-
Notifications
You must be signed in to change notification settings - Fork 0
/
metadata.json
executable file
·367 lines (367 loc) · 34.6 KB
/
metadata.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
{
"name": "apache2",
"version": "1.10.4",
"description": "Installs and configures all aspects of apache2 using Debian style symlinks with helper definitions",
"long_description": "apache2 Cookbook\n================\n[![Build Status](https://secure.travis-ci.org/onehealth-cookbooks/apache2.png?branch=master)](http://travis-ci.org/onehealth-cookbooks/apache2)\n\nThis cookbook provides a complete Debian/Ubuntu style Apache HTTPD\nconfiguration. Non-Debian based distributions such as Red Hat/CentOS,\nArchLinux and others supported by this cookbook will have a\nconfiguration that mimics Debian/Ubuntu style as it is easier to\nmanage with Chef.\n\nDebian-style Apache configuration uses scripts to manage modules and\nsites (vhosts). The scripts are:\n\n* a2ensite\n* a2dissite\n* a2enmod\n* a2dismod\n\nThis cookbook ships with templates of these scripts for non\nDebian/Ubuntu platforms. The scripts are used in the __Definitions__\nbelow.\n\nRequirements\n============\n\n## Ohai and Chef:\n\n* Ohai: 0.6.12+\n* Chef: 0.10.10+\n\nAs of v1.2.0, this cookbook makes use of `node['platform_family']` to\nsimplify platform selection logic. This attribute was introduced in\nOhai v0.6.12. The recipe methods were introduced in Chef v0.10.10. If\nyou must run an older version of Chef or Ohai, use [version 1.1.16 of\nthis cookbook](http://community.opscode.com/cookbooks/apache2/versions/1_1_16/downloads).\n\n## Cookbooks:\n\nThis cookbook doesn't have direct dependencies on other cookbooks, as\nnone are needed for the default recipe or the general use cases.\n\nDepending on your OS configuration and security policy, you may need\nadditional recipes or cookbooks for this cookbook's recipes to\nconverge on the node. In particular, the following Operating System\nsettings may affect the behavior of this cookbook:\n\n* apt cache outdated\n* SELinux enabled\n* IPtables\n* Compile tools\n* 3rd party repositories\n\nOn Ubuntu/Debian, use Opscode's `apt` cookbook to ensure the package\ncache is updated so Chef can install packages, or consider putting\napt-get in your bootstrap process or\n[knife bootstrap template](http://wiki.opscode.com/display/chef/Knife+Bootstrap).\n\nOn RHEL, SELinux is enabled by default. The `selinux` cookbook\ncontains a `permissive` recipe that can be used to set SELinux to\n\"Permissive\" state. Otherwise, additional recipes need to be created\nby the user to address SELinux permissions.\n\nThe easiest but **certainly not ideal way** to deal with IPtables is\nto flush all rules. Opscode does provide an `iptables` cookbook but is\nmigrating from the approach used there to a more robust solution\nutilizing a general \"firewall\" LWRP that would have an \"iptables\"\nprovider. Alternately, you can use ufw, with Opscode's `ufw` and\n`firewall` cookbooks to set up rules. See those cookbooks' READMEs for\ndocumentation.\n\nBuild/compile tools may not be installed on the system by default.\nSome recipes (e.g., `apache2::mod_auth_openid`) build the module from\nsource. Use Opscode's `build-essential` cookbook to get essential\nbuild packages installed.\n\nOn ArchLinux, if you are using the `apache2::mod_auth_openid` recipe,\nyou also need the `pacman` cookbook for the `pacman_aur` LWRP. Put\n`recipe[pacman]` on the node's expanded run list (on the node or in a\nrole). This is not an explicit dependency because it is only required\nfor this single recipe and platform; the pacman default recipe\nperforms `pacman -Sy` to keep pacman's package cache updated.\n\nThe `apache2::god_monitor` recipe uses a definition from the `god`\ncookbook. Include `recipe[god]` in the node's expanded run list to\nensure that the cookbook is available to the node, and to set up `god`.\n\n## Platforms:\n\nThe following platforms and versions are tested and supported using\nOpscode's [test-kitchen](http://github.com/opscode/test-kitchen).\n\n* Ubuntu 10.04, 12.04\n* CentOS 5.8, 6.3\n\nThe following platform families are supported in the code, and are\nassumed to work based on the successful testing on Ubuntu and CentOS.\n\n* Debian\n* Red Hat (rhel)\n* Fedora\n* Amazon Linux\n\nThe following platforms are also supported in the code, have been\ntested manually but are not tested under test-kitchen.\n\n* SUSE/OpenSUSE\n* ArchLinux\n* FreeBSD\n\n### Notes for RHEL Family:\n\nOn Red Hat Enterprise Linux and derivatives, the EPEL repository may\nbe necessary to install packages used in certain recipes. The\n`apache2::default` recipe, however, does not require any additional\nrepositories. Opscode's `yum` cookbook contains a recipe to add the\nEPEL repository. See __Examples__ for more information.\n\n### Notes for FreeBSD:\n\nThe `apache2::mod_php5` recipe depends on the `freebsd` cookbook,\nwhich it uses to set the correct options for compiling the `php5` port\nfrom sources. You need to ensure the `freebsd` is in the expanded run\nlist, or this recipe will fail. We don't set an explicit dependency\nbecause we feel the `freebsd` cookbook is something users would want\non their nodes, and due to the generality of this cookbook we don't\nwant additional specific dependencies.\n\nTests\n=====\n\nThis cookbook in the\n[source repository](https://github.com/opscode-cookbooks/apache2)\ncontains minitest and cucumber tests. This is an initial proof of\nconcept that will be fleshed out with more supporting infrastructure\nat a future time.\n\nPlease see the CONTRIBUTING file for information on how to add tests\nfor your contributions.\n\nAttributes\n==========\n\nThis cookbook uses many attributes, broken up into a few different\nkinds.\n\nPlatform specific\n-----------------\n\nIn order to support the broadest number of platforms, several\nattributes are determined based on the node's platform. See the\nattributes/default.rb file for default values in the case statement at\nthe top of the file.\n\n* `node['apache']['package']` - Package name for Apache2\n* `node['apache']['perl_pkg']` - Package name for Perl\n* `node['apache']['dir']` - Location for the Apache configuration\n* `node['apache']['log_dir']` - Location for Apache logs\n* `node['apache']['error_log']` - Location for the default error log\n* `node['apache']['access_log']` - Location for the default access log\n* `node['apache']['user']` - User Apache runs as\n* `node['apache']['group']` - Group Apache runs as\n* `node['apache']['binary']` - Apache httpd server daemon\n* `node['apache']['docroot_dir']` - Location for docroot\n* `node['apache']['cgibin_dir']` - Location for cgi-bin\n* `node['apache']['icondir']` - Location for icons\n* `node['apache']['cache_dir']` - Location for cached files used by Apache itself or recipes\n* `node['apache']['pid_file']` - Location of the PID file for Apache httpd\n* `node['apache']['lib_dir']` - Location for shared libraries\n* `node['apache']['default_site_enabled']` - Default site enabled. Default is false.\n* `node['apache']['ext_status']` - if true, enables ExtendedStatus for `mod_status`\n\nGeneral settings\n----------------\n\nThese are general settings used in recipes and templates. Default\nvalues are noted.\n\n* `node['apache']['listen_addresses']` - Addresses that httpd should listen on. Default is any (\"*\").\n* `node['apache']['listen_ports']` - Ports that httpd should listen on. Default is port 80.\n* `node['apache']['contact']` - Value for ServerAdmin directive. Default \"ops@example.com\".\n* `node['apache']['timeout']` - Value for the Timeout directive. Default is 300.\n* `node['apache']['keepalive']` - Value for the KeepAlive directive. Default is On.\n* `node['apache']['keepaliverequests']` - Value for MaxKeepAliveRequests. Default is 100.\n* `node['apache']['keepalivetimeout']` - Value for the KeepAliveTimeout directive. Default is 5.\n* `node['apache']['sysconfig_additional_params']` - Additionals variables set in sysconfig file. Default is empty.\n* `node['apache']['default_modules']` - Array of module names. Can take \"mod_FOO\" or \"FOO\" as names, where FOO is the apache module, e.g. \"`mod_status`\" or \"`status`\".\n\nThe modules listed in `default_modules` will be included as recipes in `recipe[apache::default]`.\n\nPrefork attributes\n------------------\n\nPrefork attributes are used for tuning the Apache HTTPD prefork MPM\nconfiguration.\n\n* `node['apache']['prefork']['startservers']` - initial number of server processes to start. Default is 16.\n* `node['apache']['prefork']['minspareservers']` - minimum number of spare server processes. Default 16.\n* `node['apache']['prefork']['maxspareservers']` - maximum number of spare server processes. Default 32.\n* `node['apache']['prefork']['serverlimit']` - upper limit on configurable server processes. Default 400.\n* `node['apache']['prefork']['maxclients']` - Maximum number of simultaneous connections.\n* `node['apache']['prefork']['maxrequestsperchild']` - Maximum number of request a child process will handle. Default 10000.\n\nWorker attributes\n-----------------\n\nWorker attributes are used for tuning the Apache HTTPD worker MPM\nconfiguration.\n\n* `node['apache']['worker']['startservers']` - Initial number of server processes to start. Default 4\n* `node['apache']['worker']['serverlimit']` - upper limit on configurable server processes. Default 16.\n* `node['apache']['worker']['maxclients']` - Maximum number of simultaneous connections. Default 1024.\n* `node['apache']['worker']['minsparethreads']` - Minimum number of spare worker threads. Default 64\n* `node['apache']['worker']['maxsparethreads']` - Maximum number of spare worker threads. Default 192.\n* `node['apache']['worker']['maxrequestsperchild']` - Maximum number of requests a child process will handle.\n\nmod\\_auth\\_openid attributes\n----------------------------\n\nThe following attributes are in the `attributes/mod_auth_openid.rb`\nfile. Like all Chef attributes files, they are loaded as well, but\nthey're logistically unrelated to the others, being specific to the\n`mod_auth_openid` recipe.\n\n* `node['apache']['mod_auth_openid']['checksum']` - sha256sum of the tarball containing the source.\n* `node['apache']['mod_auth_openid']['ref']` - Any sha, tag, or branch found from https://github.com/bmuller/mod_auth_openid\n* `node['apache']['mod_auth_openid']['cache_dir']` - the cache directory is where the sqlite3 database is stored. It is separate so it can be managed as a directory resource.\n* `node['apache']['mod_auth_openid']['dblocation']` - filename of the sqlite3 database used for directive `AuthOpenIDDBLocation`, stored in the `cache_dir` by default.\n* `node['apache']['mod_auth_openid']['configure_flags']` - optional array of configure flags passed to the `./configure` step in the compilation of the module.\n\nmod\\_ssl attributes\n-------------------\n\n* `node['apache']['mod_ssl']['cipher_suite']` - sets the\n SSLCiphersuite value to the specified string. The default is\n considered \"sane\" but you may need to change it for your local\n security policy, e.g. if you have PCI-DSS requirements. Additional\n commentary on the\n [original pull request](https://github.com/opscode-cookbooks/apache2/pull/15#commitcomment-1605406).\n\nRecipes\n=======\n\nMost of the recipes in the cookbook are for enabling Apache modules.\nWhere additional configuration or behavior is used, it is documented\nbelow in more detail.\n\nThe following recipes merely enable the specified module: `mod_alias`,\n`mod_basic`, `mod_digest`, `mod_authn_file`, `mod_authnz_ldap`,\n`mod_authz_default`, `mod_authz_groupfile`, `mod_authz_host`,\n`mod_authz_user`, `mod_autoindex`, `mod_cgi`, `mod_dav_fs`,\n`mod_dav_svn`, `mod_deflate`, `mod_dir`, `mod_env`, `mod_expires`,\n`mod_headers`, `mod_ldap`, `mod_log_config`, `mod_mime`,\n`mod_negotiation`, `mod_proxy`, `mod_proxy_ajp`, `mod_proxy_balancer`,\n`mod_proxy_connect`, `mod_proxy_http`, `mod_python`, `mod_rewrite`,\n`mod_setenvif`, `mod_status`, `mod_wsgi`, `mod_xsendfile`.\n\nOn RHEL Family distributions, certain modules ship with a config file\nwith the package. The recipes here may delete those configuration\nfiles to ensure they don't conflict with the settings from the\ncookbook, which will use per-module configuration in\n`/etc/httpd/mods-enabled`.\n\ndefault\n-------\n\nThe default recipe does a number of things to set up Apache HTTPd. It\nalso includes a number of modules based on the attribute\n`node['apache']['default_modules']` as recipes.\n\nlogrotate\n---------\n\nLogrotate adds a logrotate entry for your apache2 logs. This recipe\nrequires the `logrotate` cookbook; ensure that `recipe[logrotate]` is\nin the node's expanded run list.\n\nmod\\_auth\\_cas\n--------------\n\nThis recipe installs the proper package and enables the `auth_cas`\nmodule. It can install from source or package. Package is the default,\nset the attribute `node['apache']['mod_auth_cas']['from_source']` to\ntrue to enable source installation. Modify the version to install by\nchanging the attribute\n`node['apache']['mod_auth_cas']['source_revision']`. It is a version\ntag by default, but could be master, or another tag, or branch.\n\nThe module configuration is written out with the `CASCookiePath` set,\notherwise an error loading the module may cause Apache to not start.\n\n**Note**: This recipe does not work on EL 6 platforms unless\nepel-testing repository is enabled (outside the scope of this\ncookbook), or the package version 1.0.8.1-3.el6 or higher is otherwise\navailable to the system due to this bug:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=708550\n\nmod\\_auth\\_openid\n-----------------\n\n**Changed via COOK-915**\n\nThis recipe compiles the module from source. In addition to\n`build-essential`, some other packages are included for installation\nlike the GNU C++ compiler and development headers.\n\nTo use the module in your own cookbooks to authenticate systems using\nOpenIDs, specify an array of OpenIDs that are allowed to authenticate\nwith the attribute `node['apache']['allowed_openids']`. Use the\nfollowing in a vhost to protect with OpenID authentication:\n\n AuthType OpenID require user <%= node['apache']['allowed_openids'].join(' ') %>\n AuthOpenIDDBLocation <%= node['apache']['mod_auth_openid']['dblocation'] %>\n\nChange the DBLocation with the attribute as required; this file is in\na different location than previous versions, see below. It should be a\nsane default for most platforms, though, see\n`attributes/mod_auth_openid.rb`.\n\n### Changes from COOK-915:\n\n* `AuthType OpenID` instead of `AuthOpenIDEnabled On`.\n* `require user` instead of `AuthOpenIDUserProgram`.\n* A bug(?) in `mod_auth_openid` causes it to segfault when attempting\n to update the database file if the containing directory is not\n writable by the HTTPD process owner (e.g., www-data), even if the\n file is writable. In order to not interfere with other settings from\n the default recipe in this cookbook, the db file is moved.\n\nmod\\_fastcgi\n------------\n\nInstall the fastcgi package and enable the module.\n\nOnly work on Debian/Ubuntu\n\nmod\\_fcgid\n----------\n\nInstalls the fcgi package and enables the module. Requires EPEL on\nRHEL family.\n\nOn RHEL family, this recipe will delete the fcgid.conf and on version\n6+, create the /var/run/httpd/mod_fcgid` directory, which prevents the\nemergency error:\n\n [emerg] (2)No such file or directory: mod_fcgid: Can't create shared memory for size XX bytes\n\nmod\\_php5\n--------\n\nSimply installs the appropriate package on Debian, Ubuntu and\nArchLinux.\n\nOn Red Hat family distributions including Fedora, the php.conf that\ncomes with the package is removed. On RHEL platforms less than v6, the\n`php53` package is used.\n\nmod\\_ssl\n--------\n\nBesides installing and enabling `mod_ssl`, this recipe will append\nport 443 to the `node['apache']['listen_ports']` attribute array and\nupdate the ports.conf.\n\ngod\\_monitor\n------------\n\nSets up a `god` monitor for Apache. External requirements are the\n`god` and `runit` cookbooks from Opscode. When using this recipe,\ninclude `recipe[god]` in the node's expanded run list to ensure the\nclient downloads it; `god` depends on runit so that will also be\ndownloaded.\n\n**Note** This recipe is not tested under test-kitchen yet and is\n pending fix in COOK-744.\n\nDefinitions\n===========\n\nThe cookbook provides a few definitions. At some point in the future\nthese definitions may be refactored into lightweight resources and\nproviders as suggested by\n[foodcritic rule FC015](http://acrmp.github.com/foodcritic/#FC015).\n\napache\\_conf\n------------\n\nSets up configuration file for an Apache module from a template. The\ntemplate should be in the same cookbook where the definition is used.\nThis is used by the `apache_module` definition and is not often used\ndirectly.\n\nThis will use a template resource to write the module's configuration\nfile in the `mods-available` under the Apache configuration directory\n(`node['apache']['dir']`). This is a platform-dependent location. See\n__apache\\_module__.\n\n### Parameters:\n\n* `name` - Name of the template. When used from the `apache_module`,\n it will use the same name as the module.\n\n### Examples:\n\nCreate `#{node['apache']['dir']}/mods-available/alias.conf`.\n\n apache_conf \"alias\"\n\napache\\_module\n--------------\n\nEnable or disable an Apache module in\n`#{node['apache']['dir']}/mods-available` by calling `a2enmod` or\n`a2dismod` to manage the symbolic link in\n`#{node['apache']['dir']}/mods-enabled`. If the module has a\nconfiguration file, a template should be created in the cookbook where\nthe definition is used. See __Examples__.\n\n### Parameters:\n\n* `name` - Name of the module enabled or disabled with the `a2enmod` or `a2dismod` scripts.\n* `identifier` - String to identify the module for the `LoadModule` directive. Not typically needed, defaults to `#{name}_module`\n* `enable` - Default true, which uses `a2enmod` to enable the module. If false, the module will be disabled with `a2dismod`.\n* `conf` - Default false. Set to true if the module has a config file, which will use `apache_conf` for the file.\n* `filename` - specify the full name of the file, e.g.\n\n### Examples:\n\nEnable the ssl module, which also has a configuration template in `templates/default/mods/ssl.conf.erb`.\n\n apache_module \"ssl\" do\n conf true\n end\n\nEnable the php5 module, which has a different filename than the module default:\n\n apache_module \"php5\" do\n filename \"libphp5.so\"\n end\n\nDisable a module:\n\n apache_module \"disabled_module\" do\n enable false\n end\n\nSee the recipes directory for many more examples of `apache_module`.\n\napache\\_site\n------------\n\nEnable or disable a VirtualHost in\n`#{node['apache']['dir']}/sites-available` by calling a2ensite or\na2dissite to manage the symbolic link in\n`#{node['apache']['dir']}/sites-enabled`.\n\nThe template for the site must be managed as a separate resource. To\ncombine the template with enabling a site, see `web_app`.\n\n### Parameters:\n\n* `name` - Name of the site.\n* `enable` - Default true, which uses `a2ensite` to enable the site. If false, the site will be disabled with `a2dissite`.\n\nweb\\_app\n--------\n\nManage a template resource for a VirtualHost site, and enable it with\n`apache_site`. This is commonly done for managing web applications\nsuch as Ruby on Rails, PHP or Django, and the default behavior\nreflects that. However it is flexible.\n\nThis definition includes some recipes to make sure the system is\nconfigured to have Apache and some sane default modules:\n\n* `apache2`\n* `apache2::mod_rewrite`\n* `apache2::mod_deflate`\n* `apache2::mod_headers`\n\nIt will then configure the template (see __Parameters__ and\n__Examples__ below), and enable or disable the site per the `enable`\nparameter.\n\n### Parameters:\n\nCurrent parameters used by the definition:\n\n* `name` - The name of the site. The template will be written to\n `#{node['apache']['dir']}/sites-available/#{params['name']}.conf`\n* `cookbook` - Optional. Cookbook where the source template is. If\n this is not defined, Chef will use the named template in the\n cookbook where the definition is used.\n* `template` - Default `web_app.conf.erb`, source template file.\n* `enable` - Default true. Passed to the `apache_site` definition.\n\nAdditional parameters can be defined when the definition is called in\na recipe, see __Examples__.\n\n### Examples:\n\nAll parameters are passed into the template. You can use whatever you\nlike. The apache2 cookbook comes with a `web_app.conf.erb` template as\nan example. The following parameters are used in the template:\n\n* `server_name` - ServerName directive.\n* `server_aliases` - ServerAlias directive. Must be an array of aliases.\n* `docroot` - DocumentRoot directive.\n* `application_name` - Used in RewriteLog directive. Will be set to the `name` parameter.\n* `directory_index` - Allow overriding the default DirectoryIndex setting, optional\n* `directory_options` - Override Options on the docroot, for example to add parameters like Includes or Indexes, optional.\n* `allow_override` - Modify the AllowOverride directive on the docroot to support apps that need .htaccess to modify configuration or require authentication.\n\nTo use the default web_app, for example:\n\n web_app \"my_site\" do\n server_name node['hostname']\n server_aliases [node['fqdn'], \"my-site.example.com\"]\n docroot \"/srv/www/my_site\"\n end\n\nThe parameters specified will be used as:\n\n* `@params[:server_name]`\n* `@params[:server_aliases]`\n* `@params[:docroot]`\n\nIn the template. When you write your own, the `@` is significant.\n\nFor more information about Definitions and parameters, see the\n[Chef Wiki](http://wiki.opscode.com/display/chef/Definitions)\n\nUsage\n=====\n\nUsing this cookbook is relatively straightforward. Add the desired\nrecipes to the run list of a node, or create a role. Depending on your\nenvironment, you may have multiple roles that use different recipes\nfrom this cookbook. Adjust any attributes as desired. For example, to\ncreate a basic role for web servers that provide both HTTP and HTTPS:\n\n % cat roles/webserver.rb\n name \"webserver\"\n description \"Systems that serve HTTP and HTTPS\"\n run_list(\n \"recipe[apache2]\",\n \"recipe[apache2::mod_ssl]\"\n )\n default_attributes(\n \"apache\" => {\n \"listen_ports\" => [\"80\", \"443\"]\n }\n )\n\nFor examples of using the definitions in your own recipes, see their\nrespective sections above.\n\nLicense and Authors\n===================\n\n* Author:: Adam Jacob <adam@opscode.com>\n* Author:: Joshua Timberman <joshua@opscode.com>\n* Author:: Bryan McLellan <bryanm@widemile.com>\n* Author:: Dave Esposito <esposito@espolinux.corpnet.local>\n* Author:: David Abdemoulaie <github@hobodave.com>\n* Author:: Edmund Haselwanter <edmund@haselwanter.com>\n* Author:: Eric Rochester <err8n@virginia.edu>\n* Author:: Jim Browne <jbrowne@42lines.net>\n* Author:: Matthew Kent <mkent@magoazul.com>\n* Author:: Nathen Harvey <nharvey@customink.com>\n* Author:: Ringo De Smet <ringo.de.smet@amplidata.com>\n* Author:: Sean OMeara <someara@opscode.com>\n* Author:: Seth Chisamore <schisamo@opscode.com>\n* Author:: Gilles Devaux <gilles@peerpong.com>\n\n* Copyright:: 2009-2012, Opscode, Inc\n* Copyright:: 2011, Atriso\n* Copyright:: 2011, CustomInk, LLC.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n",
"maintainer": "Opscode, Inc.",
"maintainer_email": "cookbooks@opscode.com",
"license": "Apache 2.0",
"platforms": {
"amazon": ">= 0.0.0",
"arch": ">= 0.0.0",
"centos": ">= 0.0.0",
"debian": ">= 0.0.0",
"fedora": ">= 0.0.0",
"freebsd": ">= 0.0.0",
"redhat": ">= 0.0.0",
"scientific": ">= 0.0.0",
"ubuntu": ">= 0.0.0"
},
"dependencies": {
"iptables": ">= 0.0.0",
"logrotate": ">= 0.0.0",
"pacman": ">= 0.0.0"
},
"recommendations": {
},
"suggestions": {
},
"conflicting": {
},
"providing": {
},
"replacing": {
},
"attributes": {
"apache": {
"display_name": "Apache Hash",
"description": "Hash of Apache attributes",
"type": "hash"
},
"apache/dir": {
"display_name": "Apache Directory",
"description": "Location for Apache configuration",
"default": "/etc/apache2",
"recipes": [
"apache2::default"
]
},
"apache/log_dir": {
"display_name": "Apache Log Directory",
"description": "Location for Apache logs",
"default": "/etc/apache2",
"recipes": [
"apache2::default\", \"apache2::logrotate"
]
},
"apache/user": {
"display_name": "Apache User",
"description": "User Apache runs as",
"default": "www-data",
"recipes": [
"apache2::default"
]
},
"apache/binary": {
"display_name": "Apache Binary",
"description": "Apache server daemon program",
"default": "/usr/sbin/apache2",
"recipes": [
"apache2::default"
]
},
"apache/icondir": {
"display_name": "Apache Icondir",
"description": "Directory location for icons",
"default": "/usr/share/apache2/icons",
"recipes": [
"apache2::default"
]
},
"apache/listen_addresses": {
"display_name": "Apache Listen Addresses",
"description": "Addresses that Apache should listen on",
"type": "array",
"default": [
"*"
],
"recipes": [
"apache2::default"
]
},
"apache/listen_ports": {
"display_name": "Apache Listen Ports",
"description": "Ports that Apache should listen on",
"type": "array",
"default": [
"80",
"443"
],
"recipes": [
"apache2::default"
]
},
"apache/contact": {
"display_name": "Apache Contact",
"description": "Email address of webmaster",
"default": "ops@example.com",
"recipes": [
"apache2::default"
]
},
"apache/timeout": {
"display_name": "Apache Timeout",
"description": "Connection timeout value",
"default": "300",
"recipes": [
"apache2::default"
]
},
"apache/keepalive": {
"display_name": "Apache Keepalive",
"description": "HTTP persistent connections",
"default": "On",
"recipes": [
"apache2::default"
]
},
"apache/keepaliverequests": {
"display_name": "Apache Keepalive Requests",
"description": "Number of requests allowed on a persistent connection",
"default": "100",
"recipes": [
"apache2::default"
]
},
"apache/keepalivetimeout": {
"display_name": "Apache Keepalive Timeout",
"description": "Time to wait for requests on persistent connection",
"default": "5",
"recipes": [
"apache2::default"
]
},
"apache/servertokens": {
"display_name": "Apache Server Tokens",
"description": "Server response header",
"default": "Prod",
"recipes": [
"apache2::default"
]
},
"apache/serversignature": {
"display_name": "Apache Server Signature",
"description": "Configure footer on server-generated documents",
"default": "On",
"recipes": [
"apache2::default"
]
},
"apache/traceenable": {
"display_name": "Apache Trace Enable",
"description": "Determine behavior of TRACE requests",
"default": "On",
"recipes": [
"apache2::default"
]
},
"apache/allowed_openids": {
"display_name": "Apache Allowed OpenIDs",
"description": "Array of OpenIDs allowed to authenticate",
"default": "",
"recipes": [
"apache2::default"
]
},
"apache/prefork": {
"display_name": "Apache Prefork",
"description": "Hash of Apache prefork tuning attributes.",
"type": "hash",
"recipes": [
"apache2::default"
]
},
"apache/prefork/startservers": {
"display_name": "Apache Prefork MPM StartServers",
"description": "Number of MPM servers to start",
"default": "16",
"recipes": [
"apache2::default"
]
},
"apache/prefork/minspareservers": {
"display_name": "Apache Prefork MPM MinSpareServers",
"description": "Minimum number of spare server processes",
"default": "16",
"recipes": [
"apache2::default"
]
},
"apache/prefork/maxspareservers": {
"display_name": "Apache Prefork MPM MaxSpareServers",
"description": "Maximum number of spare server processes",
"default": "32",
"recipes": [
"apache2::default"
]
},
"apache/prefork/serverlimit": {
"display_name": "Apache Prefork MPM ServerLimit",
"description": "Upper limit on configurable server processes",
"default": "400",
"recipes": [
"apache2::default"
]
},
"apache/prefork/maxclients": {
"display_name": "Apache Prefork MPM MaxClients",
"description": "Maximum number of simultaneous connections",
"default": "400",
"recipes": [
"apache2::default"
]
},
"apache/prefork/maxrequestsperchild": {
"display_name": "Apache Prefork MPM MaxRequestsPerChild",
"description": "Maximum number of request a child process will handle",
"default": "10000",
"recipes": [
"apache2::default"
]
},
"apache/worker": {
"display_name": "Apache Worker",
"description": "Hash of Apache prefork tuning attributes.",
"type": "hash",
"recipes": [
"apache2::default"
]
},
"apache/worker/startservers": {
"display_name": "Apache Worker MPM StartServers",
"description": "Initial number of server processes to start",
"default": "4",
"recipes": [
"apache2::default"
]
},
"apache/worker/maxclients": {
"display_name": "Apache Worker MPM MaxClients",
"description": "Maximum number of simultaneous connections",
"default": "1024",
"recipes": [
"apache2::default"
]
},
"apache/worker/minsparethreads": {
"display_name": "Apache Worker MPM MinSpareThreads",
"description": "Minimum number of spare worker threads",
"default": "64",
"recipes": [
"apache2::default"
]
},
"apache/worker/maxsparethreads": {
"display_name": "Apache Worker MPM MaxSpareThreads",
"description": "Maximum number of spare worker threads",
"default": "192",
"recipes": [
"apache2::default"
]
},
"apache/worker/threadsperchild": {
"display_name": "Apache Worker MPM ThreadsPerChild",
"description": "Constant number of worker threads in each server process",
"default": "64",
"recipes": [
"apache2::default"
]
},
"apache/worker/maxrequestsperchild": {
"display_name": "Apache Worker MPM MaxRequestsPerChild",
"description": "Maximum number of request a child process will handle",
"default": "0",
"recipes": [
"apache2::default"
]
},
"apache/default_modules": {
"display_name": "Apache Default Modules",
"description": "Default modules to enable via recipes",
"type": "array",
"default": [
"status",
"alias",
"auth_basic",
"authn_file",
"authz_default",
"authz_groupfile",
"authz_host",
"authz_user",
"autoindex",
"dir",
"env",
"mime",
"negotiation",
"setenvif"
],
"recipes": [
"apache2::default"
]
},
"apache/mod_ssl/cipher_suite": {
"display_name": "Apache mod_ssl Cipher Suite",
"description": "String of SSL ciphers to use for SSLCipherSuite",
"default": "RC4-SHA:HIGH:!ADH",
"recipes": [
"apache2::default"
]
}
},
"groupings": {
},
"recipes": {
"apache2": "Main Apache configuration",
"apache2::logrotate": "Rotate apache2 logs. Requires logrotate cookbook",
"apache2::mod_alias": "Apache module \"alias\" with config file",
"apache2::mod_apreq2": "Apache module \"apreq\"",
"apache2::mod_auth_basic": "Apache module \"auth_basic\"",
"apache2::mod_auth_digest": "Apache module \"auth_digest\"",
"apache2::mod_auth_openid": "Apache module \"authopenid\"",
"apache2::mod_authn_file": "Apache module \"authn_file\"",
"apache2::mod_authnz_ldap": "Apache module \"authnz_ldap\"",
"apache2::mod_authz_default": "Apache module \"authz_default\"",
"apache2::mod_authz_groupfile": "Apache module \"authz_groupfile\"",
"apache2::mod_authz_host": "Apache module \"authz_host\"",
"apache2::mod_authz_user": "Apache module \"authz_user\"",
"apache2::mod_autoindex": "Apache module \"autoindex\" with config file",
"apache2::mod_cgi": "Apache module \"cgi\"",
"apache2::mod_dav": "Apache module \"dav\"",
"apache2::mod_dav_svn": "Apache module \"dav_svn\"",
"apache2::mod_deflate": "Apache module \"deflate\" with config file",
"apache2::mod_dir": "Apache module \"dir\" with config file",
"apache2::mod_env": "Apache module \"env\"",
"apache2::mod_expires": "Apache module \"expires\"",
"apache2::mod_fcgid": "Apache module \"fcgid\", package on ubuntu/debian, rhel/centos, compile source on suse; with config file",
"apache2::mod_headers": "Apache module \"headers\"",
"apache2::mod_include": "Apache module \"include\"",
"apache2::mod_ldap": "Apache module \"ldap\"",
"apache2::mod_log_config": "Apache module \"log_config\"",
"apache2::mod_mime": "Apache module \"mime\" with config file",
"apache2::mod_negotiation": "Apache module \"negotiation\" with config file",
"apache2::mod_pagespeed": "Apache module \"pagespeed\" with config file",
"apache2::mod_perl": "Apache module \"perl\"",
"apache2::mod_php5": "Apache module \"php5\"",
"apache2::mod_proxy": "Apache module \"proxy\" with config file",
"apache2::mod_proxy_ajp": "Apache module \"proxy_ajp\"",
"apache2::mod_proxy_balancer": "Apache module \"proxy_balancer\"",
"apache2::mod_proxy_connect": "Apache module \"proxy_connect\"",
"apache2::mod_proxy_http": "Apache module \"proxy_http\"",
"apache2::mod_python": "Apache module \"python\"",
"apache2::mod_rewrite": "Apache module \"rewrite\"",
"apache2::mod_setenvif": "Apache module \"setenvif\" with config file",
"apache2::mod_ssl": "Apache module \"ssl\" with config file, adds port 443 to listen_ports",
"apache2::mod_status": "Apache module \"status\" with config file",
"apache2::mod_xsendfile": "Apache module \"xsendfile\""
}
}