blob: 822dea515658f6a76ec35de2dd96f9b241d1f8f1 [file] [log] [blame]
Filip Pytloun410abc42015-10-06 16:28:31 +02001======
2Apache
3======
4
5Install and configure Apache webserver
6
7Available states
8================
9
10.. contents::
11 :local:
12
13``apache.server``
14--------------------
15
16Setup apache server
17
18Available metadata
19==================
20
21.. contents::
22 :local:
23
24``metadata.apache.server.single``
25--------------------------
26
27Setup basic server
28
29Configuration parameters
30========================
31
32
33Example reclass
34===============
35
36Simple Apache proxy
37
38.. code-block:: yaml
39
40 apache:
41 server:
42 enabled: true
43 bind:
44 address: '0.0.0.0'
45 ports:
46 - 80
47 modules:
48 - proxy
49 - proxy_http
50 - proxy_balancer
51
52
53Apache plain static sites (eg. sphinx generated, from git/hg sources)
54
55.. code-block:: yaml
56
57 apache:
58 server:
59 enabled: true
60 bind:
61 address: '0.0.0.0'
62 ports:
63 - 80
64 modules:
65 - rewrite
66 - status
67 site:
68 - enabled: true
69 name: 'sphinxdoc'
70 type: 'static'
71 host:
72 name: 'doc.domain.com'
73 port: 80
74 source:
75 engine: local
76 - enabled: true
77 name: 'impressjs'
78 type: 'static'
79 host:
80 name: 'pres.domain.com'
81 port: 80
82 source:
83 engine: git
84 address: 'git@repo1.domain.cz:impress/billometer.git'
85 revision: 'master'
86
Filip Pytlounc135fa52015-11-25 12:28:45 +010087Tune settings of mpm_prefork
88
89.. code-block:: yaml
90
91 parameters:
92 apache:
93 mpm:
94 prefork:
95 max_clients: 250
96 servers:
97 min: 32
98 max: 64
99 max_requests: 4000
100
Filip Pytloun590b5792016-01-27 11:24:29 +0100101Apache kerberos authentication:
102
103.. code-block:: yaml
104
105 parameters
106 apache:
107 server:
108 site:
109 auth:
110 engine: kerberos
111 name: "Kerberos Authentication"
112 require:
113 - "ldap-attribute memberOf='cn=somegroup,cn=groups,cn=accounts,dc=example,dc=com'"
114
115 kerberos:
116 realms:
117 - EXAMPLE.COM
118 # Bellow is optional
119 keytab: /etc/apache2/ipa.keytab
120 service: HTTP
121 method:
122 negotiate: true
123 k5passwd: true
124
125 ldap:
126 url: "ldaps://idm01.example.com/dc=example,dc=com?krbPrincipalName"
127 # mech is optional
128 mech: GSSAPI
129
Filip Pytloun410abc42015-10-06 16:28:31 +0200130Example pillar
131==============
132
133Roundcube webmail, postfixadmin and mailman
134
135.. code-block:: yaml
136
137 classes:
138 - service.apache.server.single
139 parameters:
140 apache:
141 server:
jan kaufman75aae5c2016-01-26 14:49:12 +0100142 enabled: true
Filip Pytloun410abc42015-10-06 16:28:31 +0200143 modules:
144 - cgi
145 - php
146 site:
147 roundcube:
148 enabled: true
149 type: static
150 name: roundcube
151 root: /usr/share/roundcube
152 locations:
153 - uri: /admin
154 path: /usr/share/postfixadmin
155 - uri: /mailman
156 path: /usr/lib/cgi-bin/mailman
157 script: true
158 - uri: /pipermail
159 path: /var/lib/mailman/archives/public
160 - uri: /images/mailman
161 path: /usr/share/images/mailman
162 host:
163 name: mail.example.com
164 aliases:
165 - mail.example.com
166 - lists.example.com
167 - mail01.example.com
168 - mail01
169
170Read more
171=========
172
173* https://httpd.apache.org/docs/