#! /usr/bin/cfengine -qf
control:
OutputPrefix = ("${cf_prefix}")
actionsequence = ( editfiles shellcommands processes )
AddInstallable = ( apache_reload )
EditfileSize = ( 50000 )
editfiles:
any::
{ /etc/apache/httpd.conf
DefineClasses "apache_reload"
#
# ServerAdmin webmaster@$(domain)
#
# (Try to add it _before_ virtual hosts)
#
WarnIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
BeginGroupIfNoLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
Append "ServerAdmin webmaster@$(domain)"
EndGroup
BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
LocateLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
InsertLine "ServerAdmin webmaster@$(domain)"
EndGroup
EndGroup
LocateLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]].*"
BeginGroupIfNoLineMatching "^[[:blank:]]*ServerAdmin[[:blank:]]*webmaster@$(domain)[[:blank:]]*$"
ReplaceLineWith "ServerAdmin webmaster@$(domain)"
EndGroup
#
# Make space for cfengine hacks
#
# (Try to add it _before_ virtual hosts)
#
ResetSearch "1"
BeginGroupIfNoSuchLine "# BEGIN CFENGINE"
BeginGroupIfNoLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
Append ""
Append "# BEGIN CFENGINE"
Append "# END CFENGINE"
EndGroup
BeginGroupIfNoLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^(### Section 3: Virtual Hosts|#?NameVirtualHost.*|#?VirtualHost.*)$"
IncrementPointer "-1"
InsertLine ""
InsertLine "# BEGIN CFENGINE"
InsertLine "# END CFENGINE"
InsertLine ""
EndGroup
EndGroup
#
# LoadModule php3_module /usr/lib/apache/1.3/libphp3.so
#
#
# php3_display_errors off
# php3_log_errors on
# AddType application/x-httpd-php3 .php3
# AddType application/x-httpd-php3-source .phps
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/libphp3.so"
ResetSearch "1"
# bug! UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php3_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php3_module[[:blank:]]+/usr/lib/apache/1.3/libphp3.so$"
ReplaceLineWith "LoadModule php3_module /usr/lib/apache/1.3/libphp3.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
BeginGroupIfNoLineMatching "[[:blank:]]*php3_display_errors off"
InsertLine " php3_display_errors off"
EndGroup
BeginGroupIfNoLineMatching "[[:blank:]]*php3_log_errors on"
InsertLine " php3_log_errors on"
EndGroup
BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-php3 .php3"
InsertLine " AddType application/x-httpd-php3 .php3"
EndGroup
BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-source .phps"
InsertLine " AddType application/x-httpd-source .phps"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
#
#
# php_flag display_errors off
# php_flag log_errors on
# AddType application/x-httpd-php .phtml .php .inc .php3
# AddType application/x-httpd-php-source .phps
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/libphp4.so"
ResetSearch "1"
# UnCommentLinesMatching "^\#[[:blank:]]*LoadModule[[:blank:]]+php4\_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+php4\_module[[:blank:]]+/usr/lib/apache/1.3/libphp4.so$"
ReplaceLineWith "LoadModule php4_module /usr/lib/apache/1.3/libphp4.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
BeginGroupIfNoLineMatching "^.*php_flag[[:blank:]]*display_errors[[:blank:]]*off$"
InsertLine " php_flag display_errors off"
EndGroup
BeginGroupIfNoLineMatching ".*php_flag log_errors on"
InsertLine " php_flag log_errors on"
EndGroup
BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-php .phtml .php .inc .php3"
InsertLine " AddType application/x-httpd-php .phtml .php .inc .php3"
EndGroup
BeginGroupIfNoLineMatching "[[:blank:]]*AddType application/x-httpd-source .phps"
InsertLine " AddType application/x-httpd-source .phps"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule gzip_module /usr/lib/apache/1.3/mod_gzip.so
#
#
# mod_gzip_dechunk yes
# mod_gzip_keep_workfiles No
# mod_gzip_temp_dir /tmp
# mod_gzip_minimum_file_size 1002
# mod_gzip_maximum_file_size 0
# mod_gzip_maximum_inmem_size 1000000
# mod_gzip_item_include file "\.htm$"
# mod_gzip_item_include file "\.html$"
# mod_gzip_item_include mime "text/.*"
# mod_gzip_item_include file "\.php$"
# mod_gzip_item_include mime "jserv-servlet"
# mod_gzip_item_include handler "jserv-servlet"
# mod_gzip_item_include mime "application/x-httpd-php.*"
# mod_gzip_item_include mime "httpd/unix-directory"
# mod_gzip_item_exclude file "\.css$"
# mod_gzip_item_exclude file "\.js$"
# mod_gzip_item_exclude file "\.wml$"
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_gzip.so"
ResetSearch "1"
# SetCommentStart "#"
# SetCommentEnd ""
# UnCommentLinesMatching "^\#[[:blank:]]*LoadModule[[:blank:]]+gzip_module[[:blank:]].*"
LocateLineMatching "#[[:blank:]]*LoadModule[[:blank:]]+gzip_module[[:blank:]]+/usr/lib/apache/1.3/mod_gzip.so"
# UnCommentNLines "1"
ReplaceLineWith "LoadModule gzip_module /usr/lib/apache/1.3/mod_gzip.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
BeginGroupIfNoLineMatching ' mod_gzip_on yes'
InsertLine ' mod_gzip_on yes'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_dechunk yes'
InsertLine ' mod_gzip_dechunk yes'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_keep_workfiles No'
InsertLine ' mod_gzip_keep_workfiles No'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_temp_dir /tmp'
InsertLine ' mod_gzip_temp_dir /tmp'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_minimum_file_size 1002'
InsertLine ' mod_gzip_minimum_file_size 1002'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_maximum_file_size 0'
InsertLine ' mod_gzip_maximum_file_size 0'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_maximum_inmem_size 1000000'
InsertLine ' mod_gzip_maximum_inmem_size 1000000'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.htm\$"'
InsertLine ' mod_gzip_item_include file "\.htm$"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.html\$"'
InsertLine ' mod_gzip_item_include file "\.html$"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "text/\.\*"'
InsertLine ' mod_gzip_item_include mime "text/.*"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include file "\\\.php\$"'
InsertLine ' mod_gzip_item_include file "\.php$"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "jserv-servlet"'
InsertLine ' mod_gzip_item_include mime "jserv-servlet"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include handler "jserv-servlet"'
InsertLine ' mod_gzip_item_include handler "jserv-servlet"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "application/x-httpd-php\.\*"'
InsertLine ' mod_gzip_item_include mime "application/x-httpd-php.*"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_include mime "httpd/unix-directory"'
InsertLine ' mod_gzip_item_include mime "httpd/unix-directory"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.css\$"'
InsertLine ' mod_gzip_item_exclude file "\.css$"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.js\$"'
InsertLine ' mod_gzip_item_exclude file "\.js$"'
EndGroup
BeginGroupIfNoLineMatching '[[:blank:]]*mod_gzip_item_exclude file "\\\.wml\$"'
InsertLine ' mod_gzip_item_exclude file "\.wml$"'
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule index_rss_module /usr/lib/apache/1.3/mod_index_rss.so
#
#
# IndexRSSEngine On
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_index_rss.so"
ResetSearch "1"
# bug! UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+index_rss_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+index_rss_module[[:blank:]]+/usr/lib/apache/1.3/mod_index_rss.so$"
ReplaceLineWith "LoadModule index_rss_module /usr/lib/apache/1.3/mod_index_rss.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
BeginGroupIfNoLineMatching "[[:blank:]]+IndexRSSEngine On"
InsertLine " IndexRSSEngine On"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule pam_auth_module /usr/lib/apache/1.3/mod_auth_pam.so
#
#
#
# AuthPAM_Enabled Off
#
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_pam.so"
ResetSearch "1"
# bug! UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+pam_auth_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+pam_auth_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_pam.so$"
ReplaceLineWith "LoadModule pam_auth_module /usr/lib/apache/1.3/mod_auth_pam.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine " "
InsertLine " "
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
LocateLineMatching "[[:blank:]]+"
BeginGroupIfNoLineMatching "[[:blank:]]+AuthPAM_Enabled Off"
InsertLine " AuthPAM_Enabled Off"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so
#
#
#
# AuthShadow Off
#
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_shadow.so"
ResetSearch "1"
# bug! UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_shadow.so$"
ReplaceLineWith "LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine " "
InsertLine " "
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
LocateLineMatching "[[:blank:]]+"
BeginGroupIfNoLineMatching "[[:blank:]]+AuthShadow Off"
InsertLine " AuthShadow Off"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
#
# LoadModule authshadow_module /usr/lib/apache/1.3/mod_xslt.so
#
#
#
# AddHandler mod_xslt .html
# AddHandler mod_xslt .txt
#
#
#
BeginGroupIfFileExists "/usr/lib/apache/1.3/mod_auth_shadow.so"
ResetSearch "1"
# bug! UnCommentLinesMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]].*"
LocateLineMatching "^#[[:blank:]]*LoadModule[[:blank:]]+authshadow_module[[:blank:]]+/usr/lib/apache/1.3/mod_auth_shadow.so$"
ReplaceLineWith "LoadModule authshadow_module /usr/lib/apache/1.3/mod_auth_shadow.so"
CatchAbort
AbortAtLineMatching "^# END CFENGINE$"
LocateLineMatching "^# BEGIN CFENGINE$"
BeginGroupIfNoSuchLine ""
InsertLine ""
InsertLine " "
InsertLine " "
InsertLine ""
EndGroup
ResetSearch "1"
LocateLineMatching "^# BEGIN CFENGINE$"
LocateLineMatching "^$"
LocateLineMatching "[[:blank:]]+"
BeginGroupIfNoLineMatching "[[:blank:]]+AuthShadow Off"
InsertLine " AuthShadow Off"
EndGroup
UnsetAbort "^# END CFENGINE$"
EndGroup
}
processes:
"apache" restart "/etc/init.d/apache restart"
shellcommands:
apache_reload::
"/etc/init.d/apache force-reload"