Apache management with puppet

=====================================================
[root@server ~]# puppet module search httpd
Notice: Searching https://forgeapi.puppetlabs.com
NAME DESCRIPTION AUTHOR KEYWORDS
thias-apache_httpd Manage the Apache httpd web server and its configuration… @thias apache httpd web
puppetlabs-apache Installs, configures, and manages Apache virtual hosts, … @puppetlabs web httpd rhel ssl wsgi proxy
=====================================================
[root@server ~]# puppet module install puppetlabs-apache –version 1.10.0
Notice: Preparing to install into /etc/puppet/modules …
Notice: Downloading from https://forgeapi.puppetlabs.com
Notice: Installing — do not interrupt …
/etc/puppet/modules
└─┬ puppetlabs-apache (v1.10.0)
├── puppetlabs-concat (v2.2.0)
└── puppetlabs-stdlib (v4.13.1)
=====================================================
[root@server ~]# vim /etc/puppet/manifests/site.pp
hiera_include(“classes”)

node default {
include role
}
#### writing role for user creation #####
case $role { ‘users’ : {
include users
}
}
###### writing role for ftpserver #######
case $role { ‘ftpserver’ : {
include vsftpd
}
}
####### writing role for nfs-server ######
case $role { ‘nfsserver’ : {
include nfs
}
}
##### writing role for samaba-server ######
case $role { ‘sambaserver’ : {
include samba::dc
}
}
############ writing role for ssh #########
case $role { ‘sshauth’ : {
include ssh
}
}
####### writing role for apache ###########
case $role { ‘webserver’ : {
include apache
}
}
==========================================================

[root@agent ~]# vim /etc/facter/facts.d/role.txt
role=webserver
==================================================
[root@agent ~]# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 951/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1311/master
tcp6 0 0 :::22 :::* LISTEN 951/sshd
================================================
[root@agent ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for agent.puppet.com
Info: Applying configuration version ‘1478831579’
Notice: /Stage[main]/Apache::Mod::Mime/Package[mailcap]/ensure: created
Notice: /Stage[main]/Apache/Package[httpd]/ensure: created
Info: /Stage[main]/Apache/Package[httpd]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Mime/Apache::Mod[mime]/File[mime.load]/ensure: defined content as ‘{md5}e36257b9efab01459141d423cae57c7c’
Info: /Stage[main]/Apache::Mod::Mime/Apache::Mod[mime]/File[mime.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[expires]/File[expires.load]/ensure: defined content as ‘{md5}f0825bad1e470de86ffabeb86dcc5d95’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[expires]/File[expires.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Dav/Apache::Mod[dav]/File[dav.load]/ensure: defined content as ‘{md5}588e496251838c4840c14b28b5aa7881’
Info: /Stage[main]/Apache::Mod::Dav/Apache::Mod[dav]/File[dav.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_owner]/File[authz_owner.load]/ensure: defined content as ‘{md5}f30a9be1016df87f195449d9e02d1857’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_owner]/File[authz_owner.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_groupfile]/File[authz_groupfile.load]/ensure: defined content as ‘{md5}ae005a36b3ac8c20af36c434561c8a75’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_groupfile]/File[authz_groupfile.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authn_dbm]/File[authn_dbm.load]/ensure: defined content as ‘{md5}90ee8f8ef1a017cacadfda4225e10651’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authn_dbm]/File[authn_dbm.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Authn_core/Apache::Mod[authn_core]/File[authn_core.load]/ensure: defined content as ‘{md5}704d6e8b02b0eca0eba4083960d16c52’
Info: /Stage[main]/Apache::Mod::Authn_core/Apache::Mod[authn_core]/File[authn_core.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Authz_user/Apache::Mod[authz_user]/File[authz_user.load]/ensure: defined content as ‘{md5}63594303ee808423679b1ea13dd5a784’
Info: /Stage[main]/Apache::Mod::Authz_user/Apache::Mod[authz_user]/File[authz_user.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[log_config]/File[log_config.load]/ensure: defined content as ‘{md5}785d35cb285e190d589163b45263ca89’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[log_config]/File[log_config.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[logio]/File[logio.load]/ensure: defined content as ‘{md5}084533c7a44e9129d0e6df952e2472b6’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[logio]/File[logio.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Mime/File[mime.conf]/ensure: defined content as ‘{md5}9da85e58f3bd6c780ce76db603b7f028’
Info: /Stage[main]/Apache::Mod::Mime/File[mime.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[access_compat]/File[access_compat.load]/ensure: defined content as ‘{md5}d5feb88bec4570e2dbc41cce7e0de003’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[access_compat]/File[access_compat.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Version/Apache::Mod[version]/File[version.load]/ensure: defined content as ‘{md5}1c9243de22ace4dc8266442c48ae0c92’
Info: /Stage[main]/Apache::Mod::Version/Apache::Mod[version]/File[version.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Setenvif/File[setenvif.conf]/ensure: defined content as ‘{md5}c7ede4173da1915b7ec088201f030c28’
Info: /Stage[main]/Apache::Mod::Setenvif/File[setenvif.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Actions/Apache::Mod[actions]/File[actions.load]/ensure: defined content as ‘{md5}599866dfaf734f60f7e2d41ee8235515’
Info: /Stage[main]/Apache::Mod::Actions/Apache::Mod[actions]/File[actions.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Deflate/File[deflate.conf]/ensure: defined content as ‘{md5}a045d750d819b1e9dae3fbfb3f20edd5’
Info: /Stage[main]/Apache::Mod::Deflate/File[deflate.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_core]/File[authz_core.load]/ensure: defined content as ‘{md5}39942569bff2abdb259f9a347c7246bc’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_core]/File[authz_core.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Negotiation/File[negotiation.conf]/ensure: defined content as ‘{md5}47284b5580b986a6ba32580b6ffb9fd7’
Info: /Stage[main]/Apache::Mod::Negotiation/File[negotiation.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Alias/Apache::Mod[alias]/File[alias.load]/ensure: defined content as ‘{md5}3cf2fa309ccae4c29a4b875d0894cd79’
Info: /Stage[main]/Apache::Mod::Alias/Apache::Mod[alias]/File[alias.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[env]/File[env.load]/ensure: defined content as ‘{md5}d74184d40d0ee24ba02626a188ee7e1a’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[env]/File[env.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Negotiation/Apache::Mod[negotiation]/File[negotiation.load]/ensure: defined content as ‘{md5}d262ee6a5f20d9dd7f87770638dc2ccd’
Info: /Stage[main]/Apache::Mod::Negotiation/Apache::Mod[negotiation]/File[negotiation.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_dbm]/File[authz_dbm.load]/ensure: defined content as ‘{md5}c1363277984d22f99b70f7dce8753b60’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_dbm]/File[authz_dbm.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Dir/File[dir.conf]/ensure: defined content as ‘{md5}c741d8ea840e6eb999d739eed47c69d7’
Info: /Stage[main]/Apache::Mod::Dir/File[dir.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[usertrack]/File[usertrack.load]/ensure: defined content as ‘{md5}e95fbbf030fabec98b948f8dc217775c’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[usertrack]/File[usertrack.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Prefork/File[/etc/httpd/conf.modules.d/prefork.conf]/ensure: defined content as ‘{md5}109c4f51dac10fc1b39373855e566d01’
Info: /Stage[main]/Apache::Mod::Prefork/File[/etc/httpd/conf.modules.d/prefork.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Vhost_alias/Apache::Mod[vhost_alias]/File[vhost_alias.load]/ensure: defined content as ‘{md5}eca907865997d50d5130497665c3f82e’
Info: /Stage[main]/Apache::Mod::Vhost_alias/Apache::Mod[vhost_alias]/File[vhost_alias.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Setenvif/Apache::Mod[setenvif]/File[setenvif.load]/ensure: defined content as ‘{md5}ec6c99f7cc8e35bdbcf8028f652c9f6d’
Info: /Stage[main]/Apache::Mod::Setenvif/Apache::Mod[setenvif]/File[setenvif.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[unixd]/File[unixd.load]/ensure: defined content as ‘{md5}0e8468ecc1265f8947b8725f4d1be9c0’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[unixd]/File[unixd.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[auth_basic]/File[auth_basic.load]/ensure: defined content as ‘{md5}494bcf4b843f7908675d663d8dc1bdc8’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[auth_basic]/File[auth_basic.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Prefork/Apache::Mpm[prefork]/File[/etc/httpd/conf.modules.d/prefork.load]/ensure: defined content as ‘{md5}157529aafcf03fa491bc924103e4608e’
Info: /Stage[main]/Apache::Mod::Prefork/Apache::Mpm[prefork]/File[/etc/httpd/conf.modules.d/prefork.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Authn_file/Apache::Mod[authn_file]/File[authn_file.load]/ensure: defined content as ‘{md5}d41656680003d7b890267bb73621c60b’
Info: /Stage[main]/Apache::Mod::Authn_file/Apache::Mod[authn_file]/File[authn_file.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Ext_filter/Apache::Mod[ext_filter]/File[ext_filter.load]/ensure: defined content as ‘{md5}76d5e0ac3411a4be57ac33ebe2e52ac8’
Info: /Stage[main]/Apache::Mod::Ext_filter/Apache::Mod[ext_filter]/File[ext_filter.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Speling/Apache::Mod[speling]/File[speling.load]/ensure: defined content as ‘{md5}f82e9e6b871a276c324c9eeffcec8a61’
Info: /Stage[main]/Apache::Mod::Speling/Apache::Mod[speling]/File[speling.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Dir/Apache::Mod[dir]/File[dir.load]/ensure: defined content as ‘{md5}1bfb1c2a46d7351fc9eb47c659dee068’
Info: /Stage[main]/Apache::Mod::Dir/Apache::Mod[dir]/File[dir.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Dav_fs/Apache::Mod[dav_fs]/File[dav_fs.load]/ensure: defined content as ‘{md5}2996277c73b1cd684a9a3111c355e0d3’
Info: /Stage[main]/Apache::Mod::Dav_fs/Apache::Mod[dav_fs]/File[dav_fs.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[include]/File[include.load]/ensure: defined content as ‘{md5}88095a914eedc3c2c184dd5d74c3954c’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[include]/File[include.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[systemd]/File[systemd.load]/ensure: defined content as ‘{md5}26e5d44aae258b3e9d821cbbbd3e2826’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[systemd]/File[systemd.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Alias/File[alias.conf]/ensure: defined content as ‘{md5}983e865be85f5e0daaed7433db82995e’
Info: /Stage[main]/Apache::Mod::Alias/File[alias.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Suexec/Apache::Mod[suexec]/File[suexec.load]/ensure: defined content as ‘{md5}c7d5c61c534ba423a79b0ae78ff9be35’
Info: /Stage[main]/Apache::Mod::Suexec/Apache::Mod[suexec]/File[suexec.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[substitute]/File[substitute.load]/ensure: defined content as ‘{md5}8077c34a71afcf41c8fc644830935915’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[substitute]/File[substitute.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[auth_digest]/File[auth_digest.load]/ensure: defined content as ‘{md5}df9e85f8da0b239fe8e698ae7ead4f60’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[auth_digest]/File[auth_digest.load]: Scheduling refresh of Class[Apache::Service]
Info: Computing checksum on file /etc/httpd/conf.d/autoindex.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.d/autoindex.conf]: Filebucketed /etc/httpd/conf.d/autoindex.conf to puppet with sum 09726332c2fd6fc73a57fbe69fc10427
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.d/autoindex.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.d/userdir.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.d/userdir.conf]: Filebucketed /etc/httpd/conf.d/userdir.conf to puppet with sum d4a2620683cc3ff2315c685f9f354265
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.d/userdir.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.d/welcome.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.d/welcome.conf]: Filebucketed /etc/httpd/conf.d/welcome.conf to puppet with sum 9d1328b985d0851eb5bc610da6122f44
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.d/welcome.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.d/README
Info: /Stage[main]/Apache/File[/etc/httpd/conf.d/README]: Filebucketed /etc/httpd/conf.d/README to puppet with sum 20b886e8496027dcbc31ed28d404ebb1
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.d/README]/ensure: removed
Notice: /Stage[main]/Apache::Mod::Deflate/Apache::Mod[deflate]/File[deflate.load]/ensure: defined content as ‘{md5}2d1a1afcae0c70557251829a8586eeaf’
Info: /Stage[main]/Apache::Mod::Deflate/Apache::Mod[deflate]/File[deflate.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Autoindex/Apache::Mod[autoindex]/File[autoindex.load]/ensure: defined content as ‘{md5}515cdf5b573e961a60d2931d39248648’
Info: /Stage[main]/Apache::Mod::Autoindex/Apache::Mod[autoindex]/File[autoindex.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authn_anon]/File[authn_anon.load]/ensure: defined content as ‘{md5}bf57b94b5aec35476fc2a2dc3861f132’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authn_anon]/File[authn_anon.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Autoindex/File[autoindex.conf]/ensure: defined content as ‘{md5}2421a3c6df32c7e38c2a7a22afdf5728’
Info: /Stage[main]/Apache::Mod::Autoindex/File[autoindex.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Cache/Apache::Mod[cache]/File[cache.load]/ensure: defined content as ‘{md5}01e4d392225b518a65b0f7d6c4e21d29’
Info: /Stage[main]/Apache::Mod::Cache/Apache::Mod[cache]/File[cache.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Rewrite/Apache::Mod[rewrite]/File[rewrite.load]/ensure: defined content as ‘{md5}26e2683352fc1599f29573ff0d934e79’
Info: /Stage[main]/Apache::Mod::Rewrite/Apache::Mod[rewrite]/File[rewrite.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_host]/File[authz_host.load]/ensure: defined content as ‘{md5}d1045f54d2798499ca0f030ca0eef920’
Info: /Stage[main]/Apache::Default_mods/Apache::Mod[authz_host]/File[authz_host.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Filter/Apache::Mod[filter]/File[filter.load]/ensure: defined content as ‘{md5}66a1e2064a140c3e7dca7ac33877700e’
Info: /Stage[main]/Apache::Mod::Filter/Apache::Mod[filter]/File[filter.load]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache/Apache::Vhost[default]/Concat[15-default.conf]/File[/etc/httpd/conf.d/15-default.conf]/ensure: defined content as ‘{md5}a430bf4e003be964b419e7aea251c6c4’
Info: Concat[15-default.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Mime_magic/File[mime_magic.conf]/ensure: defined content as ‘{md5}b258529b332429e2ff8344f726a95457’
Info: /Stage[main]/Apache::Mod::Mime_magic/File[mime_magic.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Mime_magic/Apache::Mod[mime_magic]/File[mime_magic.load]/ensure: defined content as ‘{md5}cb8670bb2fb352aac7ebf3a85d52094c’
Info: /Stage[main]/Apache::Mod::Mime_magic/Apache::Mod[mime_magic]/File[mime_magic.load]: Scheduling refresh of Class[Apache::Service]
Info: /etc/httpd/conf.d: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Dav_fs/File[dav_fs.conf]/ensure: defined content as ‘{md5}899a57534f3d84efa81887ec93c90c9b’
Info: /Stage[main]/Apache::Mod::Dav_fs/File[dav_fs.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache/Concat[/etc/httpd/conf/ports.conf]/File[/etc/httpd/conf/ports.conf]/ensure: defined content as ‘{md5}334fa5cddbf9a408ea1ca7a1666b1fc4’
Info: Concat[/etc/httpd/conf/ports.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache/File[/etc/httpd/conf/httpd.conf]/content:
— /etc/httpd/conf/httpd.conf 2016-07-18 11:22:22.000000000 -0400
+++ /tmp/puppet-file20161108-2519-2g1j4x 2016-11-08 19:01:21.579982384 -0500
@@ -1,353 +1,49 @@
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.4/&gt; for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html&gt;
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They’re here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server’s control files begin with “/” (or “drive:/” for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with “/”, the value of ServerRoot is prepended — so ‘log/access_log’
-# with ServerRoot set to ‘/www’ will be interpreted by the
-# server as ‘/www/log/access_log’, where as ‘/log/access_log’ will be
-# interpreted as ‘/log/access_log’.

-#
-# ServerRoot: The top of the directory tree under which the server’s
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to specify a local disk on the
-# Mutex directive, if file-based mutexes are used. If you wish to share the
-# same ServerRoot for multiple httpd daemons, you will need to change at
-# least PidFile.
-#
+# Security
+ServerTokens OS
+ServerSignature On
+TraceEnable On
+
+ServerName “agent.puppet.com”
ServerRoot “/etc/httpd”
+PidFile run/httpd.pid
+Timeout 120
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 15
+LimitRequestFieldSize 8190
+

-#
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 80

-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule’ lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l’) do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-Include conf.modules.d/*.conf

-#
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-#
User apache
Group apache

-# ‘Main’ server configuration
-#
-# The directives in this section set up the values used by the ‘main’
-# server, which responds to any requests that aren’t handled by a
-# <VirtualHost> definition. These values also provide defaults for
-# any <VirtualHost> containers you may define later in the file.
-#
-# All of these directives may appear inside <VirtualHost> containers,
-# in which case these default settings will be overridden for the
-# virtual host being defined.
-#

-#
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-#
-ServerAdmin root@localhost

-#
-# ServerName gives the name and port that the server uses to identify itself.
-# This can often be determined automatically, but we recommend you specify
-# it explicitly to prevent problems during startup.
-#
-# If your host doesn’t have a registered DNS name, enter its IP address here.
-#
-#ServerName http://www.example.com:80

-#
-# Deny access to the entirety of your server’s filesystem. You must
-# explicitly permit access to web content directories in other
-# <Directory> blocks below.
-#
-<Directory />
– AllowOverride none
+AccessFileName .htaccess
+<FilesMatch “^\.ht”>
Require all denied
-</Directory>
+</FilesMatch>

-#
-# Note that from this point forward you must specifically allow
-# particular features to be enabled – so if something’s not working as
-# you might expect, make sure that you have specifically enabled it
-# below.
-#

-#
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-DocumentRoot “/var/www/html”

-#
-# Relax access to content within /var/www.
-#
-<Directory “/var/www”>
– AllowOverride None
– # Allow open access:
– Require all granted
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
</Directory>

-# Further relax access to the default document root:
-<Directory “/var/www/html”>
– #
– # Possible values for the Options directive are “None”, “All”,
– # or any combination of:
– # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
– #
– # Note that “MultiViews” must be named *explicitly* — “Options All”
– # doesn’t give it to you.
– #
– # The Options directive is both complicated and important. Please see
– # http://httpd.apache.org/docs/2.4/mod/core.html#options
– # for more information.
– #
– Options Indexes FollowSymLinks

– #
– # AllowOverride controls what directives may be placed in .htaccess files.
– # It can be “All”, “None”, or any combination of the keywords:
– # Options FileInfo AuthConfig Limit
– #
– AllowOverride None

– #
– # Controls who can get stuff from this server.
– #
– Require all granted
-</Directory>

-#
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-<IfModule dir_module>
– DirectoryIndex index.html
-</IfModule>

-#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-#
-<Files “.ht*”>
– Require all denied
-</Files>

-#
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host’s errors will be logged there and not here.
-#
-ErrorLog “logs/error_log”

-#
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-#
+HostnameLookups Off
+ErrorLog “/var/log/httpd/error_log”
LogLevel warn
+EnableSendfile On

-<IfModule log_config_module>
– #
– # The following directives define some format nicknames for use with
– # a CustomLog directive (see below).
– #
– LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined
– LogFormat “%h %l %u %t \”%r\” %>s %b” common

– <IfModule logio_module>
– # You need to enable mod_logio.c to use %I and %O
– LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\” %I %O” combinedio
– </IfModule>

– #
– # The location and format of the access logfile (Common Logfile Format).
– # If you do not define any access logfiles within a <VirtualHost>
– # container, they will be logged here. Contrariwise, if you *do*
– # define per-<VirtualHost> access logfiles, transactions will be
– # logged therein and *not* in this file.
– #
– #CustomLog “logs/access_log” common

– #
– # If you prefer a logfile with access, agent, and referer information
– # (Combined Logfile Format) you can use the following directive.
– #
– CustomLog “logs/access_log” combined
-</IfModule>

-<IfModule alias_module>
– #
– # Redirect: Allows you to tell clients about documents that used to
– # exist in your server’s namespace, but do not anymore. The client
– # will make a new request for the document at its new location.
– # Example:
– # Redirect permanent /foo http://www.example.com/bar

– #
– # Alias: Maps web paths into filesystem paths and is used to
– # access content that does not live under the DocumentRoot.
– # Example:
– # Alias /webpath /full/filesystem/path
– #
– # If you include a trailing / on /webpath then the server will
– # require it to be present in the URL. You will also likely
– # need to provide a <Directory> section to allow access to
– # the filesystem path.

– #
– # ScriptAlias: This controls which directories contain server scripts.
– # ScriptAliases are essentially the same as Aliases, except that
– # documents in the target directory are treated as applications and
– # run by the server when requested rather than as documents sent to the
– # client. The same rules about trailing “/” apply to ScriptAlias
– # directives as to Alias.
– #
– ScriptAlias /cgi-bin/ “/var/www/cgi-bin/”

-</IfModule>

-#
-# “/var/www/cgi-bin” should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-#
-<Directory “/var/www/cgi-bin”>
– AllowOverride None
– Options None
– Require all granted
-</Directory>
+#Listen 80
+
+
+Include “/etc/httpd/conf.modules.d/*.load”
+Include “/etc/httpd/conf.modules.d/*.conf”
+Include “/etc/httpd/conf/ports.conf”
+
+LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined
+LogFormat “%h %l %u %t \”%r\” %>s %b” common
+LogFormat “%{Referer}i -> %U” referer
+LogFormat “%{User-agent}i” agent
+LogFormat “%{X-Forwarded-For}i %l %u %t \”%r\” %s %b \”%{Referer}i\” \”%{User-agent}i\”” forwarded
+
+IncludeOptional “/etc/httpd/conf.d/*.conf”

-<IfModule mime_module>
– #
– # TypesConfig points to the file containing the list of mappings from
– # filename extension to MIME-type.
– #
– TypesConfig /etc/mime.types

– #
– # AddType allows you to add to or override the MIME configuration
– # file specified in TypesConfig for specific file types.
– #
– #AddType application/x-gzip .tgz
– #
– # AddEncoding allows you to have certain browsers uncompress
– # information on the fly. Note: Not all browsers support this.
– #
– #AddEncoding x-compress .Z
– #AddEncoding x-gzip .gz .tgz
– #
– # If the AddEncoding directives above are commented-out, then you
– # probably should define those extensions to indicate media types:
– #
– AddType application/x-compress .Z
– AddType application/x-gzip .gz .tgz

– #
– # AddHandler allows you to map certain file extensions to “handlers”:
– # actions unrelated to filetype. These can be either built into the server
– # or added with the Action directive (see below)
– #
– # To use CGI scripts outside of ScriptAliased directories:
– # (You will also need to add “ExecCGI” to the “Options” directive.)
– #
– #AddHandler cgi-script .cgi

– # For type maps (negotiated resources):
– #AddHandler type-map var

– #
– # Filters allow you to process content before it is sent to the client.
– #
– # To parse .shtml files for server-side includes (SSI):
– # (You will also need to add “Includes” to the “Options” directive.)
– #
– AddType text/html .shtml
– AddOutputFilter INCLUDES .shtml
-</IfModule>

-#
-# Specify a default charset for all content served; this enables
-# interpretation of all content as UTF-8 by default. To use the
-# default browser choice (ISO-8859-1), or to allow the META tags
-# in HTML content to override this choice, comment out this
-# directive:
-#
-AddDefaultCharset UTF-8

-<IfModule mime_magic_module>
– #
– # The mod_mime_magic module allows the server to use various hints from the
– # contents of the file itself to determine its type. The MIMEMagicFile
– # directive tells the module where the hint definitions are located.
– #
– MIMEMagicFile conf/magic
-</IfModule>

-#
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 “The server made a boo boo.”
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 “/cgi-bin/missing_handler.pl”
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#

-#
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall may be used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-# Defaults if commented: EnableMMAP On, EnableSendfile Off
-#
-#EnableMMAP off
-EnableSendfile on

-# Supplemental configuration
-#
-# Load config files in the “/etc/httpd/conf.d” directory, if any.
-IncludeOptional conf.d/*.conf

Info: Computing checksum on file /etc/httpd/conf/httpd.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf/httpd.conf]: Filebucketed /etc/httpd/conf/httpd.conf to puppet with sum f5e7449c0f17bc856e86011cb5d152ba
Notice: /Stage[main]/Apache/File[/etc/httpd/conf/httpd.conf]/content: content changed ‘{md5}f5e7449c0f17bc856e86011cb5d152ba’ to ‘{md5}eb72d236dc6377c1cd5f5b54e5ab1ddf’
Info: /Stage[main]/Apache/File[/etc/httpd/conf/httpd.conf]: Scheduling refresh of Class[Apache::Service]
Notice: /Stage[main]/Apache::Mod::Cgi/Apache::Mod[cgi]/File[cgi.load]/ensure: defined content as ‘{md5}ac20c5c5779b37ab06b480d6485a0881’
Info: /Stage[main]/Apache::Mod::Cgi/Apache::Mod[cgi]/File[cgi.load]: Scheduling refresh of Class[Apache::Service]
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-proxy.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-proxy.conf]: Filebucketed /etc/httpd/conf.modules.d/00-proxy.conf to puppet with sum 85487c6777a89a8494dc8976dfff3268
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-proxy.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/01-cgi.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/01-cgi.conf]: Filebucketed /etc/httpd/conf.modules.d/01-cgi.conf to puppet with sum 36e54d4b2bd190f5cbad876bfbeda461
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/01-cgi.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-mpm.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-mpm.conf]: Filebucketed /etc/httpd/conf.modules.d/00-mpm.conf to puppet with sum 820f672ca85595fd80620db585d51970
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-mpm.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-systemd.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-systemd.conf]: Filebucketed /etc/httpd/conf.modules.d/00-systemd.conf to puppet with sum fd94264cd695af2ad86e7715c10e285d
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-systemd.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-base.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-base.conf]: Filebucketed /etc/httpd/conf.modules.d/00-base.conf to puppet with sum 6098845a84033f0fabe536488e52b1a0
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-base.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-lua.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-lua.conf]: Filebucketed /etc/httpd/conf.modules.d/00-lua.conf to puppet with sum 449a4aea60473ac4a16f025fca4463e3
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-lua.conf]/ensure: removed
Info: Computing checksum on file /etc/httpd/conf.modules.d/00-dav.conf
Info: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-dav.conf]: Filebucketed /etc/httpd/conf.modules.d/00-dav.conf to puppet with sum 56406b62d1fc7b7f1912e5b9e223f7a0
Notice: /Stage[main]/Apache/File[/etc/httpd/conf.modules.d/00-dav.conf]/ensure: removed
Info: /etc/httpd/conf.modules.d: Scheduling refresh of Class[Apache::Service]
Info: Class[Apache::Service]: Scheduling refresh of Service[httpd]
Notice: /Stage[main]/Apache::Service/Service[httpd]/ensure: ensure changed ‘stopped’ to ‘running’
Info: /Stage[main]/Apache::Service/Service[httpd]: Unscheduling refresh on Service[httpd]
Notice: Finished catalog run in 111.97 seconds
==================================================
[root@agent ~]# vim /etc/facter/facts.d/role.txt
role=webserver
==================================================
[root@agent ~]# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 951/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1311/master
tcp6 0 0 :::22 :::* LISTEN 951/sshd
================================================
[root@agent ~]# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 951/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1311/master
tcp6 0 0 :::80 :::* LISTEN 2860/httpd
tcp6 0 0 :::22 :::* LISTEN 951/sshd
================================================
[root@agent ~]# curl -I localhost
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2016 00:11:04 GMT
Server: Apache/2.4.6 (CentOS)
Connection: close
Content-Type: text/html;charset=UTF-8
================================================

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s