Create a new vectortile role

[chef.git] / cookbooks / apache / recipes / default.rb

diff --git a/cookbooks/apache/recipes/default.rb b/cookbooks/apache/recipes/default.rb
index 0a8962b5347cbdb3143257ed7cbe033bdd04fc89..d1a0aac1dd45c70e56a30b071c64ebcfde31b864 100644 (file)
--- a/cookbooks/apache/recipes/default.rb
+++ b/cookbooks/apache/recipes/default.rb
@@ -18,7 +18,6 @@
 #
 
 include_recipe "fail2ban"
-include_recipe "munin"
 include_recipe "prometheus"
 include_recipe "ssl"
 
@@ -62,13 +61,6 @@ systemd_service "apache2" do
   notifies :restart, "service[apache2]"
 end
 
-service "apache2" do
-  action [:enable, :start]
-  retries 2
-  retry_delay 10
-  supports :status => true, :restart => true, :reload => true
-end
-
 apache_module "info" do
   conf "info.conf.erb"
   variables :hosts => admins["hosts"]
@@ -79,7 +71,7 @@ apache_module "status" do
   variables :hosts => admins["hosts"]
 end
 
-if node[:apache][:evasive]
+if node[:apache][:evasive][:enable]
   apache_module "evasive" do
     conf "evasive.conf.erb"
   end
@@ -104,6 +96,14 @@ apache_conf "ssl" do
   template "ssl.erb"
 end
 
+# Apache should only be started after modules enabled
+service "apache2" do
+  action [:enable, :start]
+  retries 2
+  retry_delay 10
+  supports :status => true, :restart => true, :reload => true
+end
+
 fail2ban_filter "apache-forbidden" do
   action :delete
 end
@@ -113,7 +113,7 @@ fail2ban_jail "apache-forbidden" do
 end
 
 fail2ban_filter "apache-evasive" do
-  failregex "^Blacklisting address <ADDR>: possible DoS attack\.$"
+  failregex ": Blacklisting address <ADDR>: possible DoS attack\.$"
 end
 
 fail2ban_jail "apache-evasive" do
@@ -125,10 +125,6 @@ fail2ban_jail "apache-evasive" do
   maxretry 3
 end
 
-munin_plugin "apache_accesses"
-munin_plugin "apache_processes"
-munin_plugin "apache_volume"
-
 template "/var/lib/prometheus/node-exporter/apache.prom" do
   source "apache.prom.erb"
   owner "root"