see the wiki for guidance on how to contribute -Contact --- -If you need to reach me my email is: lewisardern [at] live.co.uk From bdfcf1b91cd6550305ed0287f74ed78def24cc5f Mon Sep 17 00:00:00 2001 From: Emilia Lewandowska Date: Tue, 29 Mar 2016 18:39:27 +0100 Subject: [PATCH 12/13] Relates to SG-32: Updates readme with current information. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index b5c2b7618..609bd6682 100644 --- a/README.md +++ b/README.md @@ -76,3 +76,5 @@ Contributing -- If you like the idea of SecGen, you are more than welcome to contribute to the project, please see the wiki for guidance on how to contribute +The SecGen team have prepared a VM located at: https://drive.google.com/open?id=0B6fyxD2qGmUIaXpDZElKczdQYW8 to make +contributing for SecGen easier, it includes Ruby, git and RubyMine pre-installed, however, some tweaking may be required. From 06a5be0608ff64b53f1430aae1b52d656e442c4d Mon Sep 17 00:00:00 2001 From: Connor Wilson Date: Tue, 29 Mar 2016 19:14:11 +0100 Subject: [PATCH 13/13] updates scenario.xml --- config/scenario.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/scenario.xml b/config/scenario.xml index cf07f04b6..9edcb24fd 100644 --- a/config/scenario.xml +++ b/config/scenario.xml @@ -2,10 +2,11 @@ + - + -->