Project

General

Profile

« Previous | Next » 

Revision 8af63b84

Added by Ewoud Kohl van Wijngaarden over 4 years ago

Fixes #29039 - Make foreman::config::apache standalone

By not relying on the foreman class parameters, it becomes easier to use
this class without Foreman. This can be useful when deploying it using a
git checkout rather than packages.

View differences:

spec/classes/foreman_config_apache_spec.rb
on_os_under_test.each do |os, facts|
context "on #{os}" do
let(:facts) { facts }
let(:params) do
{
app_root: '/usr/share/foreman',
priority: '05',
servername: facts[:fqdn],
serveraliases: ['foreman', 'also.foreman'],
ssl: false,
ssl_cert: '/cert.pem',
ssl_certs_dir: '',
ssl_key: '/key.pem',
ssl_ca: '/ca.pem',
ssl_chain: '/chain.pem',
ssl_crl: '/crl.pem',
ssl_protocol: '-all +TLSv1.2',
ssl_verify_client: 'optional',
user: 'foreman',
passenger: true,
passenger_ruby: '/usr/bin/tfm-ruby',
passenger_prestart: true,
passenger_min_instances: 1,
passenger_start_timeout: 90,
foreman_url: "https://#{facts[:fqdn]}",
server_port: 80,
server_ssl_port: 443,
proxy_backend: 'http://127.0.0.1:3000/',
ipa_authentication: false,
}
end
let(:params) { {} }
let(:http_dir) do
case facts[:osfamily]
......
end
describe 'with passenger' do
let(:params) { super().merge(passenger: true) }
let(:params) do
super().merge(
passenger: true,
passenger_ruby: '/usr/bin/tfm-ruby',
)
end
it 'should include apache with modules' do
should contain_class('apache')
should contain_class('apache::mod::headers')
......
should_not contain_class('apache::mod::proxy_wstunnel')
end
it 'should ensure ownership' do
should contain_file('/usr/share/foreman/config.ru').with_owner('foreman')
should contain_file('/usr/share/foreman/config/environment.rb').with_owner('foreman')
it 'should ensure not ownership' do
should_not contain_file('/usr/share/foreman/config.ru').with_owner('foreman')
should_not contain_file('/usr/share/foreman/config/environment.rb').with_owner('foreman')
end
it 'should include a http vhost' do
should contain_apache__vhost('foreman')
.with_passenger_min_instances(1)
.with_passenger_pre_start("http://#{facts[:fqdn]}:80")
.without_passenger_pre_start
.with_passenger_start_timeout(90)
.with_passenger_ruby('/usr/bin/tfm-ruby')
end
describe 'with prestart' do
let(:params) { super().merge(passenger_prestart: true) }
it { should contain_apache__vhost('foreman').with_passenger_pre_start("http://#{facts[:fqdn]}:80") }
end
describe 'with user' do
let(:params) { super().merge(user: 'foreman') }
it 'should ensure ownership' do
should contain_file('/usr/share/foreman/config.ru').with_owner('foreman')
should contain_file('/usr/share/foreman/config/environment.rb').with_owner('foreman')
end
end
end
describe 'with ssl' do
let(:params) { super().merge(ssl: true) }
let(:params) do
{
ssl: true,
ssl_cert: '/cert.pem',
ssl_key: '/key.pem',
ssl_crl: '/crl.pem',
ssl_chain: '/chain.pem',
ssl_ca: '/ca.pem',
ssl_certs_dir: '',
ssl_protocol: '-all +TLSv1.2',
ssl_verify_client: 'require',
}
end
it 'should not contain the docroot' do
should_not contain_file('/usr/share/foreman/public')
......
should contain_apache__vhost('foreman')
.with_ip(nil)
.with_servername(facts[:fqdn])
.with_serveraliases(['foreman', 'also.foreman'])
.with_serveraliases([])
.with_add_default_charset('UTF-8')
.with_docroot('/usr/share/foreman/public')
.with_priority('05')
......
should contain_apache__vhost('foreman-ssl')
.with_ip(nil)
.with_servername(facts[:fqdn])
.with_serveraliases(['foreman', 'also.foreman'])
.with_serveraliases([])
.with_add_default_charset('UTF-8')
.with_docroot('/usr/share/foreman/public')
.with_priority('05')
......
.with_ssl_ca('/ca.pem')
.with_ssl_crl('/crl.pem')
.with_ssl_protocol('-all +TLSv1.2')
.with_ssl_verify_client('optional')
.with_ssl_verify_client('require')
.with_ssl_options('+StdEnvVars +ExportCertData')
.with_ssl_verify_depth('3')
.with_ssl_crl_check('chain')
......
end
describe 'with vhost and ssl, no CRL explicitly' do
let :params do
let(:params) do
super().merge(
ssl_certs_dir: '',
ssl_crl: ''
ssl_crl: '',
)
end
it do
should contain_apache__vhost('foreman-ssl').without_ssl_crl
should contain_apache__vhost('foreman-ssl').without_ssl_crl_chain
end
it { should contain_apache__vhost('foreman-ssl').without_ssl_crl.without_ssl_crl_chain }
end
describe 'with a different priority set' do
......
end
describe 'with different ports set' do
let :params do
let(:params) do
super().merge(
server_port: 8080,
server_ssl_port: 8443,
......
should contain_apache__vhost('foreman-ssl').with_port(8443)
end
describe 'with passenger' do
let(:params) { super().merge(passenger: true) }
describe 'with passenger and prestart' do
let(:params) { super().merge(passenger: true, passenger_prestart: true) }
it 'should set passenger_pre_start' do
should contain_apache__vhost('foreman').with_passenger_pre_start("http://#{facts[:fqdn]}:8080")
......
.with_proxy_pass(
"no_proxy_uris" => ['/pulp', '/streamer', '/pub'],
"path" => '/',
"url" => 'http://127.0.0.1:3000/',
"url" => 'http://localhost:3000/',
"params" => { "retry" => '0' },
)
.with_rewrites([
{
'comment' => 'Upgrade Websocket connections',
'rewrite_cond' => '%{HTTP:Upgrade} =websocket [NC]',
'rewrite_rule' => '/(.*) ws://127.0.0.1:3000/$1 [P,L]',
'rewrite_rule' => '/(.*) ws://localhost:3000/$1 [P,L]',
},
])
end
......
.with_proxy_pass(
"no_proxy_uris" => ['/pulp', '/streamer', '/pub'],
"path" => '/',
"url" => 'http://127.0.0.1:3000/',
"url" => 'http://localhost:3000/',
"params" => { "retry" => '0' },
)
.with_rewrites([
{
'comment' => 'Upgrade Websocket connections',
'rewrite_cond' => '%{HTTP:Upgrade} =websocket [NC]',
'rewrite_rule' => '/(.*) ws://127.0.0.1:3000/$1 [P,L]',
'rewrite_rule' => '/(.*) ws://localhost:3000/$1 [P,L]',
},
])
end

Also available in: Unified diff