I'm trying to enable .htaccess files in Apache using Vagrant and Puppet. When I add the "override" parameter to my vhost config and run "vagrant up", I get an error:
Invalid parameter override in [...]
When I remove that line, the vm boots perfectly and runs. Except, .htaccess files are ignored.
Here's my vhost config:
apache::vhost { 'local.testsite':
server_name => 'local.testsite',
serveraliases => [],
docroot => '/var/www/',
port => '80',
env_variables => [],
priority => '1',
override => ["All"],
}
Why am I getting this error and how can I fix it?
If you are using the latest version of the puppetlabs-apache module
I see an *allow_override* attribute and not override
https://github.com/puppetlabs/puppetlabs-apache#allow_override
Related
I'm relatively new to puppet and currently working on 'puppetlabs-apache' module. I'm missing something while setting both ssl and non-ssl on a virtual-host.
Manifest applied:
include apache
include apache::mod::rewrite
#apache::vhost { 'site.mydomain.com':
# port => '80',
# docroot => '/var/www/site',
# rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
#}
apache::vhost { 'site.mydomain.com':
port => '443',
ssl => true,
docroot => '/var/www/site',
docroot_owner => 'www-data',
docroot_group => 'www-data',
# rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
}
The thing is I don't need the non-ssl (80 port), but all requests should redirect to 443.
If I comment out the first vhost definition of site.mydomain.com for port 80, it throws an error:
Error 400 on SERVER: Duplicate declaration: Apache::Vhost[site2.mydomain.com] is already declared in file..
Not sure what I'm missing here. What should I do to make this permanent redirect happen?
http://site2.mydomain.com/ => https://site2.mydomain.com/
To configure a virtual host to redirect unencrypted connections to SSL, declare them with separate apache::vhost defined types and redirect unencrypted requests to the virtual host with SSL enabled:
apache::vhost { 'site.mydomain.com:80':
servername => 'site.mydomain.com',
port => '80',
docroot => '/var/www/site',
rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
redirect_status => 'permanent',
redirect_dest => 'https://site.mydomain.com'
}
apache::vhost { 'site.mydomain.com:443':
servername => 'site.mydomain.com',
port => '443',
ssl => true,
docroot => '/var/www/site',
docroot_owner => 'www-data',
docroot_group => 'www-data',
rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
}
You also needed those additional redirect attributes for the non-ssl virtualhost resource. Since apache::vhost is a defined resource type with no namevar, you can circumvent the multiple resource declaration issue by using two unique and purely cosmetic resource titles.
Working out Matt's answer and error while running it made me come at following answer.
apache::vhost { 'site.mydomain.com:80' ... }
apache::vhost { 'site.mydomain.com:443' : ...}
Thanks,
Currently have the following in a webserver.pp file:
class { 'apache':
default_vhost => false,
mime_types_additional => {
'AddType' => {
'application/font-woff' => '.woff'
}
}
}
After looking at the output to /etc/httpd/conf.d/mime.conf I can see that the output does indeed include:
'AddType application/font-woff .woff'
however, this doesn't seem to take affect when serving the font as it's served with Content-Type:text/html.
Is there some flag I'm missing to enable the mime types? - I'm totally new to puppet deployments so scratching my head with this.
Vagrant Box:
CentOS 6.6 x86
I use this manifest:
apt::source { 'repo.universe-factory':
location => 'http://repo.universe-factory.net/debian/',
release => 'sid',
repos => 'main',
key => '16EF3F64CB201D9C',
key_server => 'pgpkeys.mit.edu';
}
Now I cannot install packages from it, because there exists only a Source.gz and not
http://repo.universe-factory.net/debian/dists/sid/main/source/Sources
The problem is not the missing gz ending, the problem is somewhere else:
puppet cannot follow the redirect to the https site:
http://repo.universe-factory.net
redirects to
https://repo.universe-factory.net
If you change the code to
apt::source { 'repo.universe-factory':
location => 'http://repo.universe-factory.net/debian/',
...
and ensure, that the package apt-transport-https is installed, it works!
Im trying to puppetize a server, and in the .pp apache config file I have:
apache::vhost { "000-default-ssl":
servername => "$sitename",
serveraliases => ["$sitename"],
serveradmin => 'webmaster#localhost',
port => '443',
docroot => "/path/to/docroot",
access_log_file => 'ssl-access.log',
error_log_file => 'ssl-error.log',
ssl => true,
ssl_cert => '/data/ssl/www/365_acdsee_com.crt',
ssl_key => '/data/ssl/www/365_acdsee_com.key',
#...morecode...
}
And when I run it, the file 000-default-ssl.conf is made and everything, but then when i look in /data/ssl/www/ it's empty. neither 365_acdsee_com.crt, or 365_acdsee_com.key are there.
So my question is: Is declaring the lines ssl_key and ssl_cert supposed to create the certificate and key, or do I have to have something else that generates them, and if not why isnt it making the files???
Is declaring the lines ssl_key and ssl_cert supposed to create the certificate and key ?
No. It will not generate cert and/or key. You have to generate these files manually or get from some cert provider.
Look at the source code of vhost.pp. These values are used to generate config file ${priority_real}${filename}.conf, from the _ssl.erb
I am trying for hours, but I just can't figure it out, how to enable a https connection with vagrant and puppet.
I have a folder files/htdocs which contains different configs-files. Like vhosts. It was a preset, with an empty ssl and empty vhosts_ssl folder. It put my ssl certificate in the ssl folder and my httpd-ssl.conf in the vhosts_ssl folder. Those files where working lokal with my MAMP Webserver.
In the Puppet config I wrote the following:
file { "/etc/httpd/vhosts":
replace => true,
ensure => present,
source => "/vagrant/files/httpd/vhosts",
recurse => true,
}
file { "/etc/httpd/vhosts_ssl":
replace => true,
ensure => present,
source => "/vagrant/files/httpd/vhosts_ssl/httpd-ssl.conf",
}
file { "/etc/httpd/ssl":
replace => true,
ensure => present,
source => "/vagrant/files/httpd/ssl",
recurse => true,
}
The normal vhosts are working, therefore I thougt I can copy the structure and just enter the new paths for ssl and vhosts_ssl.
But its not working. Maybe you know how to fix this.
Thanks.
I think I found a solution, but I have no time to test it right know.
Here is the link to the possible solution.
https://forge.puppetlabs.com/puppetlabs/apache
I will update my Questing/Answere when I tried it.