Add ability to disable apache modules
Introduce a new pillar apache:server:mods that is a dictionary with
the new module metadata. It will allow to manage apache modules by
setting "status: disabled/enabled".
Change-Id: I4ef85ce426f92e01a15e0fbcdb1370d68c1cf736
Related-Prod: PROD-23524
diff --git a/README.rst b/README.rst
index 6578abe..b99b3c1 100644
--- a/README.rst
+++ b/README.rst
@@ -441,6 +441,17 @@
start_period: 600
end_period: 1200
+Apache modules management
+
+.. code-block:: yaml
+
+ apache:
+ server:
+ mods:
+ status:
+ enabled: True
+ status: 'disabled'
+
More Information
================
diff --git a/apache/server/service/modules.sls b/apache/server/service/modules.sls
index d48e012..1e12078 100644
--- a/apache/server/service/modules.sls
+++ b/apache/server/service/modules.sls
@@ -76,4 +76,38 @@
{%- endfor %}
+{%- if server.mods is defined %}
+
+{%- for _module, _params in server.mods.iteritems() %}
+
+ {%- if _params.enabled == true %}
+ {%- if _params.status == 'enabled' %}
+
+apache_{{ _module }}_enable:
+ cmd.run:
+ - name: "a2enmod {{ _module }} -q"
+ - creates: /etc/apache2/mods-enabled/{{ _module }}.load
+ - require:
+ - pkg: apache_packages
+ - watch_in:
+ - service: apache_service
+
+ {%- else %}
+
+apache_{{ _module }}_disable:
+ cmd.run:
+ - name: "a2dismod {{ _module }} -q"
+ - require:
+ - pkg: apache_packages
+ - watch_in:
+ - service: apache_service
+ - onlyif:
+ - test -f /etc/apache2/mods-enabled/{{ _module }}.load
+
+ {%- endif %}
+ {%- endif %}
+
+{%- endfor %}
+{%- endif %}
+
{%- endif %}
diff --git a/tests/pillar/apache_server_php7_ssl.sls b/tests/pillar/apache_server_php7_ssl.sls
index 8859b58..55c8264 100644
--- a/tests/pillar/apache_server_php7_ssl.sls
+++ b/tests/pillar/apache_server_php7_ssl.sls
@@ -30,6 +30,10 @@
- dav
- dav_fs
- ssl
+ mods:
+ status:
+ enabled: True
+ status: 'disabled'
module_php: php7.0
user:
cloudlab: