From cedd45b63be89ea54bd2a596e6cd3a3f60d4faf8 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Mon, 10 Oct 2022 22:04:02 +0200 Subject: [PATCH] Drop Apache 2.2 support --- README.md | 1 - lib/facter/apache_version.rb | 29 --- manifests/balancer.pp | 14 +- manifests/default_mods.pp | 77 +++---- manifests/init.pp | 26 +-- manifests/mod.pp | 7 +- manifests/mod/alias.pp | 7 +- manifests/mod/authn_core.pp | 11 +- manifests/mod/authz_default.pp | 17 -- manifests/mod/data.pp | 11 +- manifests/mod/disk_cache.pp | 24 +- manifests/mod/event.pp | 26 +-- manifests/mod/http2.pp | 6 - manifests/mod/info.pp | 7 +- manifests/mod/itk.pp | 36 +-- manifests/mod/ldap.pp | 6 - manifests/mod/pagespeed.pp | 11 +- manifests/mod/prefork.pp | 39 +--- manifests/mod/proxy.pp | 9 +- manifests/mod/proxy_balancer.pp | 9 +- manifests/mod/proxy_html.pp | 4 +- manifests/mod/remoteip.pp | 10 - manifests/mod/ssl.pp | 40 +--- manifests/mod/status.pp | 18 +- manifests/mod/userdir.pp | 7 +- manifests/mod/version.pp | 17 -- manifests/mod/worker.pp | 41 +--- manifests/mpm.pp | 105 ++++----- manifests/params.pp | 52 +---- manifests/version.pp | 33 --- manifests/vhost.pp | 40 +--- spec/acceptance/class_spec.rb | 14 -- spec/acceptance/vhost_spec.rb | 9 +- spec/classes/apache_spec.rb | 150 +------------ spec/classes/mod/data_spec.rb | 11 - spec/classes/mod/disk_cache_spec.rb | 209 ++++-------------- spec/classes/mod/event_spec.rb | 67 ++---- spec/classes/mod/http2_spec.rb | 2 - spec/classes/mod/itk_spec.rb | 84 +------ spec/classes/mod/prefork_spec.rb | 70 +----- spec/classes/mod/remoteip_spec.rb | 10 - spec/classes/mod/ssl_spec.rb | 63 +----- spec/classes/mod/status_spec.rb | 26 +-- spec/classes/mod/worker_spec.rb | 68 +----- spec/defines/balancer_spec.rb | 7 +- spec/defines/vhost_spec.rb | 69 ------ spec/spec_helper_local.rb | 1 + .../facter/util/fact_apache_version_spec.rb | 40 ---- templates/httpd.conf.erb | 45 +--- templates/mod/_require.erb | 10 +- templates/mod/alias.conf.erb | 5 - templates/mod/event.conf.erb | 4 - templates/mod/http2.conf.erb | 40 ++-- templates/mod/info.conf.erb | 13 -- templates/mod/itk.conf.erb | 2 +- templates/mod/ldap.conf.erb | 7 - templates/mod/pagespeed.conf.erb | 15 -- templates/mod/proxy.conf.erb | 8 +- templates/mod/proxy_balancer.conf.erb | 8 +- templates/mod/security.conf.erb | 5 - templates/mod/ssl.conf.erb | 14 +- templates/mod/status.conf.erb | 4 - templates/mod/userdir.conf.erb | 10 - templates/mod/worker.conf.erb | 6 +- templates/vhost/_additional_includes.erb | 2 +- templates/vhost/_block.erb | 4 - templates/vhost/_directories.erb | 14 -- templates/vhost/_file_header.erb | 13 +- templates/vhost/_http2.erb | 40 ++-- templates/vhost/_logging.erb | 4 +- templates/vhost/_require.erb | 45 +--- templates/vhost/_ssl.erb | 8 +- 72 files changed, 277 insertions(+), 1689 deletions(-) delete mode 100644 lib/facter/apache_version.rb delete mode 100644 manifests/mod/authz_default.pp delete mode 100644 manifests/mod/version.pp delete mode 100644 spec/unit/facter/util/fact_apache_version_spec.rb diff --git a/README.md b/README.md index e38b2a2478..206b1d2092 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,6 @@ [aliased servers]: https://httpd.apache.org/docs/current/urlmapping.html [`AllowEncodedSlashes`]: https://httpd.apache.org/docs/current/mod/core.html#allowencodedslashes [`apache`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apache -[`apache_version`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apache_version [`apache::balancer`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachebalancer [`apache::balancermember`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachebalancermember [`apache::mod`]: https://forge.puppet.com/modules/puppetlabs/apache/reference#apachemod diff --git a/lib/facter/apache_version.rb b/lib/facter/apache_version.rb deleted file mode 100644 index 36a316f441..0000000000 --- a/lib/facter/apache_version.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: true - -Facter.add(:apache_version) do - confine kernel: ['FreeBSD', 'Linux'] - setcode do - apache_version = nil - - if Facter::Core::Execution.which('httpd') - apache_version = Facter::Core::Execution.execute('httpd -V 2>&1') - Facter.debug "Matching httpd '#{apache_version}'" - elsif Facter::Core::Execution.which('apache2') - apache_version = Facter::Core::Execution.execute('apache2 -V 2>&1') - Facter.debug "Matching apache2 '#{apache_version}'" - elsif Facter::Core::Execution.which('apachectl') - apache_version = Facter::Core::Execution.execute('apachectl -v 2>&1') - Facter.debug "Matching apachectl '#{apache_version}'" - elsif Facter::Core::Execution.which('apache2ctl') - apache_version = Facter::Core::Execution.execute('apache2ctl -v 2>&1') - Facter.debug "Matching apache2ctl '#{apache_version}'" - end - - unless apache_version.nil? - match = %r{^Server version: Apache\/(\d+.\d+(.\d+)?)}.match(apache_version) - unless match.nil? - match[1] - end - end - end -end diff --git a/manifests/balancer.pp b/manifests/balancer.pp index 71fdd81c6d..fdaf7b23cc 100644 --- a/manifests/balancer.pp +++ b/manifests/balancer.pp @@ -50,15 +50,13 @@ ) { include apache::mod::proxy_balancer - if versioncmp($apache::mod::proxy_balancer::apache_version, '2.4') >= 0 { - $lbmethod = $proxy_set['lbmethod'] ? { - undef => 'byrequests', - default => $proxy_set['lbmethod'], - } - ensure_resource('apache::mod', "lbmethod_${lbmethod}", { - 'loadfile_name' => "proxy_balancer_lbmethod_${lbmethod}.load" - }) + $lbmethod = $proxy_set['lbmethod'] ? { + undef => 'byrequests', + default => $proxy_set['lbmethod'], } + ensure_resource('apache::mod', "lbmethod_${lbmethod}", { + 'loadfile_name' => "proxy_balancer_lbmethod_${lbmethod}.load" + }) if $target { $_target = $target diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index 22ee2c95eb..a6dfd368cf 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -5,7 +5,6 @@ class apache::default_mods ( Boolean $all = true, Optional[Variant[Array[String], String]] $mods = undef, - String $apache_version = $apache::apache_version, Boolean $use_systemd = $apache::use_systemd, ) { # These are modules required to run the default configuration. @@ -14,19 +13,13 @@ case $facts['os']['family'] { 'redhat': { ::apache::mod { 'log_config': } - if versioncmp($apache_version, '2.4') >= 0 { - # Lets fork it - # Do not try to load mod_systemd on RHEL/CentOS 6 SCL. - if ( !($facts['os']['family'] == 'redhat' and versioncmp($facts['os']['release']['major'], '7') == -1) and !($facts['os']['name'] == 'Amazon') ) { - if ($use_systemd) { - ::apache::mod { 'systemd': } - } - } - if ($facts['os']['name'] == 'Amazon' and $facts['os']['release']['full'] == '2') { - ::apache::mod { 'systemd': } - } - ::apache::mod { 'unixd': } + if $facts['os']['name'] != 'Amazon' and $use_systemd { + ::apache::mod { 'systemd': } } + if ($facts['os']['name'] == 'Amazon' and $facts['os']['release']['full'] == '2') { + ::apache::mod { 'systemd': } + } + ::apache::mod { 'unixd': } } 'freebsd': { ::apache::mod { 'log_config': } @@ -49,9 +42,6 @@ 'debian': { include apache::mod::authn_core include apache::mod::reqtimeout - if versioncmp($apache_version, '2.4') < 0 { - ::apache::mod { 'authn_alias': } - } } 'redhat': { include apache::mod::actions @@ -63,7 +53,6 @@ include apache::mod::rewrite include apache::mod::speling include apache::mod::suexec - include apache::mod::version include apache::mod::vhost_alias ::apache::mod { 'auth_digest': } ::apache::mod { 'authn_anon': } @@ -75,11 +64,6 @@ ::apache::mod { 'logio': } ::apache::mod { 'substitute': } ::apache::mod { 'usertrack': } - - if versioncmp($apache_version, '2.4') < 0 { - ::apache::mod { 'authn_alias': } - ::apache::mod { 'authn_default': } - } } 'freebsd': { include apache::mod::actions @@ -92,7 +76,6 @@ include apache::mod::reqtimeout include apache::mod::rewrite include apache::mod::userdir - include apache::mod::version include apache::mod::vhost_alias include apache::mod::speling include apache::mod::filter @@ -141,45 +124,37 @@ include apache::mod::setenvif include apache::mod::auth_basic - if versioncmp($apache_version, '2.4') >= 0 { - # filter is needed by mod_deflate - include apache::mod::filter + # filter is needed by mod_deflate + include apache::mod::filter - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - - # lots of stuff seems to break without access_compat - ::apache::mod { 'access_compat': } - } else { - include apache::mod::authz_default + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', } + # lots of stuff seems to break without access_compat + ::apache::mod { 'access_compat': } + include apache::mod::authz_user include apache::mod::authz_groupfile include apache::mod::env } elsif $mods { ::apache::default_mods::load { $mods: } - if versioncmp($apache_version, '2.4') >= 0 { - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - - # filter is needed by mod_deflate - include apache::mod::filter + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', } - } else { - if versioncmp($apache_version, '2.4') >= 0 { - # authz_core is needed for 'Require' directive - ::apache::mod { 'authz_core': - id => 'authz_core_module', - } - # filter is needed by mod_deflate - include apache::mod::filter + # filter is needed by mod_deflate + include apache::mod::filter + } else { + # authz_core is needed for 'Require' directive + ::apache::mod { 'authz_core': + id => 'authz_core_module', } + + # filter is needed by mod_deflate + include apache::mod::filter } } diff --git a/manifests/init.pp b/manifests/init.pp index 8010f1690e..a7c6f10319 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -16,11 +16,6 @@ # responses to URLs containing '\' and '/' characters. If not specified, this parameter omits # the declaration from the server's configuration and uses Apache's default setting of 'off'. # -# @param apache_version -# Configures module template behavior, package names, and default Apache modules by defining -# the version of Apache to use. We do not recommend manually configuring this parameter -# without reason. -# # @param conf_dir # Sets the directory where the Apache server's main configuration file is located. # @@ -48,7 +43,7 @@ # on your operating system, and you can declare any other modules separately using the # `apache::mod::` class or `apache::mod` defined type.
# If `true`, Puppet installs additional modules, depending on the operating system and -# the values of `apache_version` and `mpm_module` parameters. Because these lists of +# the value of the `mpm_module` parameter. Because these lists of # modules can change frequently, consult the Puppet module's code for up-to-date lists.
# If this parameter contains an array, Puppet instead enables all passed Apache modules. # @@ -307,11 +302,6 @@ # Setting `purge_vhost_dir` to `false` is a stopgap measure to allow the apache module to # coexist with existing or otherwise unmanaged configurations within `vhost_dir`. # -# @param rewrite_lock -# Allows setting a custom location for a rewrite lock - considered best practice if using -# a RewriteMap of type prg in the `rewrites` parameter of your virtual host. This parameter -# only applies to Apache version 2.2 or lower and is ignored on newer versions. -# # @param sendfile # Forces Apache to use the Linux kernel's `sendfile` support to serve static files, via the # `EnableSendfile` directive. @@ -512,12 +502,11 @@ String $vhost_include_pattern = $apache::params::vhost_include_pattern, Stdlib::Absolutepath $mod_dir = $apache::params::mod_dir, Optional[Stdlib::Absolutepath] $mod_enable_dir = $apache::params::mod_enable_dir, - Variant[Boolean, String] $mpm_module = $apache::params::mpm_module, + Variant[Boolean, Enum['event', 'itk', 'peruser', 'prefork', 'worker']] $mpm_module = $apache::params::mpm_module, String $lib_path = $apache::params::lib_path, String $conf_template = $apache::params::conf_template, Optional[String] $servername = $apache::params::servername, String $pidfile = $apache::params::pidfile, - Optional[Stdlib::Absolutepath] $rewrite_lock = undef, Boolean $manage_user = true, Boolean $manage_group = true, String $user = $apache::params::user, @@ -537,7 +526,6 @@ Optional[String] $ssl_file = undef, Stdlib::Absolutepath $ports_file = $apache::params::ports_file, Stdlib::Absolutepath $docroot = $apache::params::docroot, - String $apache_version = $apache::version::default, Apache::ServerTokens $server_tokens = 'Prod', Variant[Enum['On', 'Off'], String] $server_signature = 'On', Enum['On', 'Off', 'extended'] $trace_enable = 'On', @@ -557,11 +545,6 @@ Array[Enum['h2', 'h2c', 'http/1.1']] $protocols = [], Optional[Boolean] $protocols_honor_order = undef, ) inherits apache::params { - $valid_mpms_re = $apache_version ? { - '2.4' => '(event|itk|peruser|prefork|worker)', - default => '(event|itk|prefork|worker)' - } - if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '7' { # On redhat 7 the ssl.conf lives in /etc/httpd/conf.d (the confd_dir) # when all other module configs live in /etc/httpd/conf.modules.d (the @@ -578,10 +561,6 @@ } } - if $mpm_module and $mpm_module != 'false' { # lint:ignore:quoted_booleans - assert_type(Pattern[$valid_mpms_re], $mpm_module) - } - # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package. # NOTE: the same strategy may be introduced for other OSes. For this, you # should delete the 'if' block below and modify all MPM modules' manifests @@ -802,7 +781,6 @@ # - $server_tokens # - $server_signature # - $trace_enable - # - $rewrite_lock # - $root_directory_secured file { "${apache::conf_dir}/${apache::params::conf_file}": ensure => file, diff --git a/manifests/mod.pp b/manifests/mod.pp index 8118a55d54..7d354f87e7 100644 --- a/manifests/mod.pp +++ b/manifests/mod.pp @@ -84,12 +84,7 @@ if $package { $_package = $package } elsif has_key($mod_packages, $mod) { # 2.6 compatibility hack - if ($apache::apache_version == '2.4' and $facts['os']['name'] =~ /^[Aa]mazon$/ and $facts['os']['release']['major'] != '2') { - # On amazon linux we need to prefix our package name with mod24 instead of mod to support apache 2.4 - $_package = regsubst($mod_packages[$mod],'^(mod_)?(.*)','mod24_\2') - } else { - $_package = $mod_packages[$mod] - } + $_package = $mod_packages[$mod] } else { $_package = undef } diff --git a/manifests/mod/alias.pp b/manifests/mod/alias.pp index 1bc2064112..4c10a72c3b 100644 --- a/manifests/mod/alias.pp +++ b/manifests/mod/alias.pp @@ -1,9 +1,6 @@ # @summary # Installs and configures `mod_alias`. # -# @param apache_version -# The version of Apache, if not set will be retrieved from the init class. -# # @param icons_options # Disables directory listings for the icons directory, via Apache [Options](https://httpd.apache.org/docs/current/mod/core.html#options) # directive. @@ -22,17 +19,15 @@ # @see https://httpd.apache.org/docs/current/mod/mod_alias.html for additional documentation. # class apache::mod::alias ( - Optional[String] $apache_version = undef, String $icons_options = 'Indexes MultiViews', # set icons_path to false to disable the alias Variant[Boolean, Stdlib::Absolutepath] $icons_path = $apache::params::alias_icons_path, String $icons_prefix = $apache::params::icons_prefix ) inherits apache::params { include apache - $_apache_version = pick($apache_version, $apache::apache_version) apache::mod { 'alias': } - # Template uses $icons_path, $_apache_version + # Template uses $icons_path if $icons_path { file { 'alias.conf': ensure => file, diff --git a/manifests/mod/authn_core.pp b/manifests/mod/authn_core.pp index 6bbfc4aea1..06977ea6f0 100644 --- a/manifests/mod/authn_core.pp +++ b/manifests/mod/authn_core.pp @@ -1,15 +1,8 @@ # @summary # Installs `mod_authn_core`. # -# @param apache_version -# The version of apache being run. -# # @see https://httpd.apache.org/docs/current/mod/mod_authn_core.html for additional documentation. # -class apache::mod::authn_core ( - Optional[String] $apache_version = $apache::apache_version -) { - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mod { 'authn_core': } - } +class apache::mod::authn_core { + ::apache::mod { 'authn_core': } } diff --git a/manifests/mod/authz_default.pp b/manifests/mod/authz_default.pp deleted file mode 100644 index ba886c2587..0000000000 --- a/manifests/mod/authz_default.pp +++ /dev/null @@ -1,17 +0,0 @@ -# @summary -# Installs and configures `mod_authz_default`. -# -# @param apache_version -# Version of Apache to install module on. -# -# @see https://httpd.apache.org/docs/current/mod/mod_authz_default.html for additional documentation. -# -class apache::mod::authz_default ( - Optional[String] $apache_version = $apache::apache_version -) { - if versioncmp($apache_version, '2.4') >= 0 { - warning('apache::mod::authz_default has been removed in Apache 2.4') - } else { - ::apache::mod { 'authz_default': } - } -} diff --git a/manifests/mod/data.pp b/manifests/mod/data.pp index 3dd63ea9fd..7cff7d8f09 100644 --- a/manifests/mod/data.pp +++ b/manifests/mod/data.pp @@ -1,18 +1,9 @@ # @summary # Installs and configures `mod_data`. # -# @param apache_version -# Version of Apache to install module on. -# # @see https://httpd.apache.org/docs/current/mod/mod_data.html for additional documentation. # -class apache::mod::data ( - Optional[String] $apache_version = undef, -) { +class apache::mod::data { include apache - $_apache_version = pick($apache_version, $apache::apache_version) - if versioncmp($_apache_version, '2.3') < 0 { - fail('mod_data is only available in Apache 2.3 and later') - } ::apache::mod { 'data': } } diff --git a/manifests/mod/disk_cache.pp b/manifests/mod/disk_cache.pp index 0ae3cd4261..17ea3ebfa4 100644 --- a/manifests/mod/disk_cache.pp +++ b/manifests/mod/disk_cache.pp @@ -6,8 +6,7 @@ # Default depends on the Apache version and operating system: # - Debian: /var/cache/apache2/mod_cache_disk # - FreeBSD: /var/cache/mod_cache_disk -# - Red Hat, Apache 2.4: /var/cache/httpd/proxy -# - Red Hat, Apache 2.2: /var/cache/mod_proxy +# - Red Hat: /var/cache/httpd/proxy # # @param cache_ignore_headers # Specifies HTTP header(s) that should not be stored in the cache. @@ -18,9 +17,9 @@ # You can then control this behaviour in individual vhosts by explicitly defining CacheEnable. # # @note -# Apache 2.2, mod_disk_cache installed. On Apache 2.4, mod_cache_disk installed. +# On Apache 2.4, mod_cache_disk installed. # -# @see https://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html for additional documentation. +# @see https://httpd.apache.org/docs/2.4/mod/mod_cache_disk.html for additional documentation. # class apache::mod::disk_cache ( Optional[Stdlib::Absolutepath] $cache_root = undef, @@ -30,28 +29,15 @@ include apache if $cache_root { $_cache_root = $cache_root - } - elsif versioncmp($apache::apache_version, '2.4') >= 0 { + } else { $_cache_root = $facts['os']['family'] ? { 'debian' => '/var/cache/apache2/mod_cache_disk', 'redhat' => '/var/cache/httpd/proxy', 'freebsd' => '/var/cache/mod_cache_disk', } } - else { - $_cache_root = $facts['os']['family'] ? { - 'debian' => '/var/cache/apache2/mod_disk_cache', - 'redhat' => '/var/cache/mod_proxy', - 'freebsd' => '/var/cache/mod_disk_cache', - } - } - if versioncmp($apache::apache_version, '2.4') >= 0 { - apache::mod { 'cache_disk': } - } - else { - apache::mod { 'disk_cache': } - } + apache::mod { 'cache_disk': } Class['apache::mod::cache'] -> Class['apache::mod::disk_cache'] diff --git a/manifests/mod/event.pp b/manifests/mod/event.pp index 20464fe051..4a27e479bd 100644 --- a/manifests/mod/event.pp +++ b/manifests/mod/event.pp @@ -5,9 +5,6 @@ # Sets the number of child server processes created at startup, via the module's `StartServers` directive. Setting this to `false` # removes the parameter. # -# @param maxclients -# Apache 2.3.12 or older alias for the `MaxRequestWorkers` directive. -# # @param maxrequestworkers # Sets the maximum number of connections Apache can simultaneously process, via the module's `MaxRequestWorkers` directive. Setting # these to `false` removes the parameters. @@ -21,18 +18,12 @@ # @param threadsperchild # Number of threads created by each child process. # -# @param maxrequestsperchild -# Apache 2.3.8 or older alias for the `MaxConnectionsPerChild` directive. -# # @param maxconnectionsperchild # Limit on the number of connections that an individual child server will handle during its life. # # @param serverlimit # Limits the configurable number of processes via the `ServerLimit` directive. Setting this to `false` removes the parameter. # -# @param apache_version -# Version of Apache to install module on. -# # @param threadlimit # Limits the number of event threads via the module's `ThreadLimit` directive. Setting this to `false` removes the parameter. # @@ -48,22 +39,17 @@ # @note Unsupported platforms: SLES: all class apache::mod::event ( Variant[Integer, Boolean] $startservers = 2, - Variant[Integer, Boolean] $maxclients = 150, Optional[Variant[Integer, Boolean]] $maxrequestworkers = undef, Variant[Integer, Boolean] $minsparethreads = 25, Variant[Integer, Boolean] $maxsparethreads = 75, Variant[Integer, Boolean] $threadsperchild = 25, - Variant[Integer, Boolean] $maxrequestsperchild = 0, Optional[Variant[Integer, Boolean]] $maxconnectionsperchild = undef, Variant[Integer, Boolean] $serverlimit = 25, - Optional[String] $apache_version = undef, Variant[Integer, Boolean] $threadlimit = 64, Variant[Integer, Boolean] $listenbacklog = 511, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) - if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::event and apache::mod::itk on the same node') } @@ -84,11 +70,9 @@ # Template uses: # - $startservers - # - $maxclients # - $minsparethreads # - $maxsparethreads # - $threadsperchild - # - $maxrequestsperchild # - $serverlimit file { "${apache::mod_dir}/event.conf": ensure => file, @@ -100,16 +84,8 @@ } case $facts['os']['family'] { - 'redhat': { - if versioncmp($_apache_version, '2.4') >= 0 { - apache::mpm { 'event': - apache_version => $_apache_version, - } - } - } - 'debian', 'freebsd' : { + 'redhat', 'debian', 'freebsd' : { apache::mpm { 'event': - apache_version => $_apache_version, } } 'gentoo': { diff --git a/manifests/mod/http2.pp b/manifests/mod/http2.pp index c5d6549419..54323a67bf 100644 --- a/manifests/mod/http2.pp +++ b/manifests/mod/http2.pp @@ -60,9 +60,6 @@ # Sets the size of the window that is used for flow control from client to server and limits # the amount of data the server has to buffer. # -# @param apache_version -# Version of Apache to install module on. -# # @see https://httpd.apache.org/docs/current/mod/mod_http2.html for additional documentation. # class apache::mod::http2 ( @@ -84,13 +81,10 @@ Optional[Integer] $h2_tls_warm_up_size = undef, Optional[Boolean] $h2_upgrade = undef, Optional[Integer] $h2_window_size = undef, - Optional[String] $apache_version = undef, ) { include apache apache::mod { 'http2': } - $_apache_version = pick($apache_version, $apache::apache_version) - file { 'http2.conf': ensure => file, content => template('apache/mod/http2.conf.erb'), diff --git a/manifests/mod/info.pp b/manifests/mod/info.pp index abb5bb6404..0735a5fc47 100644 --- a/manifests/mod/info.pp +++ b/manifests/mod/info.pp @@ -4,9 +4,6 @@ # @param allow_from # Allowlist of IPv4 or IPv6 addresses or ranges that can access the info path. # -# @param apache_version -# Version of Apache to install module on. -# # @param restrict_access # Toggles whether to restrict access to info path. If `false`, the `allow_from` allowlist is ignored and any IP address can # access the info path. @@ -18,12 +15,10 @@ # class apache::mod::info ( Array[Stdlib::IP::Address] $allow_from = ['127.0.0.1', '::1'], - Optional[String] $apache_version = undef, Boolean $restrict_access = true, Stdlib::Unixpath $info_path = '/server-info', ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) if $facts['os']['family'] == 'Suse' { if defined(Class['apache::mod::worker']) { @@ -38,7 +33,7 @@ ::apache::mod { 'info': } } - # Template uses $allow_from, $_apache_version + # Template uses $allow_from file { 'info.conf': ensure => file, path => "${apache::mod_dir}/info.conf", diff --git a/manifests/mod/itk.pp b/manifests/mod/itk.pp index 393e03150d..5d67e52a79 100644 --- a/manifests/mod/itk.pp +++ b/manifests/mod/itk.pp @@ -24,9 +24,6 @@ # capabilities (in particular setuid). Somewhat more secure, but can cause problems when serving from filesystems that do not honor # capabilities, such as NFS. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @see http://mpm-itk.sesse.net for additional documentation. # @note Unsupported platforms: CentOS: 8; RedHat: 8, 9; SLES: all class apache::mod::itk ( @@ -37,32 +34,23 @@ Integer $maxclients = 256, Integer $maxrequestsperchild = 4000, Optional[Variant[Boolean, String]] $enablecapabilities = undef, - Optional[String] $apache_version = undef, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) - if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::itk and apache::mod::event on the same node') } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::itk and apache::mod::peruser on the same node') } - if versioncmp($_apache_version, '2.4') < 0 { + # prefork is a requirement for itk in 2.4; except on FreeBSD and Gentoo, which are special + if $facts['os']['family'] =~ /^(FreeBSD|Gentoo)/ { if defined(Class['apache::mod::prefork']) { fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') } } else { - # prefork is a requirement for itk in 2.4; except on FreeBSD and Gentoo, which are special - if $facts['os']['family'] =~ /^(FreeBSD|Gentoo)/ { - if defined(Class['apache::mod::prefork']) { - fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') - } - } else { - if ! defined(Class['apache::mod::prefork']) { - include apache::mod::prefork - } + if ! defined(Class['apache::mod::prefork']) { + include apache::mod::prefork } } if defined(Class['apache::mod::worker']) { @@ -95,25 +83,11 @@ package { 'httpd-itk': ensure => present, } - if versioncmp($_apache_version, '2.4') >= 0 { - ::apache::mpm { 'itk': - apache_version => $_apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd itk enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => 'HTTPD=/usr/sbin/httpd.itk', - match => '#?HTTPD=/usr/sbin/httpd.itk', - require => Package['httpd'], - notify => Class['apache::service'], - } + ::apache::mpm { 'itk': } } 'debian', 'freebsd': { apache::mpm { 'itk': - apache_version => $_apache_version, } } 'gentoo': { diff --git a/manifests/mod/ldap.pp b/manifests/mod/ldap.pp index 14dcd7048b..e800bc7396 100644 --- a/manifests/mod/ldap.pp +++ b/manifests/mod/ldap.pp @@ -1,9 +1,6 @@ # @summary # Installs and configures `mod_ldap`. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param package_name # Specifies the custom package name. # @@ -49,7 +46,6 @@ # @see https://httpd.apache.org/docs/current/mod/mod_ldap.html for additional documentation. # @note Unsupported platforms: CentOS: 8; RedHat: 8, 9 class apache::mod::ldap ( - Optional[String] $apache_version = undef, Optional[String] $package_name = undef, Optional[String] $ldap_trusted_global_cert_file = undef, String $ldap_trusted_global_cert_type = 'CA_BASE64', @@ -62,11 +58,9 @@ String $ldap_path = '/ldap-status', ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) ::apache::mod { 'ldap': package => $package_name, } - # Template uses $_apache_version file { 'ldap.conf': ensure => file, path => "${apache::mod_dir}/ldap.conf", diff --git a/manifests/mod/pagespeed.pp b/manifests/mod/pagespeed.pp index 117d8fb887..2ea329aa43 100644 --- a/manifests/mod/pagespeed.pp +++ b/manifests/mod/pagespeed.pp @@ -106,8 +106,6 @@ # @param additional_configuration # Any additional configuration no included as it's own option # -# @param apache_version -# # @param package_ensure # # @example @@ -190,22 +188,15 @@ Array $allow_pagespeed_message = [], Integer $message_buffer_size = 100000, Variant[Array, Hash] $additional_configuration = {}, - Optional[String] $apache_version = undef, Optional[String] $package_ensure = undef, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) - $_lib = $_apache_version ? { - '2.4' => 'mod_pagespeed_ap24.so', - default => undef - } apache::mod { 'pagespeed': - lib => $_lib, + lib => 'mod_pagespeed_ap24.so', package_ensure => $package_ensure, } - # Template uses $_apache_version file { 'pagespeed.conf': ensure => file, path => "${apache::mod_dir}/pagespeed.conf", diff --git a/manifests/mod/prefork.pp b/manifests/mod/prefork.pp index f58c7007ef..bca367bfb1 100644 --- a/manifests/mod/prefork.pp +++ b/manifests/mod/prefork.pp @@ -25,9 +25,6 @@ # @param maxconnectionsperchild # Limit on the number of connections that an individual child server will handle during its life. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param listenbacklog # Maximum length of the queue of pending connections. # @@ -42,19 +39,12 @@ Optional[Integer] $maxrequestworkers = undef, Integer $maxrequestsperchild = 4000, Optional[Integer] $maxconnectionsperchild = undef, - Optional[String] $apache_version = undef, Integer $listenbacklog = 511 ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::prefork and apache::mod::event on the same node') } - if versioncmp($_apache_version, '2.4') < 0 { - if defined(Class['apache::mod::itk']) { - fail('May not include both apache::mod::prefork and apache::mod::itk on the same node') - } - } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::prefork and apache::mod::peruser on the same node') } @@ -62,14 +52,6 @@ fail('May not include both apache::mod::prefork and apache::mod::worker on the same node') } - if versioncmp($_apache_version, '2.3.13') < 0 { - if $maxrequestworkers == undef { - warning("For newer versions of Apache, \$maxclients is deprecated, please use \$maxrequestworkers.") - } elsif $maxconnectionsperchild == undef { - warning("For newer versions of Apache, \$maxrequestsperchild is deprecated, please use \$maxconnectionsperchild.") - } - } - File { owner => 'root', group => $apache::params::root_group, @@ -94,31 +76,12 @@ } case $facts['os']['family'] { - 'redhat': { - if versioncmp($_apache_version, '2.4') >= 0 { - ::apache::mpm { 'prefork': - apache_version => $_apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd prefork enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => '#HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - require => Package['httpd'], - notify => Class['apache::service'], - } - } - } - 'debian', 'freebsd': { + 'redhat', 'debian', 'freebsd': { ::apache::mpm { 'prefork': - apache_version => $_apache_version, } } 'Suse': { ::apache::mpm { 'prefork': - apache_version => $apache_version, lib_path => '/usr/lib64/apache2-prefork', } } diff --git a/manifests/mod/proxy.pp b/manifests/mod/proxy.pp index 35c44c22c7..a124fe9d24 100644 --- a/manifests/mod/proxy.pp +++ b/manifests/mod/proxy.pp @@ -7,9 +7,6 @@ # @param allow_from # List of IPs allowed to access proxy. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param package_name # Name of the proxy package to install. # @@ -26,8 +23,7 @@ # class apache::mod::proxy ( String $proxy_requests = 'Off', - Optional[String] $allow_from = undef, - Optional[String] $apache_version = undef, + Optional[Stdlib::IP::Address] $allow_from = undef, Optional[String] $package_name = undef, String $proxy_via = 'On', Optional[Variant[Integer[0],String]] $proxy_timeout = undef, @@ -35,11 +31,10 @@ ) { include apache $_proxy_timeout = $apache::timeout - $_apache_version = pick($apache_version, $apache::apache_version) ::apache::mod { 'proxy': package => $package_name, } - # Template uses $proxy_requests, $_apache_version + # Template uses $proxy_requests file { 'proxy.conf': ensure => file, path => "${apache::mod_dir}/proxy.conf", diff --git a/manifests/mod/proxy_balancer.pp b/manifests/mod/proxy_balancer.pp index de7947a4fc..65f136b6fa 100644 --- a/manifests/mod/proxy_balancer.pp +++ b/manifests/mod/proxy_balancer.pp @@ -10,23 +10,16 @@ # @param allow_from # List of IPs from which the balancer manager can be accessed. # -# @param apache_version -# Version of Apache to install module on. -# # @see https://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html for additional documentation. # class apache::mod::proxy_balancer ( Boolean $manager = false, Stdlib::Unixpath $manager_path = '/balancer-manager', Array[Stdlib::IP::Address] $allow_from = ['127.0.0.1', '::1'], - Optional[String] $apache_version = $apache::apache_version, ) { require apache::mod::proxy require apache::mod::proxy_http - if versioncmp($apache_version, '2.4') >= 0 { - ::apache::mod { 'slotmem_shm': } - } - + ::apache::mod { 'slotmem_shm': } ::apache::mod { 'proxy_balancer': } if $manager { include apache::mod::status diff --git a/manifests/mod/proxy_html.pp b/manifests/mod/proxy_html.pp index da57b5dbcf..54f49f7b54 100644 --- a/manifests/mod/proxy_html.pp +++ b/manifests/mod/proxy_html.pp @@ -36,9 +36,7 @@ $loadfiles = ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"] } } - if versioncmp($apache::apache_version, '2.4') >= 0 { - ::apache::mod { 'xml2enc': } - } + ::apache::mod { 'xml2enc': } } default: {} } diff --git a/manifests/mod/remoteip.pp b/manifests/mod/remoteip.pp index addc966fa8..e20eec5def 100644 --- a/manifests/mod/remoteip.pp +++ b/manifests/mod/remoteip.pp @@ -47,10 +47,6 @@ # that are trusted to set a valid value inside the specified header. See # `$trusted_proxy` for details. # -# @param apache_version -# A version string used to validate that your apache version supports -# `mod_remoteip`. If not specified, `$::apache::apache_version` is used. -# # @see https://httpd.apache.org/docs/current/mod/mod_remoteip.html for additional documentation. # class apache::mod::remoteip ( @@ -64,15 +60,9 @@ Optional[Array[Stdlib::Host]] $trusted_proxy = undef, Optional[Array[Stdlib::Host]] $trusted_proxy_ips = undef, Optional[Stdlib::Absolutepath] $trusted_proxy_list = undef, - Optional[String] $apache_version = undef, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) - if versioncmp($_apache_version, '2.4') < 0 { - fail('mod_remoteip is only available in Apache 2.4') - } - if $proxy_ips { deprecation('apache::mod::remoteip::proxy_ips', 'This parameter is deprecated, please use `internal_proxy`.') $_internal_proxy = $proxy_ips diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 2ee58dd2a9..f17a940188 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -75,9 +75,6 @@ # @param ssl_reload_on_change # Enable reloading of apache if the content of ssl files have changed. It only affects ssl files configured here and not vhost ones. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param package_name # Name of ssl package to install. # @@ -110,42 +107,12 @@ Boolean $ssl_stapling = false, Optional[String] $stapling_cache = undef, Optional[Boolean] $ssl_stapling_return_errors = undef, - Optional[String] $ssl_mutex = undef, + String $ssl_mutex = 'default', Boolean $ssl_reload_on_change = false, - Optional[String] $apache_version = undef, Optional[String] $package_name = undef, ) inherits apache::params { include apache include apache::mod::mime - $_apache_version = pick($apache_version, $apache::apache_version) - if $ssl_mutex { - $_ssl_mutex = $ssl_mutex - } else { - case $facts['os']['family'] { - 'debian': { - if versioncmp($_apache_version, '2.4') >= 0 { - $_ssl_mutex = 'default' - } else { - $_ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex" - } - } - 'redhat': { - $_ssl_mutex = 'default' - } - 'freebsd': { - $_ssl_mutex = 'default' - } - 'gentoo': { - $_ssl_mutex = 'default' - } - 'Suse': { - $_ssl_mutex = 'default' - } - default: { - fail("Unsupported osfamily ${$facts['os']['family']}, please explicitly pass in \$ssl_mutex") - } - } - } if $ssl_honorcipherorder =~ Boolean { $_ssl_honorcipherorder = $ssl_honorcipherorder @@ -185,9 +152,7 @@ } } - if versioncmp($_apache_version, '2.4') >= 0 { - include apache::mod::socache_shmcb - } + include apache::mod::socache_shmcb if $ssl_reload_on_change { [$ssl_cert, $ssl_key, $ssl_ca].each |$ssl_file| { @@ -222,7 +187,6 @@ # $ssl_mutex # $ssl_random_seed_bytes # $ssl_sessioncachetimeout - # $_apache_version file { 'ssl.conf': ensure => file, path => $apache::_ssl_file, diff --git a/manifests/mod/status.pp b/manifests/mod/status.pp index d9c741c23e..37b138a0a3 100644 --- a/manifests/mod/status.pp +++ b/manifests/mod/status.pp @@ -1,11 +1,6 @@ # @summary # Installs and configures `mod_status`. # -# @param allow_from -# Array of hosts, ip addresses, partial network numbers or networks, in CIDR notation specifying what hosts can view the special -# /server-status URL. Defaults to ['127.0.0.1', '::1']. -# > Creates Apache < 2.4 directive "Allow from". -# # @param requires # A Variant type that can be: # - String with: @@ -19,7 +14,6 @@ # - 'enforce' - Value => String 'Any', 'All' or 'None' # This encloses "Require" directives in "" block # Optional - If unspecified, "Require" directives follow current flow -# > Creates Apache >= 2.4 directives "Require" # # @param extended_status # Determines whether to track extended status information for each request, via the ExtendedStatus directive. @@ -27,33 +21,25 @@ # @param status_path # Path assigned to the Location directive which defines the URL to access the server status. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @example # # Simple usage allowing access from localhost and a private subnet # class { 'apache::mod::status': -# $allow_from => ['127.0.0.1', '10.10.10.10/24'], +# $requires => 'ip 127.0.0.1 ::1 10.10.10.10/24', # } # # @see http://httpd.apache.org/docs/current/mod/mod_status.html for additional documentation. # class apache::mod::status ( - Optional[Array] $allow_from = undef, Optional[Variant[String, Array, Hash]] $requires = undef, Enum['On', 'Off', 'on', 'off'] $extended_status = 'On', - Optional[String] $apache_version = undef, String $status_path = '/server-status', ) inherits apache::params { include apache - $_apache_version = pick($apache_version, $apache::apache_version) ::apache::mod { 'status': } - # Defaults for "Allow from" or "Require" directives - $allow_defaults = ['127.0.0.1', '::1'] $requires_defaults = 'ip 127.0.0.1 ::1' - # Template uses $allow_from, $extended_status, $_apache_version, $status_path + # Template uses $extended_status, $status_path file { 'status.conf': ensure => file, path => "${apache::mod_dir}/status.conf", diff --git a/manifests/mod/userdir.pp b/manifests/mod/userdir.pp index c26c33c200..ffd7942b06 100644 --- a/manifests/mod/userdir.pp +++ b/manifests/mod/userdir.pp @@ -13,9 +13,6 @@ # @param disable_root # Toggles whether to allow use of root directory. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param path # Path to directory or pattern from which to find user-specific directories. # @@ -38,7 +35,6 @@ Optional[String] $dir = undef, Optional[String[1]] $userdir = undef, Boolean $disable_root = true, - Optional[String] $apache_version = undef, String $path = '/home/*/public_html', Array[String] $overrides = ['FileInfo', 'AuthConfig', 'Limit', 'Indexes'], Array[String] $options = ['MultiViews', 'Indexes', 'SymLinksIfOwnerMatch', 'IncludesNoExec'], @@ -46,7 +42,6 @@ Optional[String] $custom_fragment = undef, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) if $home or $dir { $_home = $home ? { @@ -67,7 +62,7 @@ ::apache::mod { 'userdir': } - # Template uses $home, $dir, $disable_root, $_apache_version + # Template uses $home, $dir, $disable_root file { 'userdir.conf': ensure => file, path => "${apache::mod_dir}/userdir.conf", diff --git a/manifests/mod/version.pp b/manifests/mod/version.pp deleted file mode 100644 index 212ef4a7bd..0000000000 --- a/manifests/mod/version.pp +++ /dev/null @@ -1,17 +0,0 @@ -# @summary -# Installs `mod_version`. -# -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# -# @see https://httpd.apache.org/docs/current/mod/mod_version.html for additional documentation. -# -class apache::mod::version ( - Optional[String] $apache_version = $apache::apache_version -) { - if ($facts['os']['family'] == 'debian' and versioncmp($apache_version, '2.4') >= 0) { - warning("${module_name}: module version_module is built-in and can't be loaded") - } else { - ::apache::mod { 'version': } - } -} diff --git a/manifests/mod/worker.pp b/manifests/mod/worker.pp index 652f9606d0..ef6a97d7b2 100644 --- a/manifests/mod/worker.pp +++ b/manifests/mod/worker.pp @@ -4,12 +4,6 @@ # @param startservers # The number of child server processes created on startup # -# @param maxclients -# The max number of simultaneous requests that will be served. -# This is the old name and is still supported. The new name is -# MaxRequestWorkers as of 2.3.13. -# If maxrequestworkers is set, this value is ignored. -# # @param minsparethreads # Minimum number of idle threads to handle request spikes. # @@ -38,18 +32,13 @@ # @param listenbacklog # Maximum length of the queue of pending connections. # -# @param apache_version -# Used to verify that the Apache version you have requested is compatible with the module. -# # @param maxrequestworkers # Maximum number of connections that will be processed simultaneously -# if set, maxclients is ignored # # @see https://httpd.apache.org/docs/current/mod/worker.html for additional documentation. # class apache::mod::worker ( Integer $startservers = 2, - Integer $maxclients = 150, Integer $minsparethreads = 25, Integer $maxsparethreads = 75, Integer $threadsperchild = 25, @@ -57,11 +46,9 @@ Integer $serverlimit = 25, Integer $threadlimit = 64, Integer $listenbacklog = 511, - Optional[String] $apache_version = undef, - Optional[Integer] $maxrequestworkers = undef, + Integer $maxrequestworkers = 150, ) { include apache - $_apache_version = pick($apache_version, $apache::apache_version) if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::worker and apache::mod::event on the same node') @@ -83,7 +70,7 @@ # Template uses: # - $startservers - # - $maxclients + # - $maxrequestworkers # - $minsparethreads # - $maxsparethreads # - $threadsperchild @@ -100,33 +87,13 @@ } case $facts['os']['family'] { - 'redhat': { - if versioncmp($_apache_version, '2.4') >= 0 { - ::apache::mpm { 'worker': - apache_version => $_apache_version, - } - } - else { - file_line { '/etc/sysconfig/httpd worker enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => 'HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - require => Package['httpd'], - notify => Class['apache::service'], - } - } - } - - 'debian', 'freebsd': { + 'redhat', 'debian', 'freebsd': { ::apache::mpm { 'worker': - apache_version => $_apache_version, } } 'Suse': { ::apache::mpm { 'worker': - apache_version => $apache_version, - lib_path => '/usr/lib64/apache2-worker', + lib_path => '/usr/lib64/apache2-worker', } } diff --git a/manifests/mpm.pp b/manifests/mpm.pp index eb802889d9..24cef5608c 100644 --- a/manifests/mpm.pp +++ b/manifests/mpm.pp @@ -3,7 +3,6 @@ # @api private define apache::mpm ( String $lib_path = $apache::lib_path, - Optional[String] $apache_version = $apache::apache_version, ) { if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') @@ -18,32 +17,28 @@ if $facts['os']['family'] == 'Suse' { #mpms on Suse 12 don't use .so libraries so create a placeholder load file - if versioncmp($apache_version, '2.4') >= 0 { - file { "${mod_dir}/${mpm}.load": - ensure => file, - path => "${mod_dir}/${mpm}.load", - content => '', - require => [ - Package['httpd'], - Exec["mkdir ${mod_dir}"], - ], - before => File[$mod_dir], - notify => Class['apache::service'], - } + file { "${mod_dir}/${mpm}.load": + ensure => file, + path => "${mod_dir}/${mpm}.load", + content => '', + require => [ + Package['httpd'], + Exec["mkdir ${mod_dir}"], + ], + before => File[$mod_dir], + notify => Class['apache::service'], } } else { - if versioncmp($apache_version, '2.4') >= 0 { - file { "${mod_dir}/${mpm}.load": - ensure => file, - path => "${mod_dir}/${mpm}.load", - content => "LoadModule ${_id} ${_path}\n", - require => [ - Package['httpd'], - Exec["mkdir ${mod_dir}"], - ], - before => File[$mod_dir], - notify => Class['apache::service'], - } + file { "${mod_dir}/${mpm}.load": + ensure => file, + path => "${mod_dir}/${mpm}.load", + content => "LoadModule ${_id} ${_path}\n", + require => [ + Package['httpd'], + Exec["mkdir ${mod_dir}"], + ], + before => File[$mod_dir], + notify => Class['apache::service'], } } @@ -57,30 +52,20 @@ notify => Class['apache::service'], } - if versioncmp($apache_version, '2.4') >= 0 { - file { "${apache::mod_enable_dir}/${mpm}.load": - ensure => link, - target => "${apache::mod_dir}/${mpm}.load", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], - notify => Class['apache::service'], - } + file { "${apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${apache::mod_enable_dir}"], + before => File[$apache::mod_enable_dir], + notify => Class['apache::service'], + } - if $mpm == 'itk' { - file { "${lib_path}/mod_mpm_itk.so": - ensure => link, - target => "${lib_path}/mpm_itk.so", - require => Package['httpd'], - before => Class['apache::service'], - } - } - } else { - package { "apache2-mpm-${mpm}": - ensure => present, - before => [ - Class['apache::service'], - File[$apache::mod_enable_dir], - ], + if $mpm == 'itk' { + file { "${lib_path}/mod_mpm_itk.so": + ensure => link, + target => "${lib_path}/mpm_itk.so", + require => Package['httpd'], + before => Class['apache::service'], } } @@ -127,20 +112,18 @@ notify => Class['apache::service'], } - if versioncmp($apache_version, '2.4') >= 0 { - file { "${apache::mod_enable_dir}/${mpm}.load": - ensure => link, - target => "${apache::mod_dir}/${mpm}.load", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], - notify => Class['apache::service'], - } + file { "${apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${apache::mod_enable_dir}"], + before => File[$apache::mod_enable_dir], + notify => Class['apache::service'], + } - if $mpm == 'itk' { - file { "${lib_path}/mod_mpm_itk.so": - ensure => link, - target => "${lib_path}/mpm_itk.so", - } + if $mpm == 'itk' { + file { "${lib_path}/mod_mpm_itk.so": + ensure => link, + target => "${lib_path}/mpm_itk.so", } } diff --git a/manifests/params.pp b/manifests/params.pp index 6e6870a6ab..1d2068ad68 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -64,10 +64,7 @@ $conf_dir = "${httpd_dir}/conf" $confd_dir = "${httpd_dir}/conf.d" $puppet_ssl_dir = "${httpd_dir}/puppet_ssl" - $mod_dir = $facts['os']['release']['major'] ? { - '7' => "${httpd_dir}/conf.modules.d", - default => "${httpd_dir}/conf.d", - } + $mod_dir = "${httpd_dir}/conf.modules.d" $mod_enable_dir = undef $vhost_dir = "${httpd_dir}/conf.d" $vhost_enable_dir = undef @@ -106,14 +103,8 @@ $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' $docroot = "${httpd_root}/var/www/html" - $alias_icons_path = $facts['os']['release']['major'] ? { - '7' => "${httpd_root}/usr/share/httpd/icons", - default => '/var/www/icons', - } - $error_documents_path = $facts['os']['release']['major'] ? { - '7' => "${httpd_root}/usr/share/httpd/error", - default => '/var/www/error' - } + $alias_icons_path = "${httpd_root}/usr/share/httpd/icons" + $error_documents_path = "${httpd_root}/usr/share/httpd/error" if $facts['os']['family'] == 'RedHat' { $wsgi_socket_prefix = '/var/run/wsgi' } else { @@ -168,15 +159,7 @@ $confd_dir = "${httpd_dir}/conf.d" $puppet_ssl_dir = "${httpd_dir}/puppet_ssl" $conf_enabled = undef - if $facts['os']['name'] =~ /^[Aa]mazon$/ and $facts['os']['release']['major'] == '2' { - # Amazon Linux 2 uses the /conf.modules.d/ dir - $mod_dir = "${httpd_dir}/conf.modules.d" - } else { - $mod_dir = $facts['os']['release']['major'] ? { - '6' => "${httpd_dir}/conf.d", - default => "${httpd_dir}/conf.modules.d", - } - } + $mod_dir = "${httpd_dir}/conf.modules.d" $mod_enable_dir = undef $vhost_dir = "${httpd_dir}/conf.d" $vhost_enable_dir = undef @@ -208,19 +191,12 @@ 'auth_gssapi' => 'mod_auth_gssapi', 'auth_mellon' => 'mod_auth_mellon', 'auth_openidc' => 'mod_auth_openidc', - 'authnz_ldap' => $facts['os']['release']['major'] ? { - '6' => 'mod_authz_ldap', - default => 'mod_ldap', - }, + 'authnz_ldap' => 'mod_ldap', 'authnz_pam' => 'mod_authnz_pam', 'fcgid' => 'mod_fcgid', 'geoip' => 'mod_geoip', 'intercept_form_submit' => 'mod_intercept_form_submit', - 'ldap' => $facts['os']['release']['major'] ? { - '5' => undef, - '6' => undef, - default => 'mod_ldap', - }, + 'ldap' => 'mod_ldap', 'lookup_identity' => 'mod_lookup_identity', 'md' => 'mod_md', 'pagespeed' => 'mod-pagespeed-stable', @@ -230,10 +206,6 @@ # https://www.phusionpassenger.com/library/install/apache/install/oss/el7/ 'passenger' => 'mod_passenger', 'perl' => 'mod_perl', - 'php5' => $facts['os']['release']['major'] ? { - '5' => 'php53', - default => 'php', - }, 'phpXXX' => 'php', 'proxy_html' => 'mod_proxy_html', 'python' => 'mod_python', @@ -244,7 +216,6 @@ 'shibboleth' => 'shibboleth', 'ssl' => 'mod_ssl', 'wsgi' => $facts['os']['release']['major'] ? { - '6' => 'mod_wsgi', # RedHat6 '7' => 'mod_wsgi', # RedHat7 default => 'python3-mod_wsgi', # RedHat8+ }, @@ -256,7 +227,6 @@ $mod_libs = { 'nss' => 'libmodnss.so', 'wsgi' => $facts['os']['release']['major'] ? { - '6' => 'mod_wsgi.so', '7' => 'mod_wsgi.so', default => 'mod_wsgi_python3.so', }, @@ -269,14 +239,8 @@ $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' $docroot = '/var/www/html' - $alias_icons_path = $facts['os']['release']['major'] ? { - '6' => '/var/www/icons', - default => '/usr/share/httpd/icons', - } - $error_documents_path = $facts['os']['release']['major'] ? { - '6' => '/var/www/error', - default => '/usr/share/httpd/error', - } + $alias_icons_path = '/usr/share/httpd/icons' + $error_documents_path = '/usr/share/httpd/error' if $facts['os']['family'] == 'RedHat' { $wsgi_socket_prefix = '/var/run/wsgi' } else { diff --git a/manifests/version.pp b/manifests/version.pp index 2bd69b6842..8f96503045 100644 --- a/manifests/version.pp +++ b/manifests/version.pp @@ -6,37 +6,4 @@ Optional[String] $scl_httpd_version = undef, Optional[String] $scl_php_version = undef, ) { - case $facts['os']['family'] { - 'RedHat': { - if $scl_httpd_version { - $default = $scl_httpd_version - } - elsif ($facts['os']['name'] == 'Amazon' and $facts['os']['release']['major'] == '2') { - $default = '2.4' - } elsif $facts['os']['name'] == 'Fedora' or versioncmp($facts['os']['release']['major'], '7') >= 0 { - $default = '2.4' - } else { - $default = '2.2' - } - } - 'Debian': { - $default = '2.4' - } - 'FreeBSD': { - $default = '2.4' - } - 'Gentoo': { - $default = '2.4' - } - 'Suse': { - if ($facts['os']['name'] == 'SLES' and versioncmp($facts['os']['release']['major'], '12') >= 0) or ($facts['os']['name'] == 'OpenSuSE' and versioncmp($facts['os']['release']['major'], '42') >= 0) { - $default = '2.4' - } else { - $default = '2.2' - } - } - default: { - fail("Class['apache::version']: Unsupported osfamily: ${$facts['os']['family']}") - } - } } diff --git a/manifests/vhost.pp b/manifests/vhost.pp index a4db687704..2eeacb1f68 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -27,9 +27,6 @@ # default_ssl_vhost => false, # } # -# @param apache_version -# Apache's version number as a string, such as '2.2' or '2.4'. -# # @param access_log # Determines whether to configure `*_access.log` directives (`*_file`, `*_pipe`, or `*_syslog`). # @@ -1841,7 +1838,6 @@ Optional[String] $action = undef, Variant[Array[String], String] $additional_includes = [], Boolean $use_optional_includes = $apache::use_optional_includes, - Optional[String] $apache_version = $apache::apache_version, Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes = undef, Optional[Pattern[/^[\w-]+ [\w-]+$/]] $suexec_user_group = undef, @@ -2086,13 +2082,6 @@ } } - if versioncmp($apache_version, '2.4') >= 0 { - $error_log_format24 = $error_log_format - } - else { - $error_log_format24 = undef - } - if $modsec_audit_log == false { $modsec_audit_log_destination = undef } elsif $modsec_audit_log_file { @@ -2143,36 +2132,19 @@ ensure_resource('apache::listen', $listen_addr_port) } } - if ! $ip_based { - if $ensure == 'present' and (versioncmp($apache_version, '2.4') < 0) { - ensure_resource('apache::namevirtualhost', $nvh_addr_port) - } - } ## Create a default directory list if none defined if $directories { $_directories = $directories } elsif $docroot { - $_directory = { + $_directories = [{ provider => 'directory', path => $docroot, options => $options, allow_override => $override, directoryindex => $directoryindex, - } - - if versioncmp($apache_version, '2.4') >= 0 { - $_directory_version = { - require => 'all granted', - } - } else { - $_directory_version = { - order => 'allow,deny', - allow => 'from all', - } - } - - $_directories = [merge($_directory, $_directory_version)] + require => 'all granted', + }] } else { $_directories = undef } @@ -2239,7 +2211,6 @@ # - $serveradmin # - $protocols # - $protocols_honor_order - # - $apache_version # - $mdomain concat::fragment { "${name}-apache-header": target => "${priority_real}${filename}.conf", @@ -2309,7 +2280,6 @@ # Template uses: # - $_directories # - $docroot - # - $apache_version # - $shibboleth_enabled if $_directories and ! empty($_directories) and $ensure == 'present' { $_directories.each |Hash $directory| { @@ -2365,7 +2335,7 @@ # Template uses: # - $error_log - # - $error_log_format24 + # - $error_log_format # - $log_level # - $error_log_destination # - $log_level @@ -2410,7 +2380,6 @@ # Template uses: # - $block - # - $apache_version if $block and ! empty($block) { concat::fragment { "${name}-block": target => "${priority_real}${filename}.conf", @@ -2590,7 +2559,6 @@ # - $ssl_options # - $ssl_openssl_conf_cmd # - $ssl_stapling - # - $apache_version # - $mdomain if $ssl and $ensure == 'present' { include apache::mod::ssl diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index fa9d3a2f74..d87a9744e4 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -10,20 +10,6 @@ idempotent_apply(pp) end - describe 'apache_version fact' do - let(:result) do - apply_manifest('include apache', catch_failures: true) - version_check_pp = <<-MANIFEST - notice("apache_version = >${apache_version}<") - MANIFEST - apply_manifest(version_check_pp, catch_failures: true) - end - - it { - expect(result.stdout).to match(%r{apache_version = >#{apache_hash['version']}.*<}) - } - end - describe package(apache_hash['package_name']) do it { is_expected.to be_installed } end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 3c8ef66df8..fd412d9fff 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -326,14 +326,7 @@ class { 'apache': } pp_one = <<-MANIFEST class { 'apache': } - if versioncmp($apache_version, '2.4') >= 0 { - $_files_match_directory = [{ 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' }] - } else { - $_files_match_directory = [ - { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' }, - { 'path' => '/bar/bar.html', 'provider' => 'location', allow => [ 'from 127.0.0.1', ] }, - ] - } + $_files_match_directory = [{ 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' }] $_directories = [ { 'path' => '/var/www/files', }, diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index 46f7ff8a38..0d5cda12ae 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -65,18 +65,9 @@ it { is_expected.not_to contain_file("#{modname}.conf symlink") } end - context 'with Apache version < 2.4' do - let :params do - { apache_version: '2.2' } - end - - it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^Include "/etc/apache2/conf\.d/\*\.conf"$} } - end - - context 'with Apache version >= 2.4' do + context 'with use_optional_includes' do let :params do { - apache_version: '2.4', use_optional_includes: true, } end @@ -156,35 +147,6 @@ } end - describe "Check default type with Apache version < 2.2 when default_type => 'none'" do - let :params do - { - apache_version: '2.2', - default_type: 'none', - } - end - - it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^DefaultType none$} } - end - describe "Check default type with Apache version < 2.2 when default_type => 'text/plain'" do - let :params do - { - apache_version: '2.2', - default_type: 'text/plain', - } - end - - it { is_expected.to contain_file('/etc/apache2/apache2.conf').with_content %r{^DefaultType text/plain$} } - end - - describe 'Check default type with Apache version >= 2.4' do - let :params do - { apache_version: '2.4' } - end - - it { is_expected.to contain_file('/etc/apache2/apache2.conf').without_content %r{^DefaultType [.]*$} } - end - describe "Don't create user resource when parameter manage_user is false" do let :params do { manage_user: false } @@ -343,69 +305,18 @@ it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/mod\.d/\*\.conf"$} } it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/mod\.d/\*\.load"$} } end - describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.2', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } - end - describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do + describe 'Alternate confd/mod/vhosts directory' do let :params do { vhost_dir: '/etc/httpd/site.d', confd_dir: '/etc/httpd/conf.d', mod_dir: '/etc/httpd/mod.d', - apache_version: '2.4', use_optional_includes: true, } end it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^IncludeOptional "/etc/httpd/conf\.d/\*\.conf"$} } end - describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.2', - rewrite_lock: '/var/lock/subsys/rewrite-lock', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^RewriteLock /var/lock/subsys/rewrite-lock$} } - end - describe 'Alternate confd/mod/vhosts directory with Apache version < 2.4' do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.2', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^RewriteLock [.]*$} } - end - describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.4', - rewrite_lock: '/var/lock/subsys/rewrite-lock', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^RewriteLock [.]*$} } - end describe 'Alternate confd/mod/vhosts directory when specifying slash encoding behaviour' do let :params do { @@ -431,44 +342,6 @@ it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^AddDefaultCharset none$} } end - describe "Alternate confd/mod/vhosts directory with Apache version < 2.4 when default_type => 'none'" do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.2', - default_type: 'none', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^DefaultType none$} } - end - describe "Alternate confd/mod/vhosts directory with Apache version < 2.4 when default_type => 'text/plain'" do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.2', - default_type: 'text/plain', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^DefaultType text/plain$} } - end - describe 'Alternate confd/mod/vhosts directory with Apache version >= 2.4' do - let :params do - { - vhost_dir: '/etc/httpd/site.d', - confd_dir: '/etc/httpd/conf.d', - mod_dir: '/etc/httpd/mod.d', - apache_version: '2.4', - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').without_content %r{^DefaultType [.]*$} } - end describe 'Alternate conf directory' do let :params do @@ -639,12 +512,6 @@ it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups Double\n} } end - - context 'on Fedora 28' do - include_examples 'Fedora 28' - - it { is_expected.to contain_class('apache').with_apache_version('2.4') } - end end context 'on a FreeBSD OS' do include_examples 'FreeBSD 10' @@ -774,20 +641,9 @@ it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options -Indexes -FollowSymLinks} } end - context 'with a custom root_directory_secured parameter and Apache < 2.4' do - let :params do - { - apache_version: '2.2', - root_directory_secured: true, - } - end - - it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{Options FollowSymLinks\n\s+AllowOverride None\n\s+Order deny,allow\n\s+Deny from all} } - end - context 'with a custom root_directory_secured parameter and Apache >= 2.4' do + context 'with a custom root_directory_secured parameter' do let :params do { - apache_version: '2.4', root_directory_secured: true, } end diff --git a/spec/classes/mod/data_spec.rb b/spec/classes/mod/data_spec.rb index 52a19f057d..6456104120 100644 --- a/spec/classes/mod/data_spec.rb +++ b/spec/classes/mod/data_spec.rb @@ -5,18 +5,7 @@ describe 'apache::mod::data', type: :class do context 'on a Debian OS' do include_examples 'Debian 11' - let :params do - { apache_version: '2.4' } - end it { is_expected.to contain_apache__mod('data') } - - describe 'with Apache version < 2.3' do - let :params do - { apache_version: '2.2' } - end - - it { is_expected.to compile.and_raise_error(%r{mod_data is only available in Apache 2.3 and later}) } - end end end diff --git a/spec/classes/mod/disk_cache_spec.rb b/spec/classes/mod/disk_cache_spec.rb index 7164c424e8..d7dd466829 100644 --- a/spec/classes/mod/disk_cache_spec.rb +++ b/spec/classes/mod/disk_cache_spec.rb @@ -12,50 +12,22 @@ } end - context 'with Apache version < 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.2", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - - it { is_expected.to compile } - it { is_expected.to contain_class('apache::mod::disk_cache') } - it { is_expected.to contain_apache__mod('disk_cache') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/apache2\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } - end - context 'with Apache version >= 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - - it { is_expected.to compile } - it { is_expected.to contain_class('apache::mod::disk_cache') } - it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } - it { is_expected.to contain_apache__mod('cache_disk') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/apache2\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } - end + let :pre_condition do + 'class{ "apache": + default_mods => ["cache"], + mod_dir => "/tmp/junk", + }' + end + + it { is_expected.to compile } + it { is_expected.to contain_class('apache::mod::disk_cache') } + it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } + it { is_expected.to contain_apache__mod('cache_disk') } + it { + is_expected.to contain_file('disk_cache.conf') + .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/apache2\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) + } context 'with $default_cache_enable = false' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => false } } it { is_expected.to compile } @@ -68,14 +40,6 @@ } end context 'with $default_cache_enable = true' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => true } } it { is_expected.to compile } @@ -88,14 +52,6 @@ } end context 'with $default_cache_enable = foo' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => 'foo' } } it { is_expected.not_to compile } @@ -111,45 +67,20 @@ } end - context 'with Apache version < 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.2", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - - it { is_expected.to contain_apache__mod('disk_cache') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_proxy\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } + let :pre_condition do + 'class{ "apache": + default_mods => ["cache"], + mod_dir => "/tmp/junk", + }' end - context 'with Apache version >= 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - it { is_expected.to contain_apache__mod('cache_disk') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } - end - context 'with $default_cache_enable = false' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end + it { is_expected.to contain_apache__mod('cache_disk') } + it { + is_expected.to contain_file('disk_cache.conf') + .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/httpd\/proxy\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) + } + context 'with $default_cache_enable = false' do let(:params) { { 'default_cache_enable' => false } } it { is_expected.to compile } @@ -162,14 +93,6 @@ } end context 'with $default_cache_enable = true' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => true } } it { is_expected.to compile } @@ -182,14 +105,6 @@ } end context 'with $default_cache_enable = foo' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => 'foo' } } it { is_expected.not_to compile } @@ -204,51 +119,23 @@ } end - context 'with Apache version < 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.2", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - - it { is_expected.to compile } - it { is_expected.to contain_class('apache::mod::disk_cache') } - it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } - it { is_expected.to contain_apache__mod('disk_cache') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_disk_cache\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } + let :pre_condition do + 'class{ "apache": + default_mods => ["cache"], + mod_dir => "/tmp/junk", + }' end - context 'with Apache version >= 2.4' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - it { is_expected.to compile } - it { is_expected.to contain_class('apache::mod::disk_cache') } - it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } - it { is_expected.to contain_apache__mod('cache_disk') } - it { - is_expected.to contain_file('disk_cache.conf') - .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) - } - end - context 'with $default_cache_enable = false' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end + it { is_expected.to compile } + it { is_expected.to contain_class('apache::mod::disk_cache') } + it { is_expected.to contain_class('apache::mod::cache').that_comes_before('Class[Apache::Mod::Disk_cache]') } + it { is_expected.to contain_apache__mod('cache_disk') } + it { + is_expected.to contain_file('disk_cache.conf') + .with(content: %r{CacheEnable disk \/\nCacheRoot \"\/var\/cache\/mod_cache_disk\"\nCacheDirLevels 2\nCacheDirLength 1\nCacheIgnoreHeaders Set-Cookie}) + } + context 'with $default_cache_enable = false' do let(:params) { { 'default_cache_enable' => false } } it { is_expected.to compile } @@ -261,14 +148,6 @@ } end context 'with $default_cache_enable = true' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => true } } it { is_expected.to compile } @@ -281,14 +160,6 @@ } end context 'with $default_cache_enable = foo' do - let :pre_condition do - 'class{ "apache": - apache_version => "2.4", - default_mods => ["cache"], - mod_dir => "/tmp/junk", - }' - end - let(:params) { { 'default_cache_enable' => 'foo' } } it { is_expected.not_to compile } diff --git a/spec/classes/mod/event_spec.rb b/spec/classes/mod/event_spec.rb index 4ef8179545..2099bd5530 100644 --- a/spec/classes/mod/event_spec.rb +++ b/spec/classes/mod/event_spec.rb @@ -34,11 +34,9 @@ { serverlimit: 0, startservers: 1, - maxclients: 2, minsparethreads: 3, maxsparethreads: 4, threadsperchild: 5, - maxrequestsperchild: 6, threadlimit: 7, listenbacklog: 8, maxrequestworkers: 9, @@ -48,11 +46,9 @@ it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ServerLimit\s*0}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*StartServers\s*1}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxClients}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MinSpareThreads\s*3}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxSpareThreads\s*4}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadsPerChild\s*5}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestsPerChild}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadLimit\s*7}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ListenBacklog\s*8}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxRequestWorkers\s*9}) } @@ -64,11 +60,9 @@ { serverlimit: 0, startservers: 1, - maxclients: 2, minsparethreads: 3, maxsparethreads: 4, threadsperchild: 5, - maxrequestsperchild: 6, threadlimit: 7, listenbacklog: 8, maxrequestworkers: :undef, @@ -78,11 +72,9 @@ it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ServerLimit\s*0}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*StartServers\s*1}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxClients\s*2}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MinSpareThreads\s*3}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxSpareThreads\s*4}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadsPerChild\s*5}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*MaxRequestsPerChild\s*6}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ThreadLimit\s*7}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').with_content(%r{^\s*ListenBacklog\s*8}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestWorkers}) } @@ -94,11 +86,9 @@ { serverlimit: false, startservers: false, - maxclients: false, minsparethreads: false, maxsparethreads: false, threadsperchild: false, - maxrequestsperchild: false, threadlimit: false, listenbacklog: false, maxrequestworkers: false, @@ -108,64 +98,33 @@ it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ServerLimit}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*StartServers}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxClients}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MinSpareThreads}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxSpareThreads}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ThreadsPerChild}) } - it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestsPerChild}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ThreadLimit}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*ListenBacklog}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxRequestWorkers}) } it { is_expected.to contain_file('/etc/apache2/mods-available/event.conf').with_ensure('file').without_content(%r{^\s*MaxConnectionsPerChild}) } end - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('/etc/apache2/mods-available/event.load') } - it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/event.load') } - - it { is_expected.to contain_package('apache2-mpm-event') } - end - - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - } - end - - it { - is_expected.to contain_file('/etc/apache2/mods-available/event.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n") - } - it { is_expected.to contain_file('/etc/apache2/mods-enabled/event.load').with_ensure('link') } - end + it { + is_expected.to contain_file('/etc/apache2/mods-available/event.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n") + } + it { is_expected.to contain_file('/etc/apache2/mods-enabled/event.load').with_ensure('link') } end context 'on a RedHat OS' do include_examples 'RedHat 8' - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - } - end - - it { is_expected.to contain_class('apache::params') } - it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.not_to contain_apache__mod('prefork') } + it { is_expected.to contain_class('apache::params') } + it { is_expected.not_to contain_apache__mod('worker') } + it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/event.conf').with_ensure('file') } + it { is_expected.to contain_file('/etc/httpd/conf.modules.d/event.conf').with_ensure('file') } - it { - is_expected.to contain_file('/etc/httpd/conf.modules.d/event.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n") - } - end + it { + is_expected.to contain_file('/etc/httpd/conf.modules.d/event.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n") + } end end diff --git a/spec/classes/mod/http2_spec.rb b/spec/classes/mod/http2_spec.rb index 347dcccad7..530ef32c35 100644 --- a/spec/classes/mod/http2_spec.rb +++ b/spec/classes/mod/http2_spec.rb @@ -49,8 +49,6 @@ h2_tls_warm_up_size: 0, h2_upgrade: false, h2_window_size: 128_000, - - apache_version: '2.4', } end diff --git a/spec/classes/mod/itk_spec.rb b/spec/classes/mod/itk_spec.rb index f981e8310f..3348a4e094 100644 --- a/spec/classes/mod/itk_spec.rb +++ b/spec/classes/mod/itk_spec.rb @@ -15,55 +15,21 @@ it { is_expected.to contain_file('/etc/apache2/mods-available/itk.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/itk.conf').with_ensure('link') } - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.load') } - it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/itk.load') } - - it { is_expected.to contain_package('apache2-mpm-itk') } - end - context 'with Apache version < 2.4 with enablecapabilities set' do - let :params do - { - apache_version: '2.2', - enablecapabilities: true, - } - end - - it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.conf').with_content(%r{EnableCapabilities}) } - end - - context 'with Apache version >= 2.4' do + context 'with prefork mpm' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end - let :params do - { - apache_version: '2.4', - } - end - it { is_expected.to contain_file('/etc/apache2/mods-available/itk.load').with('ensure' => 'file', 'content' => "LoadModule mpm_itk_module /usr/lib/apache2/modules/mod_mpm_itk.so\n") } it { is_expected.to contain_file('/etc/apache2/mods-enabled/itk.load').with_ensure('link') } end - context 'with Apache version >= 2.4 with enablecapabilities not set' do + context 'with enablecapabilities not set' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end - let :params do - { - apache_version: '2.4', - } - end it { is_expected.not_to contain_file('/etc/apache2/mods-available/itk.conf').with_content(%r{EnableCapabilities}) } end @@ -77,52 +43,23 @@ it { is_expected.to contain_file('/etc/httpd/conf.modules.d/itk.conf').with_ensure('file') } it { is_expected.to contain_package('httpd-itk') } - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { - is_expected.to contain_file_line('/etc/sysconfig/httpd itk enable').with('require' => 'Package[httpd]') - } - end - context 'with Apache version < 2.4 with enablecapabilities set' do - let :params do - { - apache_version: '2.2', - enablecapabilities: 'On', - } - end - - it { is_expected.not_to contain_file('/etc/httpd/conf.d/itk.conf').with_content(%r{EnableCapabilities}) } - end - - context 'with Apache version >= 2.4' do + context 'with prefork mpm' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end - let :params do - { - apache_version: '2.4', - } - end - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/itk.load').with('ensure' => 'file', 'content' => "LoadModule mpm_itk_module modules/mod_mpm_itk.so\n") } end - context 'with Apache version >= 2.4 with enablecapabilities set' do + context 'with enablecapabilities set' do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end let :params do { - apache_version: '2.4', enablecapabilities: false, } end @@ -143,20 +80,9 @@ it { is_expected.to contain_file('/usr/local/etc/apache24/Modules/itk.conf').with_ensure('file') } it { is_expected.to contain_package('www/mod_mpm_itk') } - context 'with Apache version < 2.4 with enablecapabilities not set' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('/usr/local/etc/apache24/Modules/itk.conf').with_content(%r{EnableCapabilities}) } - end - - context 'with Apache version >= 2.4 with enablecapabilities set' do + context 'with enablecapabilities set' do let :params do { - apache_version: '2.4', enablecapabilities: true, } end diff --git a/spec/classes/mod/prefork_spec.rb b/spec/classes/mod/prefork_spec.rb index d0c7fdfac2..fa3739239c 100644 --- a/spec/classes/mod/prefork_spec.rb +++ b/spec/classes/mod/prefork_spec.rb @@ -15,72 +15,22 @@ it { is_expected.to contain_file('/etc/apache2/mods-available/prefork.conf').with_ensure('file') } it { is_expected.to contain_file('/etc/apache2/mods-enabled/prefork.conf').with_ensure('link') } - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('/etc/apache2/mods-available/prefork.load') } - it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/prefork.load') } - - it { is_expected.to contain_package('apache2-mpm-prefork') } - end - - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - } - end - - it { - is_expected.to contain_file('/etc/apache2/mods-available/prefork.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n") - } - it { is_expected.to contain_file('/etc/apache2/mods-enabled/prefork.load').with_ensure('link') } - end + it { + is_expected.to contain_file('/etc/apache2/mods-available/prefork.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n") + } + it { is_expected.to contain_file('/etc/apache2/mods-enabled/prefork.load').with_ensure('link') } end context 'on a RedHat OS' do include_examples 'RedHat 8' it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('prefork') } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.conf').with_ensure('file') } - - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { - is_expected.to contain_file_line('/etc/sysconfig/httpd prefork enable').with('require' => 'Package[httpd]') - } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.conf').without('content' => %r{MaxRequestWorkers}) } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.conf').without('content' => %r{MaxConnectionsPerChild}) } - end - - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - maxrequestworkers: 512, - maxconnectionsperchild: 4000, - } - end - - it { is_expected.not_to contain_apache__mod('event') } - - it { - is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n") - } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.conf').without('content' => %r{MaxClients}) } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.conf').without('content' => %r{MaxRequestsPerChild}) } - end + it { is_expected.not_to contain_apache__mod('event') } + it { + is_expected.to contain_file('/etc/httpd/conf.modules.d/prefork.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n") + } end context 'on a FreeBSD OS' do include_examples 'FreeBSD 9' diff --git a/spec/classes/mod/remoteip_spec.rb b/spec/classes/mod/remoteip_spec.rb index 694989549c..aab4d1478d 100644 --- a/spec/classes/mod/remoteip_spec.rb +++ b/spec/classes/mod/remoteip_spec.rb @@ -5,9 +5,6 @@ describe 'apache::mod::remoteip', type: :class do context 'on a Debian OS' do include_examples 'Debian 11' - let :params do - { apache_version: '2.4' } - end it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__mod('remoteip') } @@ -104,12 +101,5 @@ it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPProxyProtocolExceptions fd00:fd00:fd00:2000::/64$}) } end - describe 'with Apache version < 2.4' do - let :params do - { apache_version: '2.2' } - end - - it { is_expected.to compile.and_raise_error(%r{mod_remoteip is only available in Apache 2.4}) } - end end end diff --git a/spec/classes/mod/ssl_spec.rb b/spec/classes/mod/ssl_spec.rb index 0e562c4b69..ff1e3ee31b 100644 --- a/spec/classes/mod/ssl_spec.rb +++ b/spec/classes/mod/ssl_spec.rb @@ -143,49 +143,13 @@ it { is_expected.to contain_file('_etc_pki_some_path_localhost.crt') } end - context 'with Apache version < 2.4 - ssl_compression with default value' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression Off$}) } - end - context 'with Apache version < 2.4 - setting ssl_compression to true' do - let :params do - { - apache_version: '2.2', - ssl_compression: true, - } - end - - it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression On$}) } - end - context 'with Apache version < 2.4 - setting ssl_stapling to true' do - let :params do - { - apache_version: '2.2', - ssl_stapling: true, - } - end - - it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLUseStapling}) } - end - - context 'with Apache version >= 2.4 - ssl_compression with default value' do - let :params do - { - apache_version: '2.4', - } - end - + context 'with default values' do it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLCompression Off$}) } + it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLSessionTickets (Off|On)$}) } end - context 'with Apache version >= 2.4' do + context 'with ssl_compression set to true' do let :params do { - apache_version: '2.4', ssl_compression: true, } end @@ -193,19 +157,9 @@ it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLCompression On$}) } end - context 'with Apache version >= 2.4 - ssl_sessiontickets with default value' do - let :params do - { - apache_version: '2.4', - } - end - - it { is_expected.not_to contain_file('ssl.conf').with_content(%r{^ SSLSessionTickets (Off|On)$}) } - end - context 'with Apache version >= 2.4 - setting ssl_sessiontickets to false' do + context 'with ssl_sessiontickets set to false' do let :params do { - apache_version: '2.4', ssl_sessiontickets: false, } end @@ -213,30 +167,27 @@ it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLSessionTickets Off$}) } end - context 'with Apache version >= 2.4 - setting ssl_stapling to true' do + context 'with ssl_stapling set to true' do let :params do { - apache_version: '2.4', ssl_stapling: true, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLUseStapling On$}) } end - context 'with Apache version >= 2.4 - setting ssl_stapling_return_errors to true' do + context 'with ssl_stapling_return_errors set to true' do let :params do { - apache_version: '2.4', ssl_stapling_return_errors: true, } end it { is_expected.to contain_file('ssl.conf').with_content(%r{^ SSLStaplingReturnResponderErrors On$}) } end - context 'with Apache version >= 2.4 - setting stapling_cache' do + context 'with stapling_cache' do let :params do { - apache_version: '2.4', stapling_cache: '/tmp/customstaplingcache(51200)', } end diff --git a/spec/classes/mod/status_spec.rb b/spec/classes/mod/status_spec.rb index 37a6451d2f..eebe8746c2 100644 --- a/spec/classes/mod/status_spec.rb +++ b/spec/classes/mod/status_spec.rb @@ -2,7 +2,6 @@ require 'spec_helper' -# Apache >= 2.4 def require_directives(requires) if requires == :undef " Require ip 127.0.0.1 ::1\n" @@ -66,10 +65,9 @@ def require_directives(requires) } end - context "with custom parameters $allow_from => ['10.10.10.10','11.11.11.11'], $extended_status => 'Off', $status_path => '/custom-status'" do + context "with custom parameters $extended_status => 'Off', $status_path => '/custom-status'" do let :params do { - allow_from: ['10.10.10.10', '11.11.11.11'], extended_status: 'Off', status_path: '/custom-status', } @@ -77,27 +75,7 @@ def require_directives(requires) it { is_expected.to compile } - include_examples 'status_conf_spec_require', 'ip 10.10.10.10 11.11.11.11', 'Off', '/custom-status' - end - - context "with valid parameter type $allow_from => ['10.10.10.10']" do - let :params do - { allow_from: ['10.10.10.10'] } - end - - it 'expects to succeed array validation' do - is_expected.to compile - end - end - - context "with invalid parameter type $allow_from => '10.10.10.10'" do - let :params do - { allow_from: '10.10.10.10' } - end - - it 'expects to fail array validation' do - is_expected.to compile.and_raise_error(%r{allow_from}) - end + include_examples 'status_conf_spec_require', 'ip 127.0.0.1 ::1', 'Off', '/custom-status' end # Only On or Off are valid options diff --git a/spec/classes/mod/worker_spec.rb b/spec/classes/mod/worker_spec.rb index 5fafac88ac..5f01385fd8 100644 --- a/spec/classes/mod/worker_spec.rb +++ b/spec/classes/mod/worker_spec.rb @@ -13,68 +13,21 @@ it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } it { is_expected.to contain_file('/etc/apache2/mods-available/worker.conf').with_ensure('file') } - it { is_expected.to contain_file('/etc/apache2/mods-enabled/worker.conf').with_ensure('link') } - - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { is_expected.not_to contain_file('/etc/apache2/mods-available/worker.load') } - it { is_expected.not_to contain_file('/etc/apache2/mods-enabled/worker.load') } - - it { is_expected.to contain_package('apache2-mpm-worker') } - end - - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - } - end - - it { - is_expected.to contain_file('/etc/apache2/mods-available/worker.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n") - } - it { is_expected.to contain_file('/etc/apache2/mods-enabled/worker.load').with_ensure('link') } - end + it { + is_expected.to contain_file('/etc/apache2/mods-available/worker.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n") + } end context 'on a RedHat OS' do include_examples 'RedHat 8' it { is_expected.to contain_class('apache::params') } it { is_expected.not_to contain_apache__mod('worker') } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with_ensure('file') } - - context 'with Apache version < 2.4' do - let :params do - { - apache_version: '2.2', - } - end - - it { - is_expected.to contain_file_line('/etc/sysconfig/httpd worker enable').with('require' => 'Package[httpd]') - } - end - - context 'with Apache version >= 2.4' do - let :params do - { - apache_version: '2.4', - } - end - - it { is_expected.not_to contain_apache__mod('event') } - - it { - is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.load').with('ensure' => 'file', - 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n") - } - end + it { is_expected.not_to contain_apache__mod('event') } + it { + is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.load').with('ensure' => 'file', + 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n") + } end context 'on a FreeBSD OS' do include_examples 'FreeBSD 9' @@ -99,7 +52,7 @@ it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+ServerLimit\s+25$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+StartServers\s+2$}) } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MaxClients\s+150$}) } + it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MaxRequestWorkers\s+150$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MinSpareThreads\s+25$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MaxSpareThreads\s+75$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+ThreadsPerChild\s+25$}) } @@ -126,7 +79,6 @@ it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+ServerLimit\s+10$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+StartServers\s+11$}) } - it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').without(content: %r{^\s+MaxClients}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MaxRequestWorkers\s+12$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MinSpareThreads\s+13$}) } it { is_expected.to contain_file('/etc/httpd/conf.modules.d/worker.conf').with(content: %r{^\s+MaxSpareThreads\s+14$}) } diff --git a/spec/defines/balancer_spec.rb b/spec/defines/balancer_spec.rb index b9cdaae69c..3b2078aae6 100644 --- a/spec/defines/balancer_spec.rb +++ b/spec/defines/balancer_spec.rb @@ -55,12 +55,7 @@ } end - describe 'with lbmethod and with apache::mod::proxy_balancer::apache_version set' do - let :pre_condition do - 'class{"apache::mod::proxy_balancer": - apache_version => "2.4" - }' - end + describe 'with lbmethod set' do let :params do { proxy_set: { diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 156ed3e4f5..6986aa2c87 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -33,12 +33,6 @@ it { is_expected.to contain_class('apache') } it { is_expected.to contain_class('apache::params') } it { is_expected.to contain_apache__listen(params[:port]) } - # namebased virualhost is only created on apache 2.2 and older - if (os_facts[:os]['family'] == 'RedHat' && os_facts[:os]['release']['major'].to_i < 7) || - (os_facts[:os]['name'] == 'Amazon') || - (os_facts[:os]['name'] == 'SLES' && os_facts[:os]['release']['major'].to_i < 12) - it { is_expected.to contain_apache__namevirtualhost("*:#{params[:port]}") } - end end context 'set everything!' do let :params do @@ -433,7 +427,6 @@ 'wsgi_chunked_request' => 'On', 'action' => 'foo', 'additional_includes' => '/custom/path/includes', - 'apache_version' => '2.4', 'use_optional_includes' => true, 'suexec_user_group' => 'root root', 'allow_encoded_slashes' => 'nodecode', @@ -1625,26 +1618,10 @@ end end # access logs describe 'error logs format' do - context 'on Apache 2.2' do - let(:params) do - { - 'docroot' => '/rspec/docroot', - 'apache_version' => '2.2', - 'error_log_format' => ['[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i'], - } - end - - it { - is_expected.to contain_concat__fragment('rspec.example.com-logging') - .without_content(%r{ErrorLogFormat}) - } - end - context 'single log format directive as a string' do let(:params) do { 'docroot' => '/rspec/docroot', - 'apache_version' => '2.4', 'error_log_format' => ['[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i'], } end @@ -1660,7 +1637,6 @@ let(:params) do { 'docroot' => '/rspec/docroot', - 'apache_version' => '2.4', 'error_log_format' => [ '[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M', { '[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T' => 'request' }, @@ -1792,7 +1768,6 @@ it { is_expected.to compile } it { is_expected.to contain_concat('25-rspec.example.com.conf') } - # this works only with apache 2.4 and newer if (os_facts[:os]['family'] == 'RedHat' && os_facts[:os]['release']['major'].to_i > 6) || (os_facts[:os]['name'] == 'SLES' && os_facts[:os]['release']['major'].to_i > 11) it { @@ -1805,50 +1780,6 @@ end end - # the following style is only present on Apache 2.2 - # That is used in SLES 11, RHEL6, Amazon Linux - if (os_facts[:os]['family'] == 'RedHat' && os_facts[:os]['release']['major'].to_i < 7) || - (os_facts[:os]['name'] == 'Amazon') || - (os_facts[:os]['name'] == 'SLES' && os_facts[:os]['release']['major'].to_i < 12) - context 'apache 2.2 access controls on directories' do - let :params do - { - 'docroot' => '/var/www/foo', - 'directories' => [ - { - 'path' => '/var/www/foo', - 'provider' => 'files', - 'allow' => 'from 127.0.0.5', - 'deny' => 'from all', - 'order' => 'deny,allow', - }, - { - 'path' => '/var/www/protected-files', - 'provider' => 'files', - 'allow' => ['from 127.0.0.1', 'from 127.0.0.2'], - 'deny' => ['from 127.0.0.3', 'from 127.0.0.4'], - 'satisfy' => 'any', - }, - ], - } - end - - it { is_expected.to compile } - it { is_expected.to contain_concat('25-rspec.example.com.conf') } - it { - is_expected.to contain_concat__fragment('rspec.example.com-directories') - .with_content(%r{^\s+Allow from 127\.0\.0\.1$}) - .with_content(%r{^\s+Allow from 127\.0\.0\.2$}) - .with_content(%r{^\s+Allow from 127\.0\.0\.5$}) - .with_content(%r{^\s+Deny from 127\.0\.0\.3$}) - .with_content(%r{^\s+Deny from 127\.0\.0\.4$}) - .with_content(%r{^\s+Deny from all$}) - .with_content(%r{^\s+Satisfy any$}) - .with_content(%r{^\s+Order deny,allow$}) - } - end - end - context 'require unmanaged' do let :params do { diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb index 2f252c8e84..a7211b68bb 100644 --- a/spec/spec_helper_local.rb +++ b/spec/spec_helper_local.rb @@ -140,6 +140,7 @@ { os: { family: 'Darwin', + name: 'Darwin', release: { full: '13.1.0', }, diff --git a/spec/unit/facter/util/fact_apache_version_spec.rb b/spec/unit/facter/util/fact_apache_version_spec.rb deleted file mode 100644 index 061c21adf5..0000000000 --- a/spec/unit/facter/util/fact_apache_version_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -describe Facter::Util::Fact do - before(:each) do - Facter.clear - end - describe 'apache_version' do - context 'with value' do - before :each do - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - expect(Facter::Core::Execution).to receive(:which).with('httpd') { true } - expect(Facter::Core::Execution).to receive(:execute).with('httpd -V 2>&1') { - 'Server version: Apache/2.4.16 (Unix) - Server built: Jul 31 2015 15:53:26' - } - end - it do - expect(Facter.fact(:apache_version).value).to eq('2.4.16') - end - end - end - - describe 'apache_version with empty OS' do - context 'with value' do - before :each do - allow(Facter.fact(:kernel)).to receive(:value).and_return('Linux') - expect(Facter::Core::Execution).to receive(:which).with('httpd') { true } - expect(Facter::Core::Execution).to receive(:execute).with('httpd -V 2>&1') { - 'Server version: Apache/2.4.6 () - Server built: Nov 21 2015 05:34:59' - } - end - it do - expect(Facter.fact(:apache_version).value).to eq('2.4.6') - end - end - end -end diff --git a/templates/httpd.conf.erb b/templates/httpd.conf.erb index 2d8f95ef49..4a26d41a73 100644 --- a/templates/httpd.conf.erb +++ b/templates/httpd.conf.erb @@ -18,23 +18,15 @@ LimitRequestFields <%= @limitreqfields %> <% if @limitreqline -%> LimitRequestLine <%= @limitreqline %> <% end -%> -<%# Actually >= 2.4.24, but the minor version is not provided -%> -<%- if @http_protocol_options and scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> +<%- if @http_protocol_options -%> HttpProtocolOptions <%= @http_protocol_options %> <%- end -%> -<%# Actually >= 2.4.17, but the minor version is not provided -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - <%- unless @protocols.empty? -%> +<%- unless @protocols.empty? -%> Protocols <%= @protocols.join(' ') %> - <%- end -%> - <%- unless @protocols_honor_order.nil? -%> -ProtocolsHonorOrder <%= scope.call_function('apache::bool2httpd', [@protocols_honor_order]) %> - <%- end -%> <%- end -%> - -<%- if @rewrite_lock and scope.function_versioncmp([@apache_version, '2.2']) <= 0 -%> -RewriteLock <%= @rewrite_lock %> +<%- unless @protocols_honor_order.nil? -%> +ProtocolsHonorOrder <%= scope.call_function('apache::bool2httpd', [@protocols_honor_order]) %> <%- end -%> User <%= @user %> @@ -42,25 +34,14 @@ Group <%= @group %> AccessFileName .htaccess -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> Require all denied -<%- else -%> - Order allow,deny - Deny from all - Satisfy all -<%- end -%> Options <%= Array(@root_directory_options).join(' ') %> AllowOverride None <%- if @root_directory_secured -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> Require all denied -<%- else -%> - Order deny,allow - Deny from all -<%- end -%> <%- end -%> @@ -68,9 +49,6 @@ AccessFileName .htaccess AddDefaultCharset <%= @default_charset %> <% end -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) < 0 -%> -DefaultType <%= @default_type %> -<%- end -%> HostnameLookups <%= @hostname_lookups %> <%- if /^[|\/]/.match(@error_log) || /^syslog:/.match(@error_log) -%> ErrorLog "<%= @error_log %>" @@ -125,20 +103,12 @@ LogFormat "<%= format -%>" <%= nickname %> <%- end -%> <% end -%> -<%- if @conf_enabled and scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> +<%- if @conf_enabled -%> IncludeOptional "<%= @conf_enabled %>/*.conf" <%- end -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> IncludeOptional "<%= @confd_dir %>/*.conf" -<%- else -%> -Include "<%= @confd_dir %>/*.conf" -<%- end -%> <% if @vhost_load_dir != @confd_dir -%> -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> IncludeOptional "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" -<%- else -%> -Include "<%= @vhost_load_dir %>/<%= @vhost_include_pattern %>" -<%- end -%> <% end -%> <% if @ldap_verify_server_cert -%> LDAPVerifyServerCert <%= @ldap_verify_server_cert %> @@ -156,12 +126,7 @@ Alias /error/ "<%= @error_documents_path %>/" Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var -<%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> Require all granted -<%- else -%> - Order allow,deny - Allow from all -<%- end -%> LanguagePriority en cs de es fr it nl sv pt-br ro ForceLanguagePriority Prefer Fallback diff --git a/templates/mod/_require.erb b/templates/mod/_require.erb index d55e312e9d..404dcc4c26 100644 --- a/templates/mod/_require.erb +++ b/templates/mod/_require.erb @@ -1,12 +1,4 @@ -<% if @requires != nil -%> - <%- _requires = @requires -%> -<% elsif @allow_from != nil and ! @allow_from.empty? -%> - <%- scope.function_warning(["Class #{@title}: Using Allow is deprecated in Apache #{@_apache_version}"]) -%> - <%- _requires = 'ip ' + Array(@allow_from).join(" ") -%> -<% else -%> - <%- _requires = @requires_defaults -%> -<% end -%> -<%-# -%> +<% _requires = @requires != nil ? @requires : @requires_defaults -%> <% if _requires.is_a?(String) -%> <%- if ! ['', 'unmanaged'].include?_requires.downcase -%> Require <%= _requires %> diff --git a/templates/mod/alias.conf.erb b/templates/mod/alias.conf.erb index 313fdf9d1a..e56a105c8c 100644 --- a/templates/mod/alias.conf.erb +++ b/templates/mod/alias.conf.erb @@ -3,11 +3,6 @@ Alias /<%= @icons_prefix %>/ "<%= @icons_path %>/" "> Options <%= @icons_options %> AllowOverride None -<%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require all granted -<%- else -%> - Order allow,deny - Allow from all -<%- end -%> diff --git a/templates/mod/event.conf.erb b/templates/mod/event.conf.erb index bca707c932..82cfae822a 100644 --- a/templates/mod/event.conf.erb +++ b/templates/mod/event.conf.erb @@ -7,8 +7,6 @@ <%- end -%> <%- if @maxrequestworkers -%> MaxRequestWorkers <%= @maxrequestworkers %> - <%- elsif @maxclients -%> - MaxClients <%= @maxclients %> <%- end -%> <%- if @minsparethreads -%> MinSpareThreads <%= @minsparethreads %> @@ -21,8 +19,6 @@ <%- end -%> <%- if @maxconnectionsperchild -%> MaxConnectionsPerChild <%= @maxconnectionsperchild %> - <%- elsif @maxrequestsperchild -%> - MaxRequestsPerChild <%= @maxrequestsperchild %> <%- end -%> <%- if @threadlimit -%> ThreadLimit <%= @threadlimit %> diff --git a/templates/mod/http2.conf.erb b/templates/mod/http2.conf.erb index 4839013680..5aa5fa2386 100644 --- a/templates/mod/http2.conf.erb +++ b/templates/mod/http2.conf.erb @@ -1,15 +1,13 @@ # The http2 Apache module configuration file is being # managed by Puppet and changes will be overwritten. -<%# Actually >= 2.4.24, but the minor version is not provided -%> -<% if !@h2_copy_files.nil? && scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> +<% if !@h2_copy_files.nil? -%> H2CopyFiles <%= scope.call_function('apache::bool2httpd', [@h2_copy_files]) %> <% end -%> <% unless @h2_direct.nil? -%> H2Direct <%= scope.call_function('apache::bool2httpd', [@h2_direct]) %> <% end -%> -<%# Actually >= 2.4.24, but the minor version is not provided -%> -<% if !@h2_early_hints.nil? && scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> +<% if !@h2_early_hints.nil? -%> H2EarlyHints <%= scope.call_function('apache::bool2httpd', [@h2_early_hints]) %> <% end -%> <% unless @h2_max_session_streams.nil? -%> @@ -24,39 +22,33 @@ H2MaxWorkers <%= @h2_max_workers %> <% unless @h2_min_workers.nil? -%> H2MinWorkers <%= @h2_min_workers %> <% end -%> -<%# Actually >= 2.4.24, but the minor version is not provided -%> -<% if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - <%- unless @h2_modern_tls_only.nil? -%> +<%- unless @h2_modern_tls_only.nil? -%> H2ModernTLSOnly <%= scope.call_function('apache::bool2httpd', [@h2_modern_tls_only]) %> - <%- end -%> - <%- unless @h2_push.nil? -%> +<%- end -%> +<%- unless @h2_push.nil? -%> H2Push <%= scope.call_function('apache::bool2httpd', [@h2_push]) %> - <%- end -%> - <%- unless @h2_push_diary_size.nil? -%> +<%- end -%> +<%- unless @h2_push_diary_size.nil? -%> H2PushDiarySize <%= @h2_push_diary_size %> - <%- end -%> - <%- @h2_push_priority.each do |expr| -%> +<%- end -%> +<%- @h2_push_priority.each do |expr| -%> H2PushPriority <%= expr %> - <%- end -%> - <%- @h2_push_resource.each do |expr| -%> +<%- end -%> +<%- @h2_push_resource.each do |expr| -%> H2PushResource <%= expr %> - <%- end -%> -<% end -%> +<%- end -%> <% unless @h2_serialize_headers.nil? -%> H2SerializeHeaders <%= scope.call_function('apache::bool2httpd', [@h2_serialize_headers]) %> <% end -%> <% unless @h2_stream_max_mem_size.nil? -%> H2StreamMaxMemSize <%= @h2_stream_max_mem_size %> <% end -%> -<%# Actually >= 2.4.24, but the minor version is not provided -%> -<% if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - <%- unless @h2_tls_cool_down_secs.nil? -%> +<%- unless @h2_tls_cool_down_secs.nil? -%> H2TLSCoolDownSecs <%= @h2_tls_cool_down_secs %> - <%- end -%> - <%- unless @h2_tls_warm_up_size.nil? -%> +<%- end -%> +<%- unless @h2_tls_warm_up_size.nil? -%> H2TLSWarmUpSize <%= @h2_tls_warm_up_size %> - <%- end -%> -<% end -%> +<%- end -%> <% unless @h2_upgrade.nil? -%> H2Upgrade <%= scope.call_function('apache::bool2httpd', [@h2_upgrade]) %> <% end -%> diff --git a/templates/mod/info.conf.erb b/templates/mod/info.conf.erb index c661a23ab5..26acb1ab11 100644 --- a/templates/mod/info.conf.erb +++ b/templates/mod/info.conf.erb @@ -1,19 +1,6 @@ > SetHandler server-info <%- if @restrict_access -%> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - <%- if @allow_from and ! @allow_from.empty? -%> - <%- @allow_from.each do |allowed| -%> - Allow from <%= allowed %> - <%- end -%> - <%- else -%> - Allow from 127.0.0.1 - Allow from ::1 - <%- end -%> - <%- end -%> <%- end -%> diff --git a/templates/mod/itk.conf.erb b/templates/mod/itk.conf.erb index 4abade8fb5..4e2284a5e8 100644 --- a/templates/mod/itk.conf.erb +++ b/templates/mod/itk.conf.erb @@ -5,7 +5,7 @@ ServerLimit <%= @serverlimit %> MaxClients <%= @maxclients %> MaxRequestsPerChild <%= @maxrequestsperchild %> - <%- if (not @enablecapabilities.nil?) && (scope.function_versioncmp([@_apache_version, '2.4']) >= 0) -%> + <%- unless @enablecapabilities.nil? -%> EnableCapabilities <%= scope.call_function('apache::bool2httpd', [@enablecapabilities]) %> <%- end -%> diff --git a/templates/mod/ldap.conf.erb b/templates/mod/ldap.conf.erb index 7c2dac5e98..d4ccac43df 100644 --- a/templates/mod/ldap.conf.erb +++ b/templates/mod/ldap.conf.erb @@ -1,13 +1,6 @@ > SetHandler ldap-status - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require ip 127.0.0.1 ::1 - <%- else -%> - Order deny,allow - Deny from all - Allow from 127.0.0.1 ::1 - Satisfy all - <%- end -%> <% if @ldap_trusted_global_cert_file -%> LDAPTrustedGlobalCert <%= @ldap_trusted_global_cert_type %> <%= @ldap_trusted_global_cert_file %> diff --git a/templates/mod/pagespeed.conf.erb b/templates/mod/pagespeed.conf.erb index 56e72fe29d..c99e3b4992 100644 --- a/templates/mod/pagespeed.conf.erb +++ b/templates/mod/pagespeed.conf.erb @@ -61,35 +61,20 @@ ModPagespeedStatistics <%= @collect_statistics %> # statistics. This might be appropriate in an experimental setup or # if the Apache server is protected by a reverse proxy that will # filter URLs in some fashion. - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require ip 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_view_stats).join(" ") %> - <%- end -%> SetHandler mod_pagespeed_statistics ModPagespeedStatisticsLogging <%= @statistics_logging %> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_console).join(" ") %> - <%- end -%> SetHandler pagespeed_console ModPagespeedMessageBufferSize <%= @message_buffer_size %> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> Require ip 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> - <%- else -%> - Order allow,deny - Allow from 127.0.0.1 ::1 <%= Array(@allow_pagespeed_message).join(" ") %> - <%- end -%> SetHandler mod_pagespeed_message diff --git a/templates/mod/proxy.conf.erb b/templates/mod/proxy.conf.erb index 76968cb6fe..eb6c02ea38 100644 --- a/templates/mod/proxy.conf.erb +++ b/templates/mod/proxy.conf.erb @@ -10,13 +10,7 @@ <% if @proxy_requests != 'Off' or ( @allow_from and ! @allow_from.empty? ) -%> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - Allow from <%= Array(@allow_from).join(" ") %> - <%- end -%> + Require ip <%= @allow_from.join(" ") %> <% end -%> diff --git a/templates/mod/proxy_balancer.conf.erb b/templates/mod/proxy_balancer.conf.erb index c1f37be8e4..43a4611ddf 100644 --- a/templates/mod/proxy_balancer.conf.erb +++ b/templates/mod/proxy_balancer.conf.erb @@ -1,10 +1,4 @@ > SetHandler balancer-manager - <%- if scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%> - Require ip <%= Array(@allow_from).join(" ") %> - <%- else -%> - Order deny,allow - Deny from all - Allow from <%= Array(@allow_from).join(" ") %> - <%- end -%> + Require ip <%= @allow_from.join(" ") %> diff --git a/templates/mod/security.conf.erb b/templates/mod/security.conf.erb index ec520751cc..08724d010e 100644 --- a/templates/mod/security.conf.erb +++ b/templates/mod/security.conf.erb @@ -76,11 +76,6 @@ SecUploadKeepFiles Off # ModSecurity Core Rules Set configuration -<%- if scope.function_versioncmp([scope.lookupvar('::apache::apache_version'), '2.4']) >= 0 -%> IncludeOptional <%= @modsec_dir %>/*.conf IncludeOptional <%= @modsec_dir %>/activated_rules/*.conf -<%- else -%> - Include <%= @modsec_dir %>/*.conf - Include <%= @modsec_dir %>/activated_rules/*.conf -<%- end -%> diff --git a/templates/mod/ssl.conf.erb b/templates/mod/ssl.conf.erb index aec5b15a7c..33a4c6feda 100644 --- a/templates/mod/ssl.conf.erb +++ b/templates/mod/ssl.conf.erb @@ -10,16 +10,12 @@ SSLPassPhraseDialog <%= @ssl_pass_phrase_dialog %> SSLSessionCache "shmcb:<%= @ssl_sessioncache %>" SSLSessionCacheTimeout <%= @ssl_sessioncachetimeout %> - <%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> - Mutex <%= @_ssl_mutex %> - <%- if @ssl_compression -%> + Mutex <%= @ssl_mutex %> + <%- if @ssl_compression -%> SSLCompression <%= scope.call_function('apache::bool2httpd', [@ssl_compression]) %> - <%- end -%> - <%- unless @ssl_sessiontickets.nil? -%> + <%- end -%> + <%- unless @ssl_sessiontickets.nil? -%> SSLSessionTickets <%= scope.call_function('apache::bool2httpd', [@ssl_sessiontickets]) %> - <%- end -%> - <%- else -%> - SSLMutex <%= @_ssl_mutex %> <%- end -%> SSLCryptoDevice <%= @ssl_cryptodevice %> SSLHonorCipherOrder <%= scope.call_function('apache::bool2httpd', [@_ssl_honorcipherorder]) %> @@ -32,13 +28,11 @@ <%- if @ssl_ca -%> SSLCACertificateFile "<%= @ssl_ca %>" <%- end -%> -<% if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%> SSLUseStapling <%= scope.call_function('apache::bool2httpd', [@ssl_stapling]) %> <%- if not @ssl_stapling_return_errors.nil? -%> SSLStaplingReturnResponderErrors <%= scope.call_function('apache::bool2httpd', [@ssl_stapling_return_errors]) %> <%- end -%> SSLStaplingCache "shmcb:<%= @_stapling_cache %>" -<% end -%> SSLCipherSuite <%= @ssl_cipher %> <% if not @ssl_protocol.empty? -%> SSLProtocol <%= @ssl_protocol.compact.join(' ') %> diff --git a/templates/mod/status.conf.erb b/templates/mod/status.conf.erb index 28cc55b4f7..ba5f17647c 100644 --- a/templates/mod/status.conf.erb +++ b/templates/mod/status.conf.erb @@ -4,11 +4,7 @@ <%-# "scope.function_template(["apache/mod/