Support for FreeBSD and few other features

Summary of the changes:

Overview:

* added support for FreeBSD
* added MPMs: event, peruser, itk (PR puppetlabs#304 + FreeBSD support)
* added `apache::package` to choose and install apache package,
* allow apache::mod to specify mod identifier and module path (puppetlabs#271)
* revisited specs for apache::dev and apache::mod::dev

Details:

* "${apache::params::conf_dir}/Includes" as $apache::confd_dir for FreeBSD,
* "${apache::params::conf_dir}/Modules" as $apache::mod_dir FreeBSD,
* "${apache::params::conf_dir}/Vhosts" as $apache::vhost_dir FreeBSD,
* added to apache::params:
        $root_group,
        $apache_package,
        $service_name,
        $server_root,
        $mime_support_package,
        $mime_types_config
* httpd.erb now uses $server_root (instead of $httpd_dir) as ServerRoot
* added $mime_support_package parameter to apache::mod::mime class,
* apache::mod::mime installs $mime_support_package package if needed,
* added $magic_file parameter to apache::mod::mime_magic class,
* added 'default_confd_files.pp', and confd template infrastructure to
  allow putting some files under conf.d/ (Includes/ under FreeBSD) by
  default (FreeBSD's apache22 installs Includes/no-accf.conf for
  example but puppet normally would purge it afterward),
* adjusted documentation (README.md),
* apache::dev requires apache::package on FreeBSD
* other (minor or forgotten) changes and additions,

README.md

@@ -40,6 +40,7 @@ Apache is a widely-used web server, and this module provides a simplified way of
 * Apache modules
 * virtual hosts
 * listened-to ports
+* `/etc/make.conf` on FreeBSD
 
 ###Beginning with Apache
 
@@ -53,7 +54,8 @@ The defaults are determined by your operating system (e.g. Debian systems have o
 
 ```puppet
     class { 'apache':
-      default_mods => false,
+      default_mods        => false,
+      default_confd_files => false,
     }
 ```
 
@@ -186,6 +188,10 @@ Sets up Apache with default settings based on your OS. Defaults to 'true', set t
 
 Sets up a default virtual host. Defaults to 'true', set to 'false' to set up [customized virtual hosts](#configure-a-virtual-host).
 
+#####`default_confd_files`
+
+Generates default set of include-able apache configuration files under  `${apache::confd_dir}` directory. These configuration files correspond to what is usually installed with apache package on given platform.
+
 #####`default_ssl_vhost`
 
 Sets up a default SSL virtual host. Defaults to 'false'.
@@ -205,11 +211,11 @@ SSL vhosts only respond to HTTPS queries.
 
 #####`default_ssl_cert`
 
-The default SSL certification, which is automatically set based on your operating system  (`/etc/pki/tls/certs/localhost.crt` for RedHat, `/etc/ssl/certs/ssl-cert-snakeoil.pem` for Debian). This default will work out of the box but must be updated with your specific certificate information before being used in production.
+The default SSL certification, which is automatically set based on your operating system  (`/etc/pki/tls/certs/localhost.crt` for RedHat, `/etc/ssl/certs/ssl-cert-snakeoil.pem` for Debian, `/usr/local/etc/apache22/server.crt` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production.
 
 #####`default_ssl_key`
 
-The default SSL key, which is automatically set based on your operating system (`/etc/pki/tls/private/localhost.key` for RedHat, `/etc/ssl/private/ssl-cert-snakeoil.key` for Debian). This default will work out of the box but must be updated with your specific certificate information before being used in production.
+The default SSL key, which is automatically set based on your operating system (`/etc/pki/tls/private/localhost.key` for RedHat, `/etc/ssl/private/ssl-cert-snakeoil.key` for Debian, `/usr/local/etc/apache22/server.key` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production.
 
 #####`default_ssl_chain`
 
@@ -229,7 +235,7 @@ The default certificate revocation list to use, which is automatically set to 'u
 
 #####`service_name`
 
-Name of apache service to run. Defaults to: `'httpd'` on RedHat and `'apache2'` on Debian.
+Name of apache service to run. Defaults to: `'httpd'` on RedHat, `'apache2'` on Debian, and `'apache22'` on FreeBSD.
 
 #####`service_enable`
 
@@ -251,6 +257,10 @@ Sets the server administrator. Defaults to 'root@localhost'.
 
 Sets the servername. Defaults to fqdn provided by facter.
 
+#####`server_root`
+
+A value to be set as `ServerRoot` in main configuration file (`httpd.conf`). Defaults to `/etc/httpd` on RedHat, `/etc/apache2` on Debian and `/usr/local` on FreeBSD.
+
 #####`sendfile`
 
 Makes Apache use the Linux kernel 'sendfile' to serve static files. Defaults to 'On'.
@@ -281,7 +291,7 @@ Changes the location of the configuration directory your Apache modules configur
 
 #####`mpm_module`
 
-Configures which mpm module is loaded and configured for the httpd process by the `apache::mod::prefork`, `apache::mod::worker` and `apache::mod::itk` classes. Must be set to `false` to explicitly declare `apache::mod::worker`, `apache::mod::worker` or `apache::mod::itk` classes with parameters. Valid values are `worker`, `prefork`, `itk` (Debian), or the boolean `false`. Defaults to `prefork` on RedHat and `worker` on Debian.
+Configures which mpm module is loaded and configured for the httpd process by the `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`, `apache::mod::prefork` and `apache::mod::worker` classes. Must be set to `false` to explicitly declare `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`,  `apache::mod::prefork` or `apache::mod::worker` classes with parameters. All possible values are `event`, `itk`, `peruser`, `prefork`, `worker` (valid values depend on agent's OS), or the boolean `false`. Defaults to `prefork` on RedHat and FreeBSD and `worker` on Debian. Note: on FreeBSD switching between different mpm modules is quite difficult (but possible). Before changing `$mpm_module` one has to deinstall all packages that depend on currently installed `apache`.
 
 #####`conf_template`
 
@@ -353,12 +363,17 @@ There are many `apache::mod::[name]` classes within this module that can be decl
 * `cgid`
 * `dav`
 * `dav_fs`
+* `dav_svn`
 * `deflate`
+* `dev`
 * `dir`*
 * `disk_cache`
-* `fcgid`
+* `event`
 * `fastcgi`
+* `fcgid`
+* `headers`
 * `info`
+* `itk`
 * `ldap`
 * `mime`
 * `mime_magic`*
@@ -367,6 +382,7 @@ There are many `apache::mod::[name]` classes within this module that can be decl
 * `nss`*
 * `passenger`*
 * `perl`
+* `peruser`
 * `php` (requires [`mpm_module`](#mpm_module) set to `prefork`)
 * `prefork`*
 * `proxy`*
@@ -375,11 +391,13 @@ There are many `apache::mod::[name]` classes within this module that can be decl
 * `proxy_http`
 * `python`
 * `reqtimeout`
+* `rewrite`
 * `setenvif`
 * `ssl`* (see [apache::mod::ssl](#class-apachemodssl) below)
 * `status`
 * `suphp`
 * `userdir`*
+* `vhost_alias`
 * `worker`*
 * `wsgi` (see [apache::mod::wsgi](#class-apachemodwsgi) below)
 * `xsendfile`
@@ -1228,6 +1246,8 @@ Installs Apache development libraries
     class { 'apache::dev': }
 ```
 
+On FreeBSD you're required to define `apache::package` or `apache` class before `apache::dev`.
+
 ####Defined Type: `apache::listen`
 
 Controls which ports Apache binds to for listening based on the title:
@@ -1285,7 +1305,7 @@ The Apache module relies heavily on templates to enable the `vhost` and `apache:
 
 ##Limitations
 
-This has been tested on Ubuntu Precise, Debian Wheezy, and CentOS 5.8.
+This has been tested on Ubuntu Precise, Debian Wheezy, CentOS 5.8, and FreeBSD 9.1.
 
 ##Development
 

manifests/confd/no_accf.pp

@@ -0,0 +1,10 @@
+class apache::confd::no_accf {
+  # Template uses no variables
+  file { 'no-accf.conf':
+    ensure  => 'file',
+    path    => "${apache::confd_dir}/no-accf.conf",
+    content => template('apache/confd/no-accf.conf.erb'),
+    require => Exec["mkdir ${apache::confd_dir}"],
+    before  => File[$apache::confd_dir],
+  }
+}

manifests/default_confd_files.pp

@@ -0,0 +1,12 @@
+class apache::default_confd_files (
+  $all = true,
+) {
+  # The rest of the conf.d/* files only get loaded if we want them
+  if $all {
+    case $::osfamily {
+      'freebsd': {
+        include apache::confd::no_accf
+      }
+    }
+  }
+}

manifests/default_mods.pp

@@ -6,7 +6,7 @@
   # They are not configurable at this time, so we just include
   # them to make sure it works.
   case $::osfamily {
-    'redhat': {
+    'redhat', 'freebsd': {
       apache::mod { 'log_config': }
     }
     default: {}
@@ -43,6 +43,40 @@
         apache::mod { 'usertrack': }
         apache::mod { 'version': }
       }
+      'freebsd': {
+        include apache::mod::cache
+        include apache::mod::disk_cache
+        include apache::mod::headers
+        include apache::mod::info
+        include apache::mod::mime_magic
+        include apache::mod::reqtimeout
+        include apache::mod::rewrite
+        include apache::mod::userdir
+        include apache::mod::vhost_alias
+
+        apache::mod { 'actions': }
+        apache::mod { 'asis': }
+        apache::mod { 'auth_digest': }
+        apache::mod { 'authn_alias': }
+        apache::mod { 'authn_anon': }
+        apache::mod { 'authn_dbm': }
+        apache::mod { 'authn_default': }
+        apache::mod { 'authz_dbm': }
+        apache::mod { 'authz_owner': }
+        apache::mod { 'cern_meta': }
+        apache::mod { 'charset_lite': }
+        apache::mod { 'dumpio': }
+        apache::mod { 'expires': }
+        apache::mod { 'file_cache': }
+        apache::mod { 'filter':}
+        apache::mod { 'imagemap':}
+        apache::mod { 'include': }
+        apache::mod { 'logio': }
+        apache::mod { 'speling': }
+        apache::mod { 'unique_id': }
+        apache::mod { 'usertrack': }
+        apache::mod { 'version': }
+      }
       default: {}
     }
     case $apache::mpm_module {

manifests/dev.pp

@@ -1,4 +1,7 @@
 class apache::dev {
+  if $::osfamily == 'FreeBSD' and !defined(Class['apache::package']) {
+    fail('apache::dev requires apache::package; please include apache or apache::package class first')
+  }
   include apache::params
   $packages = $apache::params::dev_packages
   package { $packages:

manifests/init.pp

@@ -16,6 +16,7 @@
   $service_name         = $apache::params::service_name,
   $default_mods         = true,
   $default_vhost        = true,
+  $default_confd_files  = true,
   $default_ssl_vhost    = false,
   $default_ssl_cert     = $apache::params::default_ssl_cert,
   $default_ssl_key      = $apache::params::default_ssl_key,
@@ -54,18 +55,32 @@
   $package_ensure       = 'installed',
 ) inherits apache::params {
 
-  package { 'httpd':
-    ensure => $package_ensure,
-    name   => $apache::params::apache_name,
-    notify => Class['Apache::Service'],
-  }
-
   validate_bool($default_vhost)
-  validate_bool($default_ssl_vhost)
+  validate_bool($default_confd_files)
   # true/false is sufficient for both ensure and enable
   validate_bool($service_enable)
+
+  $valid_mpms_re = $::osfamily ? {
+    'FreeBSD' => '(event|itk|peruser|prefork|worker)',
+    default   => '(itk|prefork|worker)'
+  }
+
   if $mpm_module {
-    validate_re($mpm_module, '(prefork|worker|itk|event)')
+    validate_re($mpm_module, $valid_mpms_re)
+  }
+
+  # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package.
+  # NOTE: the same strategy may be introduced for other OSes. For this, you
+  # should delete the 'if' block below and modify all MPM modules' manifests
+  # such that they include apache::package class (currently event.pp, itk.pp,
+  # peruser.pp, prefork.pp, worker.pp).
+  if $::osfamily != 'FreeBSD' {
+    package { 'httpd':
+      ensure => $package_ensure,
+      name   => $apache::params::apache_name,
+      notify => Class['Apache::Service'],
+    }
+  validate_bool($default_ssl_vhost)
   }
   validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ])
 
@@ -209,6 +224,14 @@
         $scriptalias          = '/var/www/cgi-bin'
         $access_log_file      = 'access_log'
       }
+      'freebsd': {
+        $docroot              = '/usr/local/www/apache22/data'
+        $pidfile              = '/var/run/httpd.pid'
+        $error_log            = 'httpd-error.log'
+        $error_documents_path = '/usr/local/www/apache22/error'
+        $scriptalias          = '/usr/local/www/apache22/cgi-bin'
+        $access_log_file      = 'httpd-access.log'
+      }
       default: {
         fail("Unsupported osfamily ${::osfamily}")
       }
@@ -220,7 +243,6 @@
     }
 
     # Template uses:
-    # - $httpd_dir
     # - $pidfile
     # - $user
     # - $group
@@ -256,6 +278,9 @@
         all => $default_mods,
       }
     }
+    class { 'apache::default_confd_files':
+      all => $default_confd_files
+    }
     if $mpm_module {
       class { "apache::mod::${mpm_module}": }
     }
@@ -278,14 +303,18 @@
       access_log_file => $access_log_file,
       priority        => '15',
     }
+    $ssl_access_log_file = $::osfamily ? {
+      'freebsd' => $access_log_file,
+      default   => "ssl_${access_log_file}",
+    }
     apache::vhost { 'default-ssl':
       ensure          => $default_ssl_vhost_ensure,
       port            => 443,
       ssl             => true,
       docroot         => $docroot,
       scriptalias     => $scriptalias,
       serveradmin     => $serveradmin,
-      access_log_file => "ssl_${access_log_file}",
+      access_log_file => $ssl_access_log_file,
       priority        => '15',
     }
   }

manifests/mod.pp

@@ -47,11 +47,22 @@
     $_package = $mod_package
   }
   if $_package and ! defined(Package[$_package]) {
+    # note: FreeBSD/ports uses apxs tool to activate modules; apxs clutters
+    # httpd.conf with 'LoadModule' directives; here, by proper resource
+    # ordering, we ensure that our version of httpd.conf is reverted after
+    # the module gets installed.
+    $package_before = $::osfamily ? {
+      'freebsd' => [
+        File["${mod_dir}/${mod}.load"],
+        File["${apache::params::conf_dir}/${apache::params::conf_file}"]
+      ],
+      default => File["${mod_dir}/${mod}.load"],
+    }
     # $_package may be an array
     package { $_package:
       ensure  => $package_ensure,
       require => Package['httpd'],
-      before  => File["${mod_dir}/${mod}.load"],
+      before  => $package_before,
     }
   }
 

manifests/mod/alias.pp

@@ -1,7 +1,8 @@
 class apache::mod::alias {
   $icons_path = $::osfamily ? {
-    'debian' => '/usr/share/apache2/icons',
-    'redhat' => '/var/www/icons',
+    'debian'  => '/usr/share/apache2/icons',
+    'redhat'  => '/var/www/icons',
+    'freebsd' => '/usr/local/www/apache22/icons',
   }
   apache::mod { 'alias': }
   # Template uses $icons_path

manifests/mod/cgid.pp

@@ -4,8 +4,9 @@
   # Debian specifies it's cgid sock path, but RedHat uses the default value
   # with no config file
   $cgisock_path = $::osfamily ? {
-    'debian' => '${APACHE_RUN_DIR}/cgisock',
-    default  => undef,
+    'debian'  => '${APACHE_RUN_DIR}/cgisock',
+    'freebsd' => 'cgisock',
+    default   => undef,
   }
   apache::mod { 'cgid': }
   if $cgisock_path {

manifests/mod/dav_fs.pp

@@ -1,7 +1,8 @@
 class apache::mod::dav_fs {
   $dav_lock = $::osfamily ? {
-    'debian' => '${APACHE_LOCK_DIR}/DAVLock',
-    default  => '/var/lib/dav/lockdb',
+    'debian'  => '${APACHE_LOCK_DIR}/DAVLock',
+    'freebsd' => '/usr/local/var/DavLock',
+    default   => '/var/lib/dav/lockdb',
   }
 
   Class['apache::mod::dav'] -> Class['apache::mod::dav_fs']

manifests/mod/dav_svn.pp

@@ -1,4 +1,5 @@
 class apache::mod::dav_svn {
+  Class['apache::mod::dav'] -> Class['apache::mod::dav_svn']
   include apache::mod::dav
   apache::mod { 'dav_svn': }
 }

manifests/mod/disk_cache.pp

@@ -1,9 +1,14 @@
 class apache::mod::disk_cache {
   $cache_root = $::osfamily ? {
-    'debian' => '/var/cache/apache2/mod_disk_cache',
-    'redhat' => '/var/cache/mod_proxy',
+    'debian'  => '/var/cache/apache2/mod_disk_cache',
+    'redhat'  => '/var/cache/mod_proxy',
+    'freebsd' => '/var/cache/mod_disk_cache',
+  }
+  if $::osfamily != 'FreeBSD' {
+    # FIXME: investigate why disk_cache was dependent on proxy
+    # NOTE: on FreeBSD disk_cache is compiled by default but proxy is not
+    Class['apache::mod::proxy'] -> Class['apache::mod::disk_cache']
   }
-  Class['apache::mod::proxy'] -> Class['apache::mod::disk_cache']
   Class['apache::mod::cache'] -> Class['apache::mod::disk_cache']
 
   apache::mod { 'disk_cache': }