New definition apache::listen for managing Listen directives.

6173383e · Thomas Bellman · ba52c0ea · 6173383e · 6173383e
Commit 6173383e authored 11 years ago by Thomas Bellman
--- a/manifests/listen.pp
+++ b/manifests/listen.pp
+# Copyright (C) 2014 Thomas Bellman.
+# Licensed under the GNU LGPL v3+; see the README file for more information.
+import "nsc-puppet-utils"
+/*
+ * Configure Apache to listen on a set of addresses/ports/protocols.
+ *
+ * The addresses, ports and protocols to listen on is specified as a
+ * list of URLs (without any path components).  Host names in the URL
+ * will be resolved to IP addressess before being given to Apache.  The
+ * port to listen on will be determined based on the protocol, unless
+ * specified explicitly.
+ *
+ * Some examples:
+ *
+ *  - http://www.example.com/	Protocol HTTP, address www.example.com, port 80
+ *				The domain name (www.example.com) will be
+ *				resolved to an IP address at compile time.
+ *   ftp://[::1]:4711/		FTP, IPv6 address ::1, port 4711
+ *   https://*:8443/		HTTPS, INADDR_ANY, port 8443
+ *   https://[www1]/		HTTP, address "www1", port 80
+ *				The address "www1" will _not_ be resolved to
+ *				an IP address.
+ *
+ * Note that it is not possible to listen to the same address/port
+ * combination more than once, so named virtual hosts need to coordinate
+ * the set of listening addresses between themselves.  This is not
+ * enforced by this definition, but by Apache.
+ */
+define apache::listen($urls)
+{
+    include apache::listen::no_global_listen
+    apache::include_file {
+	"_Listen_${name}":
+	    content => template('apache/listen.erb');
+    }
+}
+/*
+ * Internal helper class for apache::listen.
+ */
+class apache::listen::no_global_listen
+{
+    include apache
+    comment_lines {
+	'apache::listen::no_global_listen':
+	    file => $apache::configfile,
+	    pattern => '^\s*Listen(\s|$).*$',
+	    comment => '##--';
+    }
+}
--- a/templates/listen.erb
+++ b/templates/listen.erb
+<%
+    listen_on = []
+    [@urls].flatten.sort.uniq.each { |u|
+	u =~ /^([a-z]*):\/\/([^:\/]+|\[[^\[\]]+\])(:([0-9]+))?\/?$/
+	(schema,host,port) = $1,$2,$4
+	if host == ''
+	    host = @name
+	end
+	if host == '*'
+	    addr = host
+	elsif host =~ /^\[[0-9a-f:]*:[0-9a-f:]*\]$/
+	    addr = host    # IPv6 numeric address "[0000:1111::eeee:ffff]"
+	elsif host =~ /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/
+	    addr = host    # IPv4 numeric address "111.222.333.444"
+	elsif host =~ /^\[(.+)\]$/
+	    # Hostname within brackets "[www.example.com]", not to be resolved
+	    host = addr = $1
+	else
+	    addr = scope.function_resolve_ipnets([host, 'failerrors'])
+	end
+	if port == nil
+	    if schema == 'http'
+		port = '80'
+	    elsif schema == 'https'
+		port = '443'
+	    elsif schema == 'ftp'
+		port = '21'
+	    else
+		raise(Puppet::Error, "Unknown URL schema and no port: #{u}")
+	    end
+	end
+	listen_on << addr + ':' + port + ' ' + schema
+    }
+    listen_on.sort!.uniq!
+-%>
+<% listen_on.each do |listen_spec| -%>
+Listen <%= listen_spec %>
+<% end -%>