1 ## Default vhosts, and custom vhosts

     2 # NB: Please see the other vhost_*.pp example files for further

     3 # examples.

     4 

     5 # Base class. Declares default vhost on port 80 and default ssl

     6 # vhost on port 443 listening on all interfaces and serving

     7 # $apache::docroot

     8 class { 'apache': }

     9 

    10 # Most basic vhost

    11 apache::vhost { 'first.example.com':

    12   port    => '80',

    13   docroot => '/var/www/first',

    14 }

    15 

    16 # Vhost with different docroot owner/group/mode

    17 apache::vhost { 'second.example.com':

    18   port          => '80',

    19   docroot       => '/var/www/second',

    20   docroot_owner => 'third',

    21   docroot_group => 'third',

    22   docroot_mode  => '0770',

    23 }

    24 

    25 # Vhost with serveradmin

    26 apache::vhost { 'third.example.com':

    27   port        => '80',

    28   docroot     => '/var/www/third',

    29   serveradmin => 'admin@example.com',

    30 }

    31 

    32 # Vhost with ssl (uses default ssl certs)

    33 apache::vhost { 'ssl.example.com':

    34   port    => '443',

    35   docroot => '/var/www/ssl',

    36   ssl     => true,

    37 }

    38 

    39 # Vhost with ssl and specific ssl certs

    40 apache::vhost { 'fourth.example.com':

    41   port     => '443',

    42   docroot  => '/var/www/fourth',

    43   ssl      => true,

    44   ssl_cert => '/etc/ssl/fourth.example.com.cert',

    45   ssl_key  => '/etc/ssl/fourth.example.com.key',

    46 }

    47 

    48 # Vhost with english title and servername parameter

    49 apache::vhost { 'The fifth vhost':

    50   servername => 'fifth.example.com',

    51   port       => '80',

    52   docroot    => '/var/www/fifth',

    53 }

    54 

    55 # Vhost with server aliases

    56 apache::vhost { 'sixth.example.com':

    57   serveraliases => [

    58     'sixth.example.org',

    59     'sixth.example.net',

    60   ],

    61   port          => '80',

    62   docroot       => '/var/www/fifth',

    63 }

    64 

    65 # Vhost with alternate options

    66 apache::vhost { 'seventh.example.com':

    67   port    => '80',

    68   docroot => '/var/www/seventh',

    69   options => [

    70     'Indexes',

    71     'MultiViews',

    72   ],

    73 }

    74 

    75 # Vhost with AllowOverride for .htaccess

    76 apache::vhost { 'eighth.example.com':

    77   port     => '80',

    78   docroot  => '/var/www/eighth',

    79   override => 'All',

    80 }

    81 

    82 # Vhost with access and error logs disabled

    83 apache::vhost { 'ninth.example.com':

    84   port       => '80',

    85   docroot    => '/var/www/ninth',

    86   access_log => false,

    87   error_log  => false,

    88 }

    89 

    90 # Vhost with custom access and error logs and logroot

    91 apache::vhost { 'tenth.example.com':

    92   port            => '80',

    93   docroot         => '/var/www/tenth',

    94   access_log_file => 'tenth_vhost.log',

    95   error_log_file  => 'tenth_vhost_error.log',

    96   logroot         => '/var/log',

    97 }

    98 

    99 # Vhost with a cgi-bin

   100 apache::vhost { 'eleventh.example.com':

   101   port        => '80',

   102   docroot     => '/var/www/eleventh',

   103   scriptalias => '/usr/lib/cgi-bin',

   104 }

   105 

   106 # Vhost with a proxypass configuration

   107 apache::vhost { 'twelfth.example.com':

   108   port          => '80',

   109   docroot       => '/var/www/twelfth',

   110   proxy_dest    => 'http://internal.example.com:8080/twelfth',

   111   no_proxy_uris => ['/login','/logout'],

   112 }

   113 

   114 # Vhost to redirect /login and /logout

   115 apache::vhost { 'thirteenth.example.com':

   116   port            => '80',

   117   docroot         => '/var/www/thirteenth',

   118   redirect_source => [

   119     '/login',

   120     '/logout',

   121   ],

   122   redirect_dest   => [

   123     'http://10.0.0.10/login',

   124     'http://10.0.0.10/logout',

   125   ],

   126 }

   127 

   128 # Vhost to permamently redirect

   129 apache::vhost { 'fourteenth.example.com':

   130   port            => '80',

   131   docroot         => '/var/www/fourteenth',

   132   redirect_source => '/blog',

   133   redirect_dest   => 'http://blog.example.com',

   134   redirect_status => 'permanent',

   135 }

   136 

   137 # Vhost with a rack configuration

   138 apache::vhost { 'fifteenth.example.com':

   139   port           => '80',

   140   docroot        => '/var/www/fifteenth',

   141   rack_base_uris => ['/rackapp1', '/rackapp2'],

   142 }

   143 

   144 

   145 # Vhost to redirect non-ssl to ssl

   146 apache::vhost { 'sixteenth.example.com non-ssl':

   147   servername => 'sixteenth.example.com',

   148   port       => '80',

   149   docroot    => '/var/www/sixteenth',

   150   rewrites   => [

   151     {

   152       comment      => 'redirect non-SSL traffic to SSL site',

   153       rewrite_cond => ['%{HTTPS} off'],

   154       rewrite_rule => ['(.*) https://%{HTTPS_HOST}%{REQUEST_URI}'],

   155     }

   156   ]

   157 }

   158 

   159 # Rewrite a URL to lower case

   160 apache::vhost { 'sixteenth.example.com non-ssl':

   161   servername => 'sixteenth.example.com',

   162   port       => '80',

   163   docroot    => '/var/www/sixteenth',

   164   rewrites   => [

   165     { comment      => 'Rewrite to lower case',

   166       rewrite_cond => ['%{REQUEST_URI} [A-Z]'],

   167       rewrite_map  => ['lc int:tolower'],

   168       rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'],

   169     }

   170   ]

   171 }

   172 

   173 apache::vhost { 'sixteenth.example.com ssl':

   174   servername => 'sixteenth.example.com',

   175   port       => '443',

   176   docroot    => '/var/www/sixteenth',

   177   ssl        => true,

   178 }

   179 

   180 # Vhost to redirect non-ssl to ssl using old rewrite method

   181 apache::vhost { 'sixteenth.example.com non-ssl old rewrite':

   182   servername   => 'sixteenth.example.com',

   183   port         => '80',

   184   docroot      => '/var/www/sixteenth',

   185   rewrite_cond => '%{HTTPS} off',

   186   rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}',

   187 }

   188 apache::vhost { 'sixteenth.example.com ssl old rewrite':

   189   servername => 'sixteenth.example.com',

   190   port       => '443',

   191   docroot    => '/var/www/sixteenth',

   192   ssl        => true,

   193 }

   194 

   195 # Vhost to block repository files

   196 apache::vhost { 'seventeenth.example.com':

   197   port    => '80',

   198   docroot => '/var/www/seventeenth',

   199   block   => 'scm',

   200 }

   201 

   202 # Vhost with special environment variables

   203 apache::vhost { 'eighteenth.example.com':

   204   port    => '80',

   205   docroot => '/var/www/eighteenth',

   206   setenv  => ['SPECIAL_PATH /foo/bin','KILROY was_here'],

   207 }

   208 

   209 apache::vhost { 'nineteenth.example.com':

   210   port     => '80',

   211   docroot  => '/var/www/nineteenth',

   212   setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1',

   213 }

   214 

   215 # Vhost with additional include files

   216 apache::vhost { 'twentyieth.example.com':

   217   port                => '80',

   218   docroot             => '/var/www/twelfth',

   219   additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'],

   220 }

   221 

   222 # Vhost with alias for subdomain mapped to same named directory

   223 # http://example.com.loc => /var/www/example.com

   224 apache::vhost { 'subdomain.loc':

   225   vhost_name      => '*',

   226   port            => '80',

   227   virtual_docroot => '/var/www/%-2+',

   228   docroot         => '/var/www',

   229   serveraliases   => ['*.loc',],

   230 }

   231 

   232 # Vhost with SSLProtocol,SSLCipherSuite, SSLHonorCipherOrder

   233 apache::vhost { 'securedomain.com':

   234         priority             => '10',

   235         vhost_name           => 'www.securedomain.com',

   236         port                 => '443',

   237         docroot              => '/var/www/secure',

   238         ssl                  => true,

   239         ssl_cert             => '/etc/ssl/securedomain.cert',

   240         ssl_key              => '/etc/ssl/securedomain.key',

   241         ssl_chain            => '/etc/ssl/securedomain.crt',

   242         ssl_protocol         => '-ALL +SSLv3 +TLSv1',

   243         ssl_cipher           => 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM',

   244         ssl_honorcipherorder => 'On',

   245         add_listen           => false,

   246 }

   247 

   248 # Vhost with access log environment variables writing control

   249 apache::vhost { 'twentyfirst.example.com':

   250   port               => '80',

   251   docroot            => '/var/www/twentyfirst',

   252   access_log_env_var => 'admin',

   253 }

   254 

   255 # Vhost with a passenger_base configuration

   256 apache::vhost { 'twentysecond.example.com':

   257   port           => '80',

   258   docroot        => '/var/www/twentysecond',

   259   rack_base_uris => ['/passengerapp1', '/passengerapp2'],

   260 }

   261