Forge Home

apache

Installs, configures, and manages Apache virtual hosts, web services, and modules.

11,150,303 downloads

48,441 latest version

5.0 quality score

Version information

  • 7.0.0 (latest)
  • 6.5.1
  • 6.5.0
  • 6.4.0
  • 6.3.1
  • 6.3.0
  • 6.2.0
  • 6.1.0
  • 6.0.1
  • 6.0.0
  • 5.10.0
  • 5.9.0
  • 5.8.0
  • 5.7.0
  • 5.6.0
  • 5.5.0
  • 5.4.0
  • 5.3.0
  • 5.2.0
  • 5.1.0
  • 5.0.0
  • 4.1.0
  • 4.0.0
  • 3.5.0
  • 3.4.0
  • 3.3.0
  • 3.2.0
  • 3.1.0
  • 3.0.0
  • 2.3.1
  • 2.3.0
  • 2.2.0
  • 2.1.0
  • 2.0.0
  • 1.11.1
  • 1.11.0
  • 1.10.0
  • 1.9.0 (deleted)
  • 1.8.1
  • 1.8.0
  • 1.7.1
  • 1.7.0
  • 1.6.0
  • 1.5.0
  • 1.4.1
  • 1.4.0
  • 1.3.0
  • 1.2.0
  • 1.1.1
  • 1.1.0
  • 1.0.1
  • 1.0.0
  • 0.11.0
  • 0.10.0
  • 0.9.0
  • 0.8.1
  • 0.8.0
  • 0.7.0
  • 0.6.0
  • 0.5.0-rc1
  • 0.4.0
  • 0.3.0
  • 0.2.2
  • 0.2.1
  • 0.2.0
  • 0.1.1
  • 0.0.4
  • 0.0.3 (deleted)
  • 0.0.2 (deleted)
  • 0.0.1 (deleted)
released Oct 11th 2021
This version is compatible with:
  • Puppet Enterprise 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x
  • Puppet >= 6.0.0 < 8.0.0
  • , , , , , , ,
Tasks:
  • apache

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'puppetlabs-apache', '7.0.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add puppetlabs-apache
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install puppetlabs-apache --version 7.0.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

puppetlabs/apache — version 7.0.0 Oct 11th 2021

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • apache::confd::no_accf: Manages the no-accf.conf file.
  • apache::default_confd_files: Helper for setting up default conf.d files.
  • apache::default_mods: Installs and congfigures default mods for Apache
  • apache::mod::ssl::reload: Manages the puppet_ssl folder for ssl file copies, which is needed to track changes for reloading service on changes
  • apache::package: Installs an Apache MPM.
  • apache::params: This class manages Apache parameters
  • apache::php: This class installs PHP for Apache.
  • apache::proxy: This class enabled the proxy module for Apache.
  • apache::python: This class installs Python for Apache
  • apache::service: Installs and configures Apache service.
  • apache::ssl: This class installs Apache SSL capabilities
  • apache::version: Try to automatically detect the version by OS

Defined types

Public Defined types

  • apache::balancer: This type will create an apache balancer cluster file inside the conf.d directory.
  • apache::balancermember: Defines members of mod_proxy_balancer
  • apache::custom_config: Adds a custom configuration file to the Apache server's conf.d directory.
  • apache::fastcgi::server: Defines one or more external FastCGI servers to handle specific file types. Use this defined type with mod_fastcgi.
  • apache::listen: Adds Listen directives to ports.conf that define the Apache server's or a virtual host's listening address and port.
  • apache::mod: Installs packages for an Apache module that doesn't have a corresponding apache::mod::<MODULE NAME> class.
  • apache::namevirtualhost: Enables name-based virtual hosts
  • apache::vhost: Allows specialised configurations for virtual hosts that possess requirements outside of the defaults.
  • apache::vhost::custom: A wrapper around the apache::custom_config defined type.
  • apache::vhost::fragment: Define a fragment within a vhost

Private Defined types

  • apache::default_mods::load: Helper used by apache::default_mods
  • apache::mpm: Enables the use of Apache MPMs.
  • apache::peruser::multiplexer: Checks if an Apache module has a class.
  • apache::peruser::processor: Enables the Peruser module for FreeBSD only.
  • apache::security::rule_link: Links the activated_rules from apache::mod::security to the respective CRS rules on disk.

Resource types

  • a2mod: Manage Apache 2 modules

Functions

Data types

Tasks

  • init: Allows you to perform apache service functions

Classes

apache

When this class is declared with the default options, Puppet:

  • Installs the appropriate Apache software package and required Apache modules for your operating system.
  • Places the required configuration files in a directory, with the default location determined by your operating system.
  • Configures the server with a default virtual host and standard port (80) and address (\*) bindings.
  • Creates a document root directory determined by your operating system, typically /var/www.
  • Starts the Apache service.

If an ldaps:// URL is specified, the mode becomes SSL and the setting of LDAPTrustedMode is ignored.

Examples

class { 'apache': }

Parameters

The following parameters are available in the apache class:

allow_encoded_slashes

Data type: Optional[Enum['on', 'off', 'nodecode']]

Sets the server default for the AllowEncodedSlashes declaration, which modifies the responses to URLs containing '\' and '/' characters. If not specified, this parameter omits the declaration from the server's configuration and uses Apache's default setting of 'off'.

Default value: undef

apache_version

Data type: Any

Configures module template behavior, package names, and default Apache modules by defining the version of Apache to use. We do not recommend manually configuring this parameter without reason.

Default value: $apache::version::default

conf_dir

Data type: Any

Sets the directory where the Apache server's main configuration file is located.

Default value: $apache::params::conf_dir

conf_template

Data type: Any

Defines the template used for the main Apache configuration file. Modifying this parameter is potentially risky, as the apache module is designed to use a minimal configuration file customized by conf.d entries.

Default value: $apache::params::conf_template

confd_dir

Data type: Any

Sets the location of the Apache server's custom configuration directory.

Default value: $apache::params::confd_dir

default_charset

Data type: Any

Used as the AddDefaultCharset directive in the main configuration file.

Default value: undef

default_confd_files

Data type: Boolean

Determines whether Puppet generates a default set of includable Apache configuration files in the directory defined by the confd_dir parameter. These configuration files correspond to what is typically installed with the Apache package on the server's operating system.

Default value: true

default_mods

Data type: Any

Determines whether to configure and enable a set of default Apache modules depending on your operating system. If false, Puppet includes only the Apache modules required to make the HTTP daemon work on your operating system, and you can declare any other modules separately using the apache::mod::<MODULE NAME> class or apache::mod defined type. If true, Puppet installs additional modules, depending on the operating system and the values of apache_version and mpm_module parameters. Because these lists of modules can change frequently, consult the Puppet module's code for up-to-date lists. If this parameter contains an array, Puppet instead enables all passed Apache modules.

Default value: true

default_ssl_ca

Data type: Any

Sets the default certificate authority for the Apache server. Although the default value results in a functioning Apache server, you must update this parameter with your certificate authority information before deploying this server in a production environment.

Default value: undef

default_ssl_cert

Data type: Any

Sets the SSL encryption certificate location. Although the default value results in a functioning Apache server, you must update this parameter with your certificate location before deploying this server in a production environment.

Default value: $apache::params::default_ssl_cert

default_ssl_chain

Data type: Any

Sets the default SSL chain location. Although this default value results in a functioning Apache server, you must update this parameter with your SSL chain before deploying this server in a production environment.

Default value: undef

default_ssl_crl

Data type: Any

Sets the path of the default certificate revocation list (CRL) file to use. Although this default value results in a functioning Apache server, you must update this parameter with the CRL file path before deploying this server in a production environment. You can use this parameter with or in place of the default_ssl_crl_path.

Default value: undef

default_ssl_crl_path

Data type: Any

Sets the server's certificate revocation list path, which contains your CRLs. Although this default value results in a functioning Apache server, you must update this parameter with the CRL file path before deploying this server in a production environment.

Default value: undef

default_ssl_crl_check

Data type: Any

Sets the default certificate revocation check level via the SSLCARevocationCheck directive. This parameter applies only to Apache 2.4 or higher and is ignored on older versions. Although this default value results in a functioning Apache server, you must specify this parameter when using certificate revocation lists in a production environment.

Default value: undef

default_ssl_key

Data type: Any

Sets the SSL certificate key file location. Although the default values result in a functioning Apache server, you must update this parameter with your SSL key's location before deploying this server in a production environment.

Default value: $apache::params::default_ssl_key

default_ssl_reload_on_change

Data type: Boolean

Enable reloading of apache if the content of ssl files have changed.

Default value: false

default_ssl_vhost

Data type: Boolean

Configures a default SSL virtual host. If true, Puppet automatically configures the following virtual host using the apache::vhost defined type:

apache::vhost { 'default-ssl':
  port            => 443,
  ssl             => true,
  docroot         => $docroot,
  scriptalias     => $scriptalias,
  serveradmin     => $serveradmin,
  access_log_file => "ssl_${access_log_file}",
}

Note: SSL virtual hosts only respond to HTTPS queries.

Default value: false

default_type

Data type: Any

Apache 2.2 only. Sets the MIME content-type sent if the server cannot otherwise determine an appropriate content-type. This directive is deprecated in Apache 2.4 and newer, and is only for backwards compatibility in configuration files.

Default value: 'none'

default_vhost

Data type: Boolean

Configures a default virtual host when the class is declared. To configure customized virtual hosts, set this parameter's value to false.

Note: Apache will not start without at least one virtual host. If you set this to false you must configure a virtual host elsewhere.

Default value: true

dev_packages

Data type: Any

Configures a specific dev package to use. For example, using httpd 2.4 from the IUS yum repo:

include ::apache::dev
class { 'apache':
  apache_name  => 'httpd24u',
  dev_packages => 'httpd24u-devel',
}

Default value: $apache::params::dev_packages

docroot

Data type: Any

Sets the default DocumentRoot location.

Default value: $apache::params::docroot

error_documents

Data type: Any

Determines whether to enable custom error documents on the Apache server.

Default value: false

group

Data type: Any

Sets the group ID that owns any Apache processes spawned to answer requests. By default, Puppet attempts to manage this group as a resource under the apache class, determining the group based on the operating system as detected by the apache::params class. To prevent the group resource from being created and use a group created by another Puppet module, set the manage_group parameter's value to false.

Note: Modifying this parameter only changes the group ID that Apache uses to spawn child processes to access resources. It does not change the user that owns the parent server process.

Default value: $apache::params::group

httpd_dir

Data type: Any

Sets the Apache server's base configuration directory. This is useful for specially repackaged Apache server builds but might have unintended consequences when combined with the default distribution packages.

Default value: $apache::params::httpd_dir

http_protocol_options

Data type: Any

Specifies the strictness of HTTP protocol checks. Valid options: any sequence of the following alternative values: Strict or Unsafe, RegisteredMethods or LenientMethods, and Allow0.9 or Require1.0.

Default value: $apache::params::http_protocol_options

keepalive

Data type: Any

Determines whether to enable persistent HTTP connections with the KeepAlive directive. If you set this to On, use the keepalive_timeout and max_keepalive_requests parameters to set relevant options.

Default value: $apache::params::keepalive

keepalive_timeout

Data type: Any

Sets the KeepAliveTimeout directive, which determines the amount of time the Apache server waits for subsequent requests on a persistent HTTP connection. This parameter is only relevant if the keepalive parameter is enabled.

Default value: $apache::params::keepalive_timeout

max_keepalive_requests

Data type: Any

Limits the number of requests allowed per connection when the keepalive parameter is enabled.

Default value: $apache::params::max_keepalive_requests

hostname_lookups

Data type: Enum['Off', 'On', 'Double', 'off', 'on', 'double']

This directive enables DNS lookups so that host names can be logged and passed to CGIs/SSIs in REMOTE_HOST.

Note: If enabled, it impacts performance significantly.

Default value: $apache::params::hostname_lookups

ldap_trusted_mode

Data type: Any

The following modes are supported:

NONE - no encryption SSL - ldaps:// encryption on default port 636 TLS - STARTTLS encryption on default port 389 Not all LDAP toolkits support all the above modes. An error message will be logged at runtime if a mode is not supported, and the connection to the LDAP server will fail.

Default value: undef

ldap_verify_server_cert

Data type: Any

Specifies whether to force the verification of a server certificate when establishing an SSL connection to the LDAP server. On|Off

Default value: undef

lib_path

Data type: Any

Specifies the location whereApache module files are stored.

Note: Do not configure this parameter manually without special reason.

Default value: $apache::params::lib_path

log_level

Data type: Apache::LogLevel

Configures the apache LogLevel directive which adjusts the verbosity of the messages recorded in the error logs.

Default value: $apache::params::log_level

log_formats

Data type: Any

Define additional LogFormat directives. Values: A hash, such as:

$log_formats = { vhost_common => '%v %h %l %u %t \"%r\" %>s %b' }

There are a number of predefined LogFormats in the httpd.conf that Puppet creates:

  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
  LogFormat "%h %l %u %t \"%r\" %>s %b" common
  LogFormat "%{Referer}i -> %U" referer
  LogFormat "%{User-agent}i" agent
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" forwarded

If your log_formats parameter contains one of those, it will be overwritten with your definition.

Default value: {}

logroot

Data type: Any

Changes the directory of Apache log files for the virtual host.

Default value: $apache::params::logroot

logroot_mode

Data type: Any

Overrides the default logroot directory's mode.

Note: Do not grant write access to the directory where the logs are stored without being aware of the consequences. See the Apache documentation for details.

Default value: $apache::params::logroot_mode

manage_group

Data type: Boolean

When false, stops Puppet from creating the group resource. If you have a group created from another Puppet module that you want to use to run Apache, set this to false. Without this parameter, attempting to use a previously established group results in a duplicate resource error.

Default value: true

supplementary_groups

Data type: Any

A list of groups to which the user belongs. These groups are in addition to the primary group. Notice: This option only has an effect when manage_user is set to true.

Default value: []

manage_user

Data type: Boolean

When false, stops Puppet from creating the user resource. This is for instances when you have a user, created from another Puppet module, you want to use to run Apache. Without this parameter, attempting to use a previously established user would result in a duplicate resource error.

Default value: true

mod_dir

Data type: Any

Sets where Puppet places configuration files for your Apache modules.

Default value: $apache::params::mod_dir

mod_libs

Data type: Any

Allows the user to override default module library names.

include apache::params
class { 'apache':
  mod_libs => merge($::apache::params::mod_libs, {
    'wsgi' => 'mod_wsgi_python3.so',
  })
}

Default value: $apache::params::mod_libs

mod_packages

Data type: Any

Allows the user to override default module package names.

include apache::params
class { 'apache':
  mod_packages => merge($::apache::params::mod_packages, {
    'auth_kerb' => 'httpd24-mod_auth_kerb',
  })
}

Default value: $apache::params::mod_packages

mpm_module

Data type: Any

Determines which multi-processing module (MPM) is loaded and configured for the HTTPD process. Valid values are: event, itk, peruser, prefork, worker or false. You must set this to false to explicitly declare the following classes with custom parameters:

  • apache::mod::event
  • apache::mod::itk
  • apache::mod::peruser
  • apache::mod::prefork
  • apache::mod::worker

Default value: $apache::params::mpm_module

package_ensure

Data type: Any

Controls the package resource's ensure attribute. Valid values are: absent, installed (or equivalent present), or a version string.

Default value: 'installed'

pidfile

Data type: Any

Allows settting a custom location for the pid file. Useful if using a custom-built Apache rpm.

Default value: $apache::params::pidfile

ports_file

Data type: Any

Sets the path to the file containing Apache ports configuration.

Default value: $apache::params::ports_file

protocols

Data type: Array[Enum['h2', 'h2c', 'http/1.1']]

Sets the Protocols directive, which lists available protocols for the server.

Default value: []

protocols_honor_order

Data type: Optional[Boolean]

Sets the ProtocolsHonorOrder directive which determines whether the order of Protocols sets precedence during negotiation.

Default value: undef

purge_configs

Data type: Any

Removes all other Apache configs and virtual hosts. Setting this to false is a stopgap measure to allow the apache module to coexist with existing or unmanaged configurations. We recommend moving your configuration to resources within this module. For virtual host configurations, see purge_vhost_dir.

Default value: true

purge_vhost_dir

Data type: Any

If the vhost_dir parameter's value differs from the confd_dir parameter's, this parameter determines whether Puppet removes any configurations inside vhost_dir that are not managed by Puppet. Setting purge_vhost_dir to false is a stopgap measure to allow the apache module to coexist with existing or otherwise unmanaged configurations within vhost_dir.

Default value: undef

rewrite_lock

Data type: Optional[Stdlib::Absolutepath]

Allows setting a custom location for a rewrite lock - considered best practice if using a RewriteMap of type prg in the rewrites parameter of your virtual host. This parameter only applies to Apache version 2.2 or lower and is ignored on newer versions.

Default value: undef

sendfile

Data type: Enum['On', 'Off', 'on', 'off']

Forces Apache to use the Linux kernel's sendfile support to serve static files, via the EnableSendfile directive.

Default value: 'On'

serveradmin

Data type: Any

Sets the Apache server administrator's contact information via Apache's ServerAdmin directive.

Default value: 'root@localhost'

servername

Data type: Any

Sets the Apache server name via Apache's ServerName directive. Setting to false will not set ServerName at all.

Default value: $apache::params::servername

server_root

Data type: Any

Sets the Apache server's root directory via Apache's ServerRoot directive.

Default value: $apache::params::server_root

server_signature

Data type: Any

Configures a trailing footer line to display at the bottom of server-generated documents, such as error documents and output of certain Apache modules, via Apache's ServerSignature directive. Valid values are: On or Off.

Default value: 'On'

server_tokens

Data type: Any

Controls how much information Apache sends to the browser about itself and the operating system, via Apache's ServerTokens directive.

Default value: 'Prod'

service_enable

Data type: Boolean

Determines whether Puppet enables the Apache HTTPD service when the system is booted.

Default value: true

service_ensure

Data type: Any

Determines whether Puppet should make sure the service is running. Valid values are: true (or running) or false (or stopped). The false or stopped values set the 'httpd' service resource's ensure parameter to false, which is useful when you want to let the service be managed by another application, such as Pacemaker.

Default value: 'running'

service_name

Data type: Any

Sets the name of the Apache service.

Default value: $apache::params::service_name

service_manage

Data type: Boolean

Determines whether Puppet manages the HTTPD service's state.

Default value: true

service_restart

Data type: Any

Determines whether Puppet should use a specific command to restart the HTTPD service. Values: a command to restart the Apache service.

Default value: undef

timeout

Data type: Any

Sets Apache's TimeOut directive, which defines the number of seconds Apache waits for certain events before failing a request.

Default value: '60'

trace_enable

Data type: Any

Controls how Apache handles TRACE requests (per RFC 2616) via the TraceEnable directive.

Default value: 'On'

use_canonical_name

Data type: Optional[Enum['On', 'on', 'Off', 'off', 'DNS', 'dns']]

Controls Apache's UseCanonicalName directive which controls how Apache handles self-referential URLs. If not specified, this parameter omits the declaration from the server's configuration and uses Apache's default setting of 'off'.

Default value: undef

use_systemd

Data type: Any

Controls whether the systemd module should be installed on Centos 7 servers, this is especially useful if using custom-built RPMs.

Default value: $apache::params::use_systemd

file_mode

Data type: Any

Sets the desired permissions mode for config files. Valid values are: a string, with permissions mode in symbolic or numeric notation.

Default value: $apache::params::file_mode

root_directory_options

Data type: Any

Array of the desired options for the / directory in httpd.conf.

Default value: $apache::params::root_directory_options

root_directory_secured

Data type: Boolean

Sets the default access policy for the / directory in httpd.conf. A value of false allows access to all resources that are missing a more specific access policy. A value of true denies access to all resources by default. If true, more specific rules must be used to allow access to these resources (for example, in a directory block using the directories parameter).

Default value: false

vhost_dir

Data type: Any

Changes your virtual host configuration files' location.

Default value: $apache::params::vhost_dir

vhost_include_pattern

Data type: Any

Defines the pattern for files included from the vhost_dir. If set to a value like [^.#]\*.conf[^~] to make sure that files accidentally created in this directory (such as files created by version control systems or editor backups) are not included in your server configuration. Some operating systems use a value of *.conf. By default, this module creates configuration files ending in .conf.

Default value: $apache::params::vhost_include_pattern

user

Data type: Any

Changes the user that Apache uses to answer requests. Apache's parent process continues to run as root, but child processes access resources as the user defined by this parameter. To prevent Puppet from managing the user, set the manage_user parameter to false.

Default value: $apache::params::user

apache_name

Data type: Any

The name of the Apache package to install. If you are using a non-standard Apache package you might need to override the default setting. For CentOS/RHEL Software Collections (SCL), you can also use apache::version::scl_httpd_version.

Default value: $apache::params::apache_name

error_log

Data type: Any

The name of the error log file for the main server instance. If the string starts with /, |, or syslog: the full path is set. Otherwise, the filename is prefixed with $logroot.

Default value: $apache::params::error_log

scriptalias

Data type: Any

Directory to use for global script alias

Default value: $apache::params::scriptalias

access_log_file

Data type: Any

The name of the access log file for the main server instance.

Default value: $apache::params::access_log_file

limitreqfields

Data type: Any

The limitreqfields parameter sets the maximum number of request header fields in an HTTP request. This directive gives the server administrator greater control over abnormal client request behavior, which may be useful for avoiding some forms of denial-of-service attacks. The value should be increased if normal clients see an error response from the server that indicates too many fields were sent in the request.

Default value: '100'

limitreqfieldsize

Data type: Any

The limitreqfieldsize parameter sets the maximum ammount of bytes that will be allowed within a request header.

Default value: '8190'

ip

Data type: Any

Specifies the ip address

Default value: undef

purge_vdir

Data type: Any

Removes all other Apache configs and virtual hosts.

Note: This parameter is deprecated in favor of the purge_config parameter.

Default value: false

conf_enabled

Data type: Any

Whether the additional config files in /etc/apache2/conf-enabled should be managed.

Default value: $apache::params::conf_enabled

vhost_enable_dir

Data type: Any

Set's whether the vhost definitions will be stored in sites-availible and if they will be symlinked to and from sites-enabled.

Default value: $apache::params::vhost_enable_dir

mod_enable_dir

Data type: Any

Set's whether the mods-enabled directory should be managed.

Default value: $apache::params::mod_enable_dir

ssl_file

Data type: Any

This parameter allows you to set an ssl.conf file to be managed in order to implement an SSL Certificate.

Default value: undef

file_e_tag

Data type: Any

Sets the server default for the FileETag declaration, which modifies the response header field for static files.

Default value: undef

use_optional_includes

Data type: Boolean

Specifies whether Apache uses the IncludeOptional directive instead of Include for additional_includes in Apache 2.4 or newer.

Default value: $apache::params::use_optional_includes

mime_types_additional

Data type: Any

Specifies any idditional Internet media (mime) types that you wish to be configured.

Default value: $apache::params::mime_types_additional

apache::dev

The libraries installed depends on the dev_packages parameter of the apache::params class, based on your operating system:

  • Debian : libaprutil1-dev, libapr1-dev; apache2-dev
  • FreeBSD: undef; on FreeBSD, you must declare the apache::package or apache classes before declaring apache::dev.
  • Gentoo: undef.
  • Red Hat: httpd-devel.

apache::mod::actions

Installs Apache mod_actions

apache::mod::alias

Installs and configures mod_alias.

Parameters

The following parameters are available in the apache::mod::alias class:

apache_version

Data type: Any

The version of Apache, if not set will be retrieved from the init class.

Default value: undef

icons_options

Data type: Any

Disables directory listings for the icons directory, via Apache Options directive.

Default value: 'Indexes MultiViews'

icons_path

Data type: Any

Sets the local path for an /icons/ Alias. Default depends on operating system:

  • Debian: /usr/share/apache2/icons
  • FreeBSD: /usr/local/www/apache24/icons
  • Gentoo: /var/www/icons
  • Red Hat: /var/www/icons, except on Apache 2.4, where it's /usr/share/httpd/icons

Default value: $apache::params::alias_icons_path

icons_path

Change the alias for /icons/.

Default value: $apache::params::alias_icons_path

icons_prefix

Data type: Any

Default value: $apache::params::icons_prefix

apache::mod::apreq2

Installs mod_apreq2.

apache::mod::auth_basic

Installs mod_auth_basic

apache::mod::auth_cas

Installs and configures mod_auth_cas.

Parameters

The following parameters are available in the apache::mod::auth_cas class:

cas_login_url

Data type: String

Sets the URL to which the module redirects users when they attempt to access a CAS-protected resource and don't have an active session.

cas_validate_url

Data type: String

Sets the URL to use when validating a client-presented ticket in an HTTP query string.

cas_cookie_path

Data type: String

Sets the location where information on the current session should be stored. This should be writable by the web server only.

Default value: $apache::params::cas_cookie_path

cas_cookie_path_mode

Data type: Any

The mode of cas_cookie_path.

Default value: '0750'

cas_version

Data type: Any

The version of the CAS protocol to adhere to.

Default value: 2

cas_debug

Data type: Any

Whether to enable or disable debug mode.

Default value: 'Off'

cas_validate_server

Data type: Any

Whether to validate the presented certificate. This has been deprecated and removed from Version 1.1-RC1 onward.

Default value: undef

cas_validatedepth

The maximum depth for chained certificate validation.

cas_proxy_validate_url

Data type: Any

The URL to use when performing a proxy validation.

Default value: undef

cas_root_proxied_as

Data type: Any

Sets the URL end users see when access to this Apache server is proxied per vhost. This URL should not include a trailing slash.

Default value: undef

cas_cookie_entropy

Data type: Any

When creating a local session, this many random bytes are used to create a unique session identifier.

Default value: undef

cas_timeout

Data type: Any

The hard limit, in seconds, for a mod_auth_cas session.

Default value: undef

cas_idle_timeout

Data type: Any

The limit, in seconds, of how long a mod_auth_cas session can be idle.

Default value: undef

cas_cache_clean_interval

Data type: Any

The minimum amount of time that must pass inbetween cache cleanings.

Default value: undef

cas_cookie_domain

Data type: Any

The value for the 'Domain=' parameter in the Set-Cookie header.

Default value: undef

cas_cookie_http_only

Data type: Any

Setting this flag prevents the mod_auth_cas cookies from being accessed by client side Javascript.

Default value: undef

cas_authoritative

Data type: Any

Determines whether an optional authorization directive is authoritative and thus binding.

Default value: undef

cas_validate_saml

Data type: Any

Parse response from CAS server for SAML.

Default value: undef

cas_sso_enabled

Data type: Any

Enables experimental support for single sign out (may mangle POST data).

Default value: undef

cas_attribute_prefix

Data type: Any

Adds a header with the value of this header being the attribute values when SAML validation is enabled.

Default value: undef

cas_attribute_delimiter

Data type: Any

Sets the delimiter between attribute values in the header created by cas_attribute_prefix.

Default value: undef

cas_scrub_request_headers

Data type: Any

Remove inbound request headers that may have special meaning within mod_auth_cas.

Default value: undef

suppress_warning

Data type: Any

Suppress warning about being on RedHat (mod_auth_cas package is now available in epel-testing repo).

Default value: false

cas_validate_depth

Data type: Any

Default value: undef

cas_certificate_path

Data type: Any

Default value: undef

apache::mod::auth_gssapi

Installs mod_auth_gsappi.

apache::mod::auth_kerb

Installs mod_auth_kerb

apache::mod::auth_mellon

Installs and configures mod_auth_mellon.

Parameters

The following parameters are available in the apache::mod::auth_mellon class:

mellon_cache_size

Data type: Any

Maximum number of sessions which can be active at once.

Default value: $apache::params::mellon_cache_size

mellon_lock_file

Data type: Any

Full path to a file used for synchronizing access to the session data.

Default value: $apache::params::mellon_lock_file

mellon_post_directory

Data type: Any

Full path of a directory where POST requests are saved during authentication.

Default value: $apache::params::mellon_post_directory

mellon_cache_entry_size

Data type: Any

Maximum size for a single session entry in bytes.

Default value: undef

mellon_post_ttl

Data type: Any

Delay in seconds before a saved POST request can be flushed.

Default value: undef

mellon_post_size

Data type: Any

Maximum size for saved POST requests.

Default value: undef

mellon_post_count

Data type: Any

Maximum amount of saved POST requests.

Default value: undef

apache::mod::auth_openidc

Installs and configures mod_auth_openidc.

apache::mod::authn_core

Installs mod_authn_core.

Parameters

The following parameters are available in the apache::mod::authn_core class:

apache_version

Data type: Any

The version of apache being run.

Default value: $apache::apache_version

apache::mod::authn_dbd

Installs mod_authn_dbd.

Parameters

The following parameters are available in the apache::mod::authn_dbd class:

authn_dbd_params

Data type: Any

The params needed for the mod to function.

authn_dbd_dbdriver

Data type: Any

Selects an apr_dbd driver by name.

Default value: 'mysql'

authn_dbd_query

Data type: Any

Default value: undef

authn_dbd_min

Data type: Any

Set the minimum number of connections per process.

Default value: '4'

authn_dbd_max

Data type: Any

Set the maximum number of connections per process.

Default value: '20'

authn_dbd_keep

Data type: Any

Set the maximum number of connections per process to be sustained.

Default value: '8'

authn_dbd_exptime

Data type: Any

Set the time to keep idle connections alive when the number of connections specified in DBDKeep has been exceeded.

Default value: '300'

authn_dbd_alias

Data type: Any

Sets an alias for `AuthnProvider.

Default value: undef

apache::mod::authn_file

Installs mod_authn_file.

apache::mod::authnz_ldap

Installs mod_authnz_ldap.

Parameters

The following parameters are available in the apache::mod::authnz_ldap class:

verify_server_cert

Data type: Boolean

Whether to force te verification of a server cert or not.

Default value: true

package_name

Data type: Any

The name of the ldap package.

Default value: undef

apache::mod::authnz_pam

Installs mod_authnz_pam.

apache::mod::authz_default

Installs and configures mod_authz_default.

Parameters

The following parameters are available in the apache::mod::authz_default class:

apache_version

Data type: Any

Version of Apache to install module on.

Default value: $apache::apache_version

apache::mod::authz_user

Installs mod_authz_user

apache::mod::autoindex

Installs mod_autoindex

Parameters

The following parameters are available in the apache::mod::autoindex class:

icons_prefix

Data type: Any

Default value: $apache::params::icons_prefix

apache::mod::cache

Installs mod_cache

apache::mod::cgi

Installs mod_cgi.

apache::mod::cgid

Installs mod_cgid.

apache::mod::cluster

Installs mod_cluster.

  • Note There is no official package available for mod_cluster, so you must make it available outside of the apache module. Binaries can be found here.

  • See also

Examples

class { '::apache::mod::cluster':
  ip                      => '172.17.0.1',
  allowed_network         => '172.17.0.',
  balancer_name           => 'mycluster',
  version                 => '1.3.1'
}

Parameters

The following parameters are available in the apache::mod::cluster class:

allowed_network

Data type: Any

Balanced members network.

balancer_name

Data type: Any

Name of balancer.

ip

Data type: Any

Specifies the IP address to listen to.

version

Data type: Any

Specifies the mod_cluster version. Version 1.3.0 or greater is required for httpd 2.4.

enable_mcpm_receive

Data type: Any

Whether MCPM should be enabled.

Default value: true

port

Data type: Any

mod_cluster listen port.

Default value: '6666'

keep_alive_timeout

Data type: Any

Specifies how long Apache should wait for a request, in seconds.

Default value: 60

manager_allowed_network

Data type: Any

Whether to allow the network to access the mod_cluster_manager.

Default value: '127.0.0.1'

max_keep_alive_requests

Data type: Any

Maximum number of requests kept alive.

Default value: 0

server_advertise

Data type: Any

Whether the server should advertise.

Default value: true

advertise_frequency

Data type: Any

Sets the interval between advertise messages in seconds.

Default value: undef

apache::mod::data

Installs and configures mod_data.

Parameters

The following parameters are available in the apache::mod::data class:

apache_version

Data type: Any

Version of Apache to install module on.

Default value: undef

apache::mod::dav

Installs mod_dav.

apache::mod::dav_fs

Installs mod_dav_fs.

apache::mod::dav_svn

Installs and configures mod_dav_svn.

Parameters

The following parameters are available in the apache::mod::dav_svn class:

authz_svn_enabled

Data type: Any

Specifies whether to install Apache mod_authz_svn

Default value: false

apache::mod::dbd

Installs mod_dbd.

Parameters

The following parameters are available in the apache::mod::dbd class:

apache_version

Used to verify that the Apache version you have requested is compatible with the module.

apache::mod::deflate

Installs and configures mod_deflate.

Parameters

The following parameters are available in the apache::mod::deflate class:

types

Data type: Any

An array of MIME types to be deflated. See https://www.iana.org/assignments/media-types/media-types.xhtml.

Default value: [ 'text/html text/plain text/xml', 'text/css', 'application/x-javascript application/javascript application/ecmascript', 'application/rss+xml', 'application/json', ]

notes

Data type: Any

A Hash where the key represents the type and the value represents the note name.

Default value: { 'Input' => 'instream', 'Output' => 'outstream', 'Ratio' => 'ratio', }

apache::mod::dev

Installs mod_dev.

  • Note This module is deprecated. Please use apache::dev.

apache::mod::dir

Installs and configures mod_dir.

  • TODO This sets the global DirectoryIndex directive, so it may be necessary to consider being able to modify the apache::vhost to declare DirectoryIndex statements in a vhost configuration

  • See also

Parameters

The following parameters are available in the apache::mod::dir class:

types

Specifies the text-based content types to compress.

indexes

Data type: Array[String]

Provides a string for the DirectoryIndex directive

Default value: ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml']

dir

Data type: Any

Default value: 'public_html'

apache::mod::disk_cache

Installs and configures mod_disk_cache.

Parameters

The following parameters are available in the apache::mod::disk_cache class:

cache_root

Data type: Any

Defines the name of the directory on the disk to contain cache files. Default depends on the Apache version and operating system:

  • Debian: /var/cache/apache2/mod_cache_disk
  • FreeBSD: /var/cache/mod_cache_disk
  • Red Hat, Apache 2.4: /var/cache/httpd/proxy
  • Red Hat, Apache 2.2: /var/cache/mod_proxy

Default value: undef

cache_ignore_headers

Data type: Any

Specifies HTTP header(s) that should not be stored in the cache.

Default value: undef

default_cache_enable

Data type: Boolean

Default value is true, which enables "CacheEnable disk /" in disk_cache.conf for the webserver. This would cache every request to apache by default for every vhost. If set to false the default cache all behaviour is supressed. You can then control this behaviour in individual vhosts by explicitly defining CacheEnable.

Default value: true

apache::mod::dumpio

Installs and configures mod_dumpio.

Examples

class{'apache':
  default_mods => false,
  log_level    => 'dumpio:trace7',
}
class{'apache::mod::dumpio':
  dump_io_input  => 'On',
  dump_io_output => 'Off',
}

Parameters

The following parameters are available in the apache::mod::dumpio class:

dump_io_input

Data type: Enum['Off', 'On', 'off', 'on']

Dump all input data to the error log

Default value: 'Off'

dump_io_output

Data type: Enum['Off', 'On', 'off', 'on']

Dump all output data to the error log

Default value: 'Off'

apache::mod::env

Installs mod_env.

apache::mod::event

Installs and configures mod_event.

Parameters

The following parameters are available in the apache::mod::event class:

startservers

Data type: Any

Sets the number of child server processes created at startup, via the module's StartServers directive. Setting this to false removes the parameter.

Default value: '2'

maxclients

Data type: Any

Apache 2.3.12 or older alias for the MaxRequestWorkers directive.

Default value: '150'

maxrequestworkers

Data type: Any

Sets the maximum number of connections Apache can simultaneously process, via the module's MaxRequestWorkers directive. Setting these to false removes the parameters.

Default value: undef

minsparethreads

Data type: Any

Sets the minimum number of idle threads, via the MinSpareThreads directive. Setting this to false removes the parameters.

Default value: '25'

maxsparethreads

Data type: Any

Sets the maximum number of idle threads, via the MaxSpareThreads directive. Setting this to false removes the parameters.

Default value: '75'

threadsperchild

Data type: Any

Number of threads created by each child process.

Default value: '25'

maxrequestsperchild

Data type: Any

Apache 2.3.8 or older alias for the MaxConnectionsPerChild directive.

Default value: '0'

maxconnectionsperchild

Data type: Any

Limit on the number of connections that an individual child server will handle during its life.

Default value: undef

serverlimit

Data type: Any

Limits the configurable number of processes via the ServerLimit directive. Setting this to false removes the parameter.

Default value: '25'

apache_version

Data type: Any

Version of Apache to install module on.

Default value: undef

threadlimit

Data type: Any

Limits the number of event threads via the module's ThreadLimit directive. Setting this to false removes the parameter.

Default value: '64'

listenbacklog

Data type: Any

Sets the maximum length of the pending connections queue via the module's ListenBackLog directive. Setting this to false removes the parameter.

Default value: '511'

apache::mod::expires

Installs and configures mod_expires.

Parameters

The following parameters are available in the apache::mod::expires class:

expires_active

Data type: Any

Enables generation of Expires headers.

Default value: true

expires_default

Data type: Any

Specifies the default algorithm for calculating expiration time using ExpiresByType syntax or interval syntax.

Default value: undef

expires_by_type

Data type: Any

Describes a set of MIME content-types and their expiration times. This should be used as an array of Hashes, with each Hash's key a valid MIME content-type (i.e. 'text/json') and its value following valid interval syntax.

Default value: undef

apache::mod::ext_filter

Installs and configures mod_ext_filter.

Examples

class { 'apache::mod::ext_filter':
  ext_filter_define => {
    'slowdown'       => 'mode=output cmd=/bin/cat preservescontentlength',
    'puppetdb-strip' => 'mode=output outtype=application/json cmd="pdb-resource-filter"',
  },
}

Parameters

The following parameters are available in the apache::mod::ext_filter class:

ext_filter_define

Data type: Optional[Hash]

Hash of filter names and their parameters.

Default value: undef

apache::mod::fastcgi

Installs mod_fastcgi.

apache::mod::fcgid

loaded first; Puppet will not automatically enable it if you set the fcgiwrapper parameter in apache::vhost. include apache::mod::fcgid

apache::vhost { 'example.org': docroot => '/var/www/html', directories => { path => '/var/www/html', fcgiwrapper => { command => '/usr/local/bin/fcgiwrapper', } }, }

Examples

The class does not individually parameterize all available options. Instead, configure mod_fcgid using the options hash.
class { 'apache::mod::fcgid':
  options => {
    'FcgidIPCDir'  => '/var/run/fcgidsock',
    'SharememPath' => '/var/run/fcgid_shm',
    'AddHandler'   => 'fcgid-script .fcgi',
  },
}
If you include apache::mod::fcgid, you can set the [FcgidWrapper][] per directory, per virtual host. The module must be

Parameters

The following parameters are available in the apache::mod::fcgid class:

expires_active

Enables generation of Expires headers.

expires_default

Default algorithm for calculating expiration time.

expires_by_type

Value of the Expires header configured by MIME type.

options

Data type: Any

Default value: {}

apache::mod::filter

Installs mod_filter.

apache::mod::geoip

Installs and configures mod_geoip.

Parameters

The following parameters are available in the apache::mod::geoip class:

enable

Data type: Any

Toggles whether to enable geoip.

Default value: false

db_file

Data type: Any

Path to database for GeoIP to use.

Default value: '/usr/share/GeoIP/GeoIP.dat'

flag

Data type: Any

Caching directive to use. Values: 'CheckCache', 'IndexCache', 'MemoryCache', 'Standard'.

Default value: 'Standard'

output

Data type: Any

Output variable locations. Values: 'All', 'Env', 'Request', 'Notes'.

Default value: 'All'

enable_utf8

Data type: Any

Changes the output from ISO88591 (Latin1) to UTF8.

Default value: undef

scan_proxy_headers

Data type: Any

Enables the GeoIPScanProxyHeaders option.

Default value: undef

scan_proxy_headers_field

Specifies the header mod_geoip uses to determine the client's IP address.

use_last_xforwarededfor_ip

Data type: Any

Determines whether to use the first or last IP address for the client's IP in a comma-separated list of IP addresses is found.

Default value: undef

scan_proxy_header_field

Data type: Any

Default value: undef

apache::mod::headers

Installs and configures mod_headers.

Parameters

The following parameters are available in the apache::mod::headers class:

apache_version

Version of Apache to install module on.

apache::mod::http2

Installs and configures mod_http2.

Parameters

The following parameters are available in the apache::mod::http2 class:

h2_copy_files

Data type: Optional[Boolean]

Determine file handling in responses.

Default value: undef

h2_direct

Data type: Optional[Boolean]

H2 Direct Protocol Switch.

Default value: undef

h2_early_hints

Data type: Optional[Boolean]

Determine sending of 103 status codes.

Default value: undef

h2_max_session_streams

Data type: Optional[Integer]

Sets maximum number of active streams per HTTP/2 session.

Default value: undef

h2_max_worker_idle_seconds

Data type: Optional[Integer]

Sets maximum number of seconds h2 workers remain idle until shut down.

Default value: undef

h2_max_workers

Data type: Optional[Integer]

Sets maximum number of worker threads to use per child process.

Default value: undef

h2_min_workers

Data type: Optional[Integer]

Sets minimal number of worker threads to use per child process.

Default value: undef

h2_modern_tls_only

Data type: Optional[Boolean]

Toggles the security checks on HTTP/2 connections in TLS mode

Default value: undef

h2_push

Data type: Optional[Boolean]

Toggles the usage of the HTTP/2 server push protocol feature.

Default value: undef

h2_push_diary_size

Data type: Optional[Integer]

Sets maximum number of HTTP/2 server pushes that are remembered per HTTP/2 connection.

Default value: undef

h2_priority

Require HTTP/2 connections to be "modern TLS" only

h2_push_resource

Data type: Array[String]

When added to a directory/location, HTTP/2 PUSHes will be attempted for all paths added via this directive

Default value: []

h2_serialize_headers

Data type: Optional[Boolean]

Toggles if HTTP/2 requests shall be serialized in HTTP/1.1 format for processing by httpd core or if received binary data shall be passed into the request_recs directly.

Default value: undef

h2_stream_max_mem_size

Data type: Optional[Integer]

Sets the maximum number of outgoing data bytes buffered in memory for an active streams.

Default value: undef

h2_tls_cool_down_secs

Data type: Optional[Integer]

Sets the number of seconds of idle time on a TLS connection before the TLS write size falls back to small (~1300 bytes) length.

Default value: undef

h2_tls_warm_up_size

Data type: Optional[Integer]

Sets the number of bytes to be sent in small TLS records (~1300 bytes) until doing maximum sized writes (16k) on https: HTTP/2 connections.

Default value: undef

h2_upgrade

Data type: Optional[Boolean]

Toggles the usage of the HTTP/1.1 Upgrade method for switching to HTTP/2.

Default value: undef

h2_window_size

Data type: Optional[Integer]

Sets the size of the window that is used for flow control from client to server and limits the amount of data the server has to buffer.

Default value: undef

apache_version

Data type: Optional[String]

Version of Apache to install module on.

Default value: undef

h2_push_priority

Data type: Array[String]

Default value: []

apache::mod::include

Installs mod_include.

apache::mod::info

Installs and configures mod_info.

Parameters

The following parameters are available in the apache::mod::info class:

allow_from

Data type: Any

Allowlist of IPv4 or IPv6 addresses or ranges that can access the info path.

Default value: ['127.0.0.1','::1']

apache_version

Data type: Any

Version of Apache to install module on.

Default value: undef

restrict_access

Data type: Any

Toggles whether to restrict access to info path. If false, the allow_from allowlist is ignored and any IP address can access the info path.

Default value: true

info_path

Data type: Any

Path on server to file containing server configuration information.

Default value: '/server-info'

apache::mod::intercept_form_submit

Installs mod_intercept_form_submit.

apache::mod::itk

Installs MPM mod_itk.

  • Note Unsupported platforms: CentOS: 8; RedHat: 8; SLES: all

  • See also

Parameters

The following parameters are available in the apache::mod::itk class:

startservers

Data type: Any

Number of child server processes created on startup.

Default value: '8'

minspareservers

Data type: Any

Minimum number of idle child server processes.

Default value: '5'

maxspareservers

Data type: Any

Maximum number of idle child server processes.

Default value: '20'

serverlimit

Data type: Any

Maximum configured value for MaxRequestWorkers for the lifetime of the Apache httpd process.

Default value: '256'

maxclients

Data type: Any

Limit on the number of simultaneous requests that will be served.

Default value: '256'

maxrequestsperchild

Data type: Any

Limit on the number of connections that an individual child server process will handle.

Default value: '4000'

enablecapabilities

Data type: Any

Drop most root capabilities in the parent process, and instead run as the user given by the User/Group directives with some extra capabilities (in particular setuid). Somewhat more secure, but can cause problems when serving from filesystems that do not honor capabilities, such as NFS.

Default value: undef

apache_version

Data type: Any

Used to verify that the Apache version you have requested is compatible with the module.

Default value: undef

apache::mod::jk

Installs mod_jk.

  • Note shm_file and log_file Depending on how these files are specified, the class creates their final path differently:

Relative path: prepends supplied path with logroot (see below) Absolute path or pipe: uses supplied path as-is

shm_file => 'shm_file'
# Ends up in
$shm_path = '/var/log/httpd/shm_file'

shm_file => '/run/shm_file'
# Ends up in
$shm_path = '/run/shm_file'

shm_file => '"|rotatelogs /var/log/httpd/mod_jk.log.%Y%m%d 86400 -180"'
# Ends up in
$shm_path = '"|rotatelogs /var/log/httpd/mod_jk.log.%Y%m%d 86400 -180"'

Examples

class { '::apache::mod::jk':
  ip                   => '192.168.2.15',
  workers_file         => 'conf/workers.properties',
  mount_file           => 'conf/uriworkermap.properties',
  shm_file             => 'run/jk.shm',
  shm_size             => '50M',
  workers_file_content => {
    <Content>
  },
}

Parameters

The following parameters are available in the apache::mod::jk class:

ip

Data type: Optional[String]

IP for binding to mod_jk. Useful when the binding address is not the primary network interface IP.

Default value: undef

port

Data type: Integer

Port for binding to mod_jk. Useful when something else, like a reverse proxy or cache, is receiving requests at port 80, then needs to forward them to Apache at a different port.

Default value: 80

add_listen

Data type: Boolean

Defines if a Listen directive according to parameters ip and port (see below), so that Apache listens to the IP/port combination and redirect to mod_jk. Useful when another Listen directive, like Listen *: or Listen , can conflict with the one necessary for mod_jk binding.

Default value: true

workers_file

Data type: Any

The name of a worker file for the Tomcat servlet containers.

Default value: undef

worker_property

Data type: Any

Enables setting worker properties inside Apache configuration file.

Default value: {}

logroot

Data type: Any

The base directory for shm_file and log_file is determined by the logroot parameter. If unspecified, defaults to apache::params::logroot. The default logroot is sane enough therefore it is not recommended to override it.

Default value: undef

shm_file

Data type: Any

Shared memory file name.

Default value: 'jk-runtime-status'

shm_size

Data type: Any

Size of the shared memory file name.

Default value: undef

mount_file

Data type: Any

File containing multiple mappings from a context to a Tomcat worker.

Default value: undef

mount_file_reload

Data type: Any

This directive configures the reload check interval in seconds.

Default value: undef

mount

Data type: Any

A mount point from a context to a Tomcat worker.

Default value: {}

un_mount

Data type: Any

An exclusion mount point from a context to a Tomcat worker.

Default value: {}

auto_alias

Data type: Any

Automatically Alias webapp context directories into the Apache document space

Default value: undef

mount_copy

Data type: Any

If this directive is set to "On" in some virtual server, the mounts from the global server will be copied to this virtual server, more precisely all mounts defined by JkMount or JkUnMount.

Default value: undef

worker_indicator

Data type: Any

Name of the Apache environment variable that can be used to set worker names in combination with SetHandler jakarta-servlet.

Default value: undef

watchdog_interval

Data type: Any

This directive configures the watchdog thread interval in seconds.

Default value: undef

log_file

Data type: Any

Full or server relative path to the mod_jk log file.

Default value: 'mod_jk.log'

log_level

Data type: Any

The mod_jk log level, can be debug, info, warn error or trace.

Default value: undef

log_stamp_format

Data type: Any

The mod_jk date log format, using an extended strftime syntax.

Default value: undef

request_log_format

Data type: Any

Request log format string.

Default value: undef

extract_ssl

Data type: Any

Turns on SSL processing and information gathering by mod_jk.

Default value: undef

https_indicator

Data type: Any

Name of the Apache environment variable that contains SSL indication.

Default value: undef

sslprotocol_indicator

Data type: Any

Name of the Apache environment variable that contains the SSL protocol name.

Default value: undef

certs_indicator

Data type: Any

Name of the Apache environment variable that contains SSL client certificates.

Default value: undef

cipher_indicator

Data type: Any

Name of the Apache environment variable that contains SSL client cipher.

Default value: undef

certchain_prefix

Data type: Any

Name of the Apache environment (prefix) that contains SSL client chain certificates.

Default value: undef

session_indicator

Data type: Any

Name of the Apache environment variable that contains SSL session.

Default value: undef

keysize_indicator

Data type: Any

Name of the Apache environment variable that contains SSL key size in use.

Default value: undef

local_name_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded local name.

Default value: undef

ignore_cl_indicator

Data type: Any

Name of the Apache environment variable which forces to ignore an existing Content-Length request header.

Default value: undef

local_addr_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded local IP address.

Default value: undef

local_port_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded local port.

Default value: undef

remote_host_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded remote (client) host name.

Default value: undef

remote_addr_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded remote (client) IP address.

Default value: undef

remote_port_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded remote (client) IP address.

Default value: undef

remote_user_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded user name.

Default value: undef

auth_type_indicator

Data type: Any

Name of the Apache environment variable which can be used to overwrite the forwarded authentication type.

Default value: undef

options

Data type: Any

Set one of more options to configure the mod_jk module.

Default value: []

env_var

Data type: Any

Adds a name and an optional default value of environment variable that should be sent to servlet-engine as a request attribute.

Default value: {}

strip_session

Data type: Any

If this directive is set to On in some virtual server, the session IDs ;jsessionid=... will be removed for URLs which are not forwarded but instead are handled by the local server.

Default value: undef

workers_file_content

Data type: Any

Each directive has the format worker..=. This maps as a hash of hashes, where the outer hash specifies workers, and each inner hash specifies each worker properties and values. Plus, there are two global directives, 'worker.list' and 'worker.maintain' For example, the workers file below should be parameterized as follows:

Worker file:

worker.list = status
worker.list = some_name,other_name

worker.maintain = 60

# Optional comment
worker.some_name.type=ajp13
worker.some_name.socket_keepalive=true

# I just like comments
worker.other_name.type=ajp12 (why would you?)
worker.other_name.socket_keepalive=false

Puppet file:

$workers_file_content = {
  worker_lists    => ['status', 'some_name,other_name'],
  worker_maintain => '60',
  some_name       => {
    comment          => 'Optional comment',
    type             => 'ajp13',
    socket_keepalive => 'true',
  },
  other_name      => {
    comment          => 'I just like comments',
    type             => 'ajp12',
    socket_keepalive => 'false',
  },
}

Default value: {}

mount_file_content

Data type: Any

Each directive has the format = . This maps as a hash of hashes, where the outer hash specifies workers, and each inner hash contains two items:

  • uri_list-an array with URIs to be mapped to the worker
  • comment-an optional string with a comment for the worker. For example, the mount file below should be parameterized as Figure 2:

Worker file:

# Worker 1
/context_1/ = worker_1
/context_1/* = worker_1

# Worker 2
/ = worker_2
/context_2/ = worker_2
/context_2/* = worker_2

Puppet file:

$mount_file_content = {
  worker_1 => {
    uri_list => ['/context_1/', '/context_1/*'],
    comment  => 'Worker 1',
  },
  worker_2 => {
    uri_list => ['/context_2/', '/context_2/*'],
    comment  => 'Worker 2',
  },
},

Default value: {}

location_list

Data type: Any

Default value: []

apache::mod::ldap

Installs and configures mod_ldap.

Examples

class { 'apache::mod::ldap':
  ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt',
  ldap_trusted_global_cert_type => 'CA_DER',
  ldap_trusted_mode             => 'TLS',
  ldap_shared_cache_size        => '500000',
  ldap_cache_entries            => '1024',
  ldap_cache_ttl                => '600',
  ldap_opcache_entries          => '1024',
  ldap_opcache_ttl              => '600',
}

Parameters

The following parameters are available in the apache::mod::ldap class:

apache_version

Data type: Any