summaryrefslogtreecommitdiffstats
path: root/LICENSE
blob: f4346f82c46562f01eb5b9eccb7f8eb0ad8aee47 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
Copyright 2015 Open Platform for NFV Project, Inc. and its contributors

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
} /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ }
heat_template_version: 2016-10-14

description: >
  Apache service configured with Puppet. Note this is typically included
  automatically via other services which run via Apache.

parameters:
  ApacheMaxRequestWorkers:
    default: 256
    description: Maximum number of simultaneously processed requests.
    type: number
  ApacheServerLimit:
    default: 256
    description: Maximum number of Apache processes.
    type: number
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  EnableInternalTLS:
    type: boolean
    default: false


resources:

  ApacheTLS:
    type: OS::TripleO::Services::ApacheTLS
    properties:
      ServiceNetMap: {get_param: ServiceNetMap}

outputs:
  role_data:
    description: Role data for the Apache role.
    value:
      service_name: apache
      config_settings:
        map_merge:
          - get_attr: [ApacheTLS, role_data, config_settings]
          -
            # for the given network; replacement examples (eg. for internal_api):
            # internal_api -> IP
            # internal_api_uri -> [IP]
            # internal_api_subnet - > IP/CIDR
            apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
            apache::server_signature: 'Off'
            apache::server_tokens: 'Prod'
            apache_remote_proxy_ips_network:
              str_replace:
                template: "NETWORK_subnet"
                params:
                  NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
            apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers }
            apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit }
            apache::mod::remoteip::proxy_ips:
              - "%{hiera('apache_remote_proxy_ips_network')}"