X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/90a349e0bc558441e65156eabb585c578d93fbfd..cc78cdd0b29d1d1a966b36dca357392d35597eb7:/cookbooks/apache/recipes/default.rb diff --git a/cookbooks/apache/recipes/default.rb b/cookbooks/apache/recipes/default.rb index 9b6c6ef54..c927b87b5 100644 --- a/cookbooks/apache/recipes/default.rb +++ b/cookbooks/apache/recipes/default.rb @@ -1,14 +1,14 @@ # -# Cookbook Name:: apache +# Cookbook:: apache # Recipe:: default # -# Copyright 2011, OpenStreetMap Foundation +# Copyright:: 2011, OpenStreetMap Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -17,23 +17,29 @@ # limitations under the License. # +include_recipe "munin" +include_recipe "prometheus" include_recipe "ssl" -package "apache2" -package "libwww-perl" +package %w[ + apache2 + libwww-perl +] %w[event itk prefork worker].each do |mpm| - if mpm == node[:apache][:mpm] - apache_module "mpm_#{mpm}" do - action [:enable] - end - else - apache_module "mpm_#{mpm}" do - action [:disable] - end + next if mpm == node[:apache][:mpm] + + apache_module "mpm_#{mpm}" do + action [:disable] end end +apache_module "mpm_#{node[:apache][:mpm]}" do + action [:enable] +end + +apache_module "http2" + admins = data_bag_item("apache", "admins") apache_conf "httpd" do @@ -45,11 +51,13 @@ template "/etc/apache2/ports.conf" do source "ports.conf.erb" owner "root" group "root" - mode 0o644 + mode "644" end service "apache2" do action [:enable, :start] + retries 2 + retry_delay 10 supports :status => true, :restart => true, :reload => true end @@ -63,14 +71,25 @@ apache_module "status" do variables :hosts => admins["hosts"] end +apache_module "brotli" do + conf "brotli.conf.erb" +end + apache_module "deflate" do conf "deflate.conf.erb" end -apache_module "reqtimeout" do - action [:disable] +if node[:apache][:reqtimeout] + apache_module "reqtimeout" do + action [:enable] + end +else + apache_module "reqtimeout" do + action [:disable] + end end +apache_module "headers" apache_module "ssl" apache_conf "ssl" do @@ -80,3 +99,9 @@ end munin_plugin "apache_accesses" munin_plugin "apache_processes" munin_plugin "apache_volume" + +prometheus_exporter "apache" do + port 9117 + listen_switch "telemetry.address" + options "--scrape_uri=http://localhost/server-status?auto" +end