#! /usr/bin/cfengine -qf

control:
	OutputPrefix	= ("${cf_prefix}")
	actionsequence	= ( editfiles )
	AddInstallable	= ( apache_reload )
	EditfileSize	= ( 50000 )

editfiles:
    any::
	{ /etc/apache/httpd.conf
		DefineClasses "apache_reload"
		#
		# ServerAdmin webmaster@$(domain)
		#
		# (Try to add it _before_ virtual hosts)
		#
		WarnIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
		BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
			BeginGroupIfNoLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
				Append "ServerAdmin webmaster@$(domain)"
			EndGroup
			BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
				LocateLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
				InsertLine "ServerAdmin webmaster@$(domain)"
			EndGroup
		EndGroup
		LocateLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
		BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]]*webmaster@$(domain)[[:blank:]]*$"
			ReplaceLineWith "ServerAdmin webmaster@$(domain)"
		EndGroup
		#
		# Make space for cfengine hacks
		#
		# (Try to add it _before_ virtual hosts)
		#
		ResetSearch "1"
		BeginGroupIfNoSuchLine "# BEGIN CFENGINE"
			BeginGroupIfNoLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
				Append ""
				Append "# BEGIN CFENGINE"
				Append "# END CFENGINE"
			EndGroup
			BeginGroupIfNoLineMatching "^# BEGIN CFENGINE$"
				LocateLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
				IncrementPointer "-1"
				InsertLine ""
				InsertLine "# BEGIN CFENGINE"
				InsertLine "# END CFENGINE"
				InsertLine ""
			EndGroup
		EndGroup
		#
		# LoadModule php3_module /usr/lib/apache/1.3/libphp3.so
		#
		# <IfModule libphp3.c>
		# 	php3_display_errors off
		#	php3_log_errors on
		#	AddType application/x-httpd-php3 .php3
		#	AddType application/x-httpd-php3-source .phps
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/libphp3.so"
			ResetSearch "1"
# bug!			UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php3_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php3_module[[:blank:]]+/usr/lib/apache/1.3/libphp3.so$"
			ReplaceLineWith "LoadModule php3_module /usr/lib/apache/1.3/libphp3.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule libphp3.c>"
				InsertLine "<IfModule libphp3.c>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule libphp3.c>$"
			BeginGroupIfNoLineMatching "[[:blank:]]*php3_display_errors off"
				InsertLine "	php3_display_errors off"
			EndGroup
			BeginGroupIfNoLineMatching "[[:blank:]]*php3_log_errors on"
				InsertLine "	php3_log_errors on"
			EndGroup
			BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-php3 .php3"
				InsertLine "	AddType application/x-httpd-php3 .php3"
			EndGroup
			BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-source .phps"
				InsertLine "	AddType application/x-httpd-source .phps"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
		#
		# <IfModule libphp4.c>
		# 	php_flag display_errors off
		#	php_flag log_errors on
		#	AddType application/x-httpd-php .phtml .php .inc .php3
		#	AddType application/x-httpd-php-source .phps
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/libphp4.so"
			ResetSearch "1"
#			UnCommentLinesMatching "^\#[[:blank:]]*LoadModule[[:blank:]]+php4\_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php4\_module[[:blank:]]+/usr/lib/apache/1.3/libphp4.so$"
			ReplaceLineWith "LoadModule php4_module /usr/lib/apache/1.3/libphp4.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule libphp4.c>"
				InsertLine "<IfModule libphp4.c>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule libphp4.c>$"
			BeginGroupIfNoLineMatching "^.*php_flag[[:blank:]]*display_errors[[:blank:]]*off$"
				InsertLine "	php_flag display_errors off"
			EndGroup
			BeginGroupIfNoLineMatching ".*php_flag log_errors on"
				InsertLine "	php_flag log_errors on"
			EndGroup
			BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-php .phtml .php .inc .php3"
				InsertLine "	AddType application/x-httpd-php .phtml .php .inc .php3"
			EndGroup
			BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-source .phps"
				InsertLine "	AddType application/x-httpd-source .phps"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule gzip_module /usr/lib/apache/1.3/mod_gzip.so
		#
		# <IfModule mod_gzip.c>
		#	mod_gzip_dechunk yes
		#	mod_gzip_keep_workfiles No
		#	mod_gzip_temp_dir /tmp
		#	mod_gzip_minimum_file_size 1002
		#	mod_gzip_maximum_file_size 0
		#	mod_gzip_maximum_inmem_size 1000000
		#	mod_gzip_item_include file "\.htm$"
		#	mod_gzip_item_include file "\.html$"
		#	mod_gzip_item_include mime "text/.*"
		#	mod_gzip_item_include file "\.php$"
		#	mod_gzip_item_include mime "jserv-servlet"
		#	mod_gzip_item_include handler "jserv-servlet"
		#	mod_gzip_item_include mime "application/x-httpd-php.*"
		#	mod_gzip_item_include mime "httpd/unix-directory"
		#	mod_gzip_item_exclude file "\.css$"
		#	mod_gzip_item_exclude file "\.js$"
		#	mod_gzip_item_exclude file "\.wml$"
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_gzip.so"
			ResetSearch "1"
#			SetCommentStart "#"
#			SetCommentEnd ""
#			UnCommentLinesMatching "^\#[[:blank:]]*LoadModule[[:blank:]]+gzip_module[[:blank:]].*"
			LocateLineMatching "#[[:blank:]]*LoadModule[[:blank:]]+gzip_module[[:blank:]]+/usr/lib/apache/1.3/mod_gzip.so"
#			UnCommentNLines "1"
			ReplaceLineWith "LoadModule gzip_module /usr/lib/apache/1.3/mod_gzip.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule mod_gzip.c>"
				InsertLine "<IfModule mod_gzip.c>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule mod_gzip.c>$"
			BeginGroupIfNoLineMatching '	mod_gzip_on yes'
				InsertLine '	mod_gzip_on yes'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_dechunk yes'
				InsertLine '	mod_gzip_dechunk yes'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_keep_workfiles No'
				InsertLine '	mod_gzip_keep_workfiles No'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_temp_dir /tmp'
				InsertLine '	mod_gzip_temp_dir /tmp'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_minimum_file_size 1002'
				InsertLine '	mod_gzip_minimum_file_size 1002'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_maximum_file_size 0'
				InsertLine '	mod_gzip_maximum_file_size 0'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_maximum_inmem_size 1000000'
				InsertLine '	mod_gzip_maximum_inmem_size 1000000'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.htm\$"'
				InsertLine '	mod_gzip_item_include file "\.htm$"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.html\$"'
				InsertLine '	mod_gzip_item_include file "\.html$"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "text/\.\*"'
				InsertLine '	mod_gzip_item_include mime "text/.*"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.php\$"'
				InsertLine '	mod_gzip_item_include file "\.php$"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "jserv-servlet"'
				InsertLine '	mod_gzip_item_include mime "jserv-servlet"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include handler "jserv-servlet"'
				InsertLine '	mod_gzip_item_include handler "jserv-servlet"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "application/x-httpd-php\.\*"'
				InsertLine '	mod_gzip_item_include mime "application/x-httpd-php.*"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "httpd/unix-directory"'
				InsertLine '	mod_gzip_item_include mime "httpd/unix-directory"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.css\$"'
				InsertLine '	mod_gzip_item_exclude file "\.css$"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.js\$"'
				InsertLine '	mod_gzip_item_exclude file "\.js$"'
			EndGroup
			BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.wml\$"'
				InsertLine '	mod_gzip_item_exclude file "\.wml$"'
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule index_rss_module /usr/lib/apache/1.3/mod_index_rss.so
		#
		# <IfModule mod_index_rss.c>
		# 	IndexRSSEngine On
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_index_rss.so"
			ResetSearch "1"
# bug!			UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+index_rss_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+index_rss_module[[:blank:]]+/usr/lib/apache/1.3/mod_index_rss.so$"
			ReplaceLineWith "LoadModule index_rss_module /usr/lib/apache/1.3/mod_index_rss.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule mod_index_rss.c>"
				InsertLine "<IfModule mod_index_rss.c>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule mod_index_rss.c>$"
			BeginGroupIfNoLineMatching "[[:blank:]]+IndexRSSEngine On"
				InsertLine "	IndexRSSEngine On"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule pam_auth_module /usr/lib/apache/1.3/mod_auth_pam.so
		#
		# <IfModule mod_auth_pam.c>
		# 	<Location />
		# 		AuthPAM_Enabled Off
		# 	</Location>
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_pam.so"
			ResetSearch "1"
# bug!			UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+pam_auth_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+pam_auth_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_pam.so$"
			ReplaceLineWith "LoadModule pam_auth_module /usr/lib/apache/1.3/mod_auth_pam.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule mod_auth_pam.c>"
				InsertLine "<IfModule mod_auth_pam.c>"
				InsertLine "	<Location />"
				InsertLine "	</Location>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule mod_auth_pam.c>$"
			LocateLineMatching "[[:blank:]]+<Location />"
			BeginGroupIfNoLineMatching "[[:blank:]]+AuthPAM_Enabled Off"
				InsertLine "		AuthPAM_Enabled Off"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so
		#
		# <IfModule mod_auth_shadow.c>
		# 	<Location />
		# 		AuthShadow Off
		# 	</Location>
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_shadow.so"
			ResetSearch "1"
# bug!			UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_shadow.so$"
			ReplaceLineWith "LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule mod_auth_shadow.c>"
				InsertLine "<IfModule mod_auth_shadow.c>"
				InsertLine "	<Location />"
				InsertLine "	</Location>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule mod_auth_shadow.c>$"
			LocateLineMatching "[[:blank:]]+<Location />"
			BeginGroupIfNoLineMatching "[[:blank:]]+AuthShadow Off"
				InsertLine "		AuthShadow Off"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
		#
		# LoadModule authshadow_module /usr/lib/apache/1.3/mod_xslt.so
		#
		# <IfModule mod_auth_shadow.c>
		# 	<Location /xslt>
		# 		AddHandler mod_xslt .html
		# 		AddHandler mod_xslt .txt
		# 	</Location>
		# </IfModule>
		#
		BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_shadow.so"
			ResetSearch "1"
# bug!			UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]].*"
			LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_shadow.so$"
			ReplaceLineWith "LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so"
			CatchAbort
			AbortAtLineMatching "^# END CFENGINE$"
			LocateLineMatching "^# BEGIN CFENGINE$"
			BeginGroupIfNoSuchLine "<IfModule mod_auth_shadow.c>"
				InsertLine "<IfModule mod_auth_shadow.c>"
				InsertLine "	<Location />"
				InsertLine "	</Location>"
				InsertLine "</IfModule>"
			EndGroup
			ResetSearch "1"
			LocateLineMatching "^# BEGIN CFENGINE$"
			LocateLineMatching "^<IfModule mod_auth_shadow.c>$"
			LocateLineMatching "[[:blank:]]+<Location />"
			BeginGroupIfNoLineMatching "[[:blank:]]+AuthShadow Off"
				InsertLine "		AuthShadow Off"
			EndGroup
			UnsetAbort "^# END CFENGINE$"
		EndGroup
	}
processes:
	"apache"	restart "/etc/init.d/apache restart"
shellcommands:
    apache_reload::
	"/etc/init.d/apache force-reload"