apache2 Cookbook
(opens in a new tab) (opens in a new tab) (opens in a new tab)
This cookbook provides a complete Debian/Ubuntu style Apache HTTPD configuration. Non-Debian based distributions such as Red Hat/CentOS, ArchLinux and others supported by this cookbook will have a configuration that mimics Debian/Ubuntu style as it is easier to manage with Chef.
Debian-style Apache configuration uses scripts to manage modules and sites (vhosts). The scripts are:
- a2ensite
- a2dissite
- a2enmod
- a2dismod
- a2enconf
- a2disconf
This cookbook ships with templates of these scripts for non-Debian based platforms.
Maintainers
This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit sous-chefs.org (opens in a new tab) or come chat with us on the Chef Community Slack in #sous-chefs (opens in a new tab).
Cookbooks
Depending on your OS configuration and security policy, you may need additional recipes or cookbooks for this cookbook's recipes to converge on the node. In particular, the following Operating System settings may affect the behavior of this cookbook:
- SELinux enabled
- Firewalls (such as iptables, ufw, etc.)
- Compile tools
- 3rd party repositories
On RHEL, SELinux is enabled by default. The selinux (opens in a new tab) cookbook contains a permissive
recipe that can be used to set SELinux to "Permissive" state. Otherwise, additional recipes need to be created by the user to address SELinux permissions.
To deal with firewalls Chef Software does provide an iptables (opens in a new tab) and ufw (opens in a new tab) cookbook but is migrating from the approach used there to a more robust solution utilizing the general firewall (opens in a new tab) cookbook to setup rules. See those cookbooks' READMEs for documentation.
On ArchLinux, if you are using the apache2::mod_auth_openid
recipe, you also need the pacman (opens in a new tab) cookbook for the pacman_aur
LWRP. Put recipe[pacman]
on the node's expanded run list (on the node or in a role). This is not an explicit dependency because it is only required for this single recipe and platform; the pacman default recipe performs pacman -Sy
to keep pacman's package cache updated.
Platforms
The following platforms and versions are tested and supported using test-kitchen (opens in a new tab)
- Amazon Linux 2023
- CentOS 7+ (incl. Rocky & Alma)
- Debian 10+
- Fedora latest
- OpenSUSE Leap 15
- Ubuntu 18.04+
Usage
It is recommended to create a project or organization specific wrapper cookbook (opens in a new tab) and add the desired custom resources to the run list of a node. Depending on your environment, you may have multiple roles that use different recipes from this cookbook. Adjust any attributes as desired.
apache2_install 'default_install' do
notifies :restart, 'apache2_service[default]'
end
apache2_module 'headers' do
notifies :reload, 'apache2_service[default]'
end
apache2_module 'ssl' do
notifies :reload, 'apache2_service[default]'
end
apache2_default_site 'foo' do
default_site_name 'my_site'
template_cookbook 'my_cookbook'
port '443'
template_source 'my_site.conf.erb'
action :enable
notifies :reload, 'apache2_service[default]'
end
apache2_service 'default' do
action [:enable, :start]
end
Example wrapper cookbooks: basic site ssl site
Resources
Contributors
This project exists thanks to all the people who contribute. (opens in a new tab)
Backers
Thank you to all our backers!
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.