├── .rspec ├── templates ├── common │ ├── UserDatabase_footer.erb │ ├── context.xml │ │ ├── 200_footer.erb │ │ ├── 010_loader.erb │ │ ├── 011_manager.erb │ │ ├── 013_resources.erb │ │ ├── 005_cookieprocessor.erb │ │ ├── 014_watchedresources.erb │ │ ├── 000_header.erb │ │ ├── 050_valves.erb │ │ ├── 040_listeners.erb │ │ ├── 020_parameters.erb │ │ ├── 060_resourcedefs.erb │ │ ├── 030_environments.erb │ │ ├── 070_resourcelinks.erb │ │ └── 012_realm.erb │ ├── web.xml │ │ ├── 200_footer.erb │ │ ├── 030_filter.erb │ │ ├── 010_servlet_title.erb │ │ ├── 020_servletmapping_title.erb │ │ ├── 022_servletmapping_jsp.erb │ │ ├── 021_servletmapping_default.erb │ │ ├── 060_welcome_file_list.erb │ │ ├── 040_sessionconfig.erb │ │ ├── 012_servlet_jsp.erb │ │ ├── 011_servlet_default.erb │ │ ├── 000_header.erb │ │ └── 070_security_constraint.erb │ ├── server.xml │ │ ├── 190_host_close.erb │ │ ├── 200_footer.erb │ │ ├── 030_service.erb │ │ ├── 060_engine.erb │ │ ├── 090_host.erb │ │ ├── 000_header.erb │ │ ├── 040_threadpool_executor.erb │ │ ├── 051_ssl_connector.erb │ │ ├── 041_executors.erb │ │ ├── 050_http_connector.erb │ │ ├── 052_ajp_connector.erb │ │ ├── 095_contexts.erb │ │ ├── 065_engine_valves.erb │ │ ├── 100_valves.erb │ │ ├── 020_globalnamingresources.erb │ │ ├── 091_hosts.erb │ │ ├── 080_realms.erb │ │ ├── 010_listeners.erb │ │ ├── 070_cluster.erb │ │ └── 053_connectors.erb │ ├── UserDatabase_role_entry.erb │ ├── UserDatabase_entry.erb │ ├── UserDatabase_header.erb │ └── setenv.erb └── instance │ ├── systemd_service_unit.erb │ └── tomcat_init_generic.erb ├── spec ├── spec_helper.rb └── classes │ ├── params_spec.rb │ ├── install │ ├── package_spec.rb │ └── archive_spec.rb │ ├── tomcat_spec.rb │ ├── service_spec.rb │ └── install_spec.rb ├── .gitignore ├── .fixtures.yml ├── .travis.yml ├── Rakefile ├── Gemfile ├── manifests ├── service │ ├── package.pp │ └── archive.pp ├── userdb_role_entry.pp ├── userdb_entry.pp ├── install.pp ├── service.pp ├── extras.pp ├── firewall.pp ├── install │ ├── package.pp │ └── archive.pp ├── web.pp ├── context.pp ├── params.pp ├── config.pp └── init.pp ├── LICENSE ├── metadata.json ├── CHANGELOG.md └── README.md /.rspec: -------------------------------------------------------------------------------- 1 | --format documentation 2 | -------------------------------------------------------------------------------- /templates/common/UserDatabase_footer.erb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /templates/common/context.xml/200_footer.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /templates/common/web.xml/200_footer.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /templates/common/server.xml/190_host_close.erb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'puppetlabs_spec_helper/module_spec_helper' 2 | -------------------------------------------------------------------------------- /templates/common/UserDatabase_role_entry.erb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /templates/common/server.xml/200_footer.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | -------------------------------------------------------------------------------- /templates/common/web.xml/030_filter.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /templates/common/UserDatabase_entry.erb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /templates/common/web.xml/010_servlet_title.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /templates/common/web.xml/020_servletmapping_title.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /templates/common/context.xml/010_loader.erb: -------------------------------------------------------------------------------- 1 | 2 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> /> 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Geppetto .project file 2 | .project 3 | # Puppet build folder 4 | pkg/ 5 | # Bundler 6 | .bundle/ 7 | Gemfile.lock 8 | # RSpec fixtures 9 | spec/fixtures/ 10 | -------------------------------------------------------------------------------- /templates/common/context.xml/011_manager.erb: -------------------------------------------------------------------------------- 1 | 2 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> /> 3 | -------------------------------------------------------------------------------- /templates/common/context.xml/013_resources.erb: -------------------------------------------------------------------------------- 1 | 2 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> /> 3 | -------------------------------------------------------------------------------- /templates/common/context.xml/005_cookieprocessor.erb: -------------------------------------------------------------------------------- 1 | 2 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> /> 3 | -------------------------------------------------------------------------------- /templates/common/context.xml/014_watchedresources.erb: -------------------------------------------------------------------------------- 1 | 2 | <%- [@watchedresources].flatten.compact.each do |watchedresource| -%> 3 | <%= watchedresource %> 4 | <%- end -%> 5 | -------------------------------------------------------------------------------- /templates/common/server.xml/030_service.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- @svc_params_real.each_pair do |attrib, value| -%> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> 4 | <%- end -%>> 5 | -------------------------------------------------------------------------------- /.fixtures.yml: -------------------------------------------------------------------------------- 1 | fixtures: 2 | forge_modules: 3 | concat: 4 | repo: puppetlabs/concat 5 | ref: 2.2.1 6 | firewall: puppetlabs/firewall 7 | archive: puppet/archive 8 | stdlib: puppetlabs/stdlib 9 | symlinks: 10 | tomcat: "#{source_dir}" 11 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: false 3 | language: ruby 4 | rvm: 5 | - 2.1.10 6 | - 2.2.8 7 | - 2.3.5 8 | env: 9 | - PUPPET_GEM_VERSION="~> 4.7.0" 10 | - PUPPET_GEM_VERSION="~> 4.9.0" 11 | - PUPPET_GEM_VERSION="~> 4.10.0" 12 | matrix: 13 | fast_finish: true 14 | -------------------------------------------------------------------------------- /templates/common/server.xml/060_engine.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- @engine_params_real.each_pair do |attrib, value| -%> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> 4 | <%- end -%>> 5 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'puppetlabs_spec_helper/rake_tasks' 2 | require 'puppet-lint/tasks/puppet-lint' 3 | 4 | PuppetLint.configuration.fail_on_warnings = true 5 | PuppetLint.configuration.with_context = true 6 | 7 | Rake::Task["default"].clear 8 | task :default => [:validate, :lint, :spec] 9 | -------------------------------------------------------------------------------- /templates/common/web.xml/022_servletmapping_jsp.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | jsp 4 | <%- [@jsp_servletmapping_urlpatterns].flatten.compact.each do |pattern| -%> 5 | <%= pattern %> 6 | <%- end -%> 7 | 8 | -------------------------------------------------------------------------------- /templates/common/web.xml/021_servletmapping_default.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | default 4 | <%- [@default_servletmapping_urlpatterns].flatten.compact.each do |pattern| -%> 5 | <%= pattern %> 6 | <%- end -%> 7 | 8 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | if puppetversion = ENV['PUPPET_GEM_VERSION'] 4 | gem 'puppet', puppetversion, :require => false 5 | else 6 | gem 'puppet', :require => false 7 | end 8 | 9 | gem 'puppetlabs_spec_helper', :require => false 10 | gem 'metadata-json-lint', :require => false 11 | -------------------------------------------------------------------------------- /templates/common/web.xml/060_welcome_file_list.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | <%- [@welcome_file_list].flatten.compact.each do |file| -%> 6 | <%= file %> 7 | <%- end -%> 8 | 9 | -------------------------------------------------------------------------------- /templates/common/server.xml/090_host.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- if @host_params_real and ! @host_params_real.empty? -%> 4 | <%- @host_params_real.each_pair do |attrib, value| %> 5 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- end -%> 7 | <%- end %>> 8 | -------------------------------------------------------------------------------- /templates/common/context.xml/000_header.erb: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | <%- @params.each_pair do |attrib, value| -%> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> 9 | <%- end -%>> 10 | -------------------------------------------------------------------------------- /templates/common/server.xml/000_header.erb: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | <%- @server_params_real.each_pair do |attrib, value| -%> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> 9 | <%- end -%>> 10 | -------------------------------------------------------------------------------- /templates/common/server.xml/040_threadpool_executor.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- if @threadpool_params_real and ! @threadpool_params_real.empty? -%> 4 | <%- @threadpool_params_real.each_pair do |attrib, value| %> 5 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- end -%> 7 | <%- end %> /> 8 | -------------------------------------------------------------------------------- /spec/classes/params_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat::params' do 4 | let :facts do 5 | { 6 | :osfamily => 'RedHat', 7 | :operatingsystemmajrelease => '7', 8 | :operatingsystem => 'RedHat' 9 | } 10 | end 11 | it { is_expected.to contain_class('tomcat::params') } 12 | it { is_expected.to have_resource_count(0) } 13 | end 14 | -------------------------------------------------------------------------------- /templates/common/context.xml/050_valves.erb: -------------------------------------------------------------------------------- 1 | <%- [@valves].flatten.compact.each do |valve| -%> 2 | <%- valve.each_pair do |attrib, value| %> 3 | <%- if attrib == valve.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/server.xml/051_ssl_connector.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- if @ssl_params_real and ! @ssl_params_real.empty? -%> 4 | <%- @ssl_params_real.each_pair do |attrib, value| %> 5 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- end -%> 7 | <%- end %> /> 8 | -------------------------------------------------------------------------------- /templates/common/UserDatabase_header.erb: -------------------------------------------------------------------------------- 1 | 2 | 7 | 11 | -------------------------------------------------------------------------------- /templates/common/server.xml/041_executors.erb: -------------------------------------------------------------------------------- 1 | <%- [@executors].flatten.compact.each do |executor| -%> 2 | <%- executor.each_pair do |attrib, value| %> 3 | <%- if attrib == executor.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/context.xml/040_listeners.erb: -------------------------------------------------------------------------------- 1 | <%- [@listeners].flatten.compact.each do |listener| -%> 2 | <%- listener.each_pair do |attrib, value| %> 3 | <%- if attrib == listener.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/context.xml/020_parameters.erb: -------------------------------------------------------------------------------- 1 | <%- [@parameters].flatten.compact.each do |parameter| -%> 2 | <%- parameter.each_pair do |attrib, value| %> 3 | <%- if attrib == parameter.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/server.xml/050_http_connector.erb: -------------------------------------------------------------------------------- 1 | 2 | redirectPort="<%= @ssl_port %>"<% end %><% -%> 3 | <%- if @http_params_real and ! @http_params_real.empty? -%> 4 | <%- @http_params_real.each_pair do |attrib, value| %> 5 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- end -%> 7 | <%- end %> /> 8 | -------------------------------------------------------------------------------- /templates/common/context.xml/060_resourcedefs.erb: -------------------------------------------------------------------------------- 1 | <%- [@resourcedefs].flatten.compact.each do |resourcedef| -%> 2 | <%- resourcedef.each_pair do |attrib, value| %> 3 | <%- if attrib == resourcedef.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/context.xml/030_environments.erb: -------------------------------------------------------------------------------- 1 | <%- [@environments].flatten.compact.each do |environment| -%> 2 | <%- environment.each_pair do |attrib, value| %> 3 | <%- if attrib == environment.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/context.xml/070_resourcelinks.erb: -------------------------------------------------------------------------------- 1 | <%- [@resourcelinks].flatten.compact.each do |resourcelink| -%> 2 | <%- resourcelink.each_pair do |attrib, value| %> 3 | <%- if attrib == resourcelink.keys.first -%> 4 | =<%= "#{value}".encode(:xml => :attr) -%> 5 | <%- else -%> 6 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 7 | <%- end -%> 8 | <%- end %> /> 9 | <%- end -%> 10 | -------------------------------------------------------------------------------- /templates/common/server.xml/052_ajp_connector.erb: -------------------------------------------------------------------------------- 1 | 2 | redirectPort="<%= @ssl_port %>"<% end %><% -%> 3 | <%- if @ajp_params_real and ! @ajp_params_real.empty? -%> 4 | <%- @ajp_params_real.each_pair do |attrib, value| %> 5 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- end -%> 7 | <%- end %> /> 8 | -------------------------------------------------------------------------------- /templates/common/web.xml/040_sessionconfig.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | <% if @sessionconfig_sessiontimeout -%> 6 | <%= @sessionconfig_sessiontimeout %> 7 | <% end -%> 8 | <% if @sessionconfig_trackingmode -%> 9 | <%= @sessionconfig_trackingmode %> 10 | <% end -%> 11 | 12 | -------------------------------------------------------------------------------- /templates/common/server.xml/095_contexts.erb: -------------------------------------------------------------------------------- 1 | <%- if @contexts and ! @contexts.empty? -%> 2 | <%- @contexts.each do |params| -%> 3 | <%- params.each_pair do |attrib, value| %> 4 | <%- if attrib == params.keys.first -%> 5 | =<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- else -%> 7 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 8 | <%- end -%> 9 | <%- end -%> /> 10 | <%- end -%> 11 | <%- end -%> 12 | -------------------------------------------------------------------------------- /templates/common/server.xml/065_engine_valves.erb: -------------------------------------------------------------------------------- 1 | <%- if @engine_valves and ! @engine_valves.empty? -%> 2 | <%- [@engine_valves].flatten.compact.each do |valve| -%> 3 | <%- valve.each_pair do |attrib, value| %> 4 | <%- if attrib == valve.keys.first -%> 5 | =<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- else -%> 7 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 8 | <%- end -%> 9 | <%- end %> /> 10 | <%- end -%> 11 | <%- end -%> 12 | -------------------------------------------------------------------------------- /manifests/service/package.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::service::package 2 | # 3 | # This class configures the tomcat service when installed from packages 4 | # 5 | class tomcat::service::package { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | # tomcat service 12 | service { $::tomcat::service_name_real: 13 | ensure => $::tomcat::service_ensure, 14 | enable => $::tomcat::service_enable 15 | } 16 | } -------------------------------------------------------------------------------- /templates/common/web.xml/012_servlet_jsp.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | jsp 4 | org.apache.jasper.servlet.JspServlet 5 | <%- [@jsp_servlet_params].flatten.compact.each do |param| -%> 6 | <%- param.each_pair do |attrib, value| -%> 7 | 8 | <%= attrib %> 9 | <%= value %> 10 | 11 | <%- end -%> 12 | <%- end -%> 13 | 3 14 | 15 | -------------------------------------------------------------------------------- /templates/common/web.xml/011_servlet_default.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | default 4 | org.apache.catalina.servlets.DefaultServlet 5 | <%- [@default_servlet_params].flatten.compact.each do |param| -%> 6 | <%- param.each_pair do |attrib, value| -%> 7 | 8 | <%= attrib %> 9 | <%= value %> 10 | 11 | <%- end -%> 12 | <%- end -%> 13 | 1 14 | 15 | -------------------------------------------------------------------------------- /manifests/userdb_role_entry.pp: -------------------------------------------------------------------------------- 1 | # == Define: tomcat::userdb_role_entry 2 | # 3 | define tomcat::userdb_role_entry ( 4 | $rolename = $name, 5 | $database = 'main UserDatabase') { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat defined resources') 9 | } 10 | 11 | # add formated fragment 12 | concat::fragment { "UserDatabase entry (${title})": 13 | target => $database, 14 | content => template("${module_name}/common/UserDatabase_role_entry.erb"), 15 | order => 2 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /templates/instance/systemd_service_unit.erb: -------------------------------------------------------------------------------- 1 | # ****************** 2 | # Managed by Puppet 3 | # ****************** 4 | 5 | [Unit] 6 | Description=Apache Tomcat Web Application Container 7 | After=syslog.target network.target 8 | 9 | [Service] 10 | Type=<%= @systemd_service_type_real %> 11 | Environment="NAME=<%= @service_name_real if @root_path %>" 12 | EnvironmentFile=-<%= @config_path_real %> 13 | ExecStart=<%= @service_start_real %> 14 | ExecStop=<%= @service_stop_real %> 15 | SuccessExitStatus=143 16 | User=<%= @tomcat_user %> 17 | Group=<%= @tomcat_group %> 18 | 19 | 20 | [Install] 21 | WantedBy=multi-user.target 22 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2014 Antoine Cotten 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /manifests/userdb_entry.pp: -------------------------------------------------------------------------------- 1 | # == Define: tomcat::userdb_entry 2 | # 3 | define tomcat::userdb_entry ( 4 | $password, 5 | $roles, 6 | $username = $name, 7 | $database = 'main UserDatabase') { 8 | # The base class must be included first 9 | if !defined(Class['tomcat']) { 10 | fail('You must include the tomcat base class before using any tomcat defined resources') 11 | } 12 | 13 | $roles_string = join($roles, ',') 14 | 15 | # add formated fragment 16 | concat::fragment { "UserDatabase entry (${title})": 17 | target => $database, 18 | content => template("${module_name}/common/UserDatabase_entry.erb"), 19 | order => 3 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /spec/classes/install/package_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat::install::package' do 4 | let(:pre_condition) { 'include tomcat' } 5 | let :facts do 6 | { 7 | :osfamily => 'RedHat', 8 | :os => {:family => 'RedHat'}, 9 | :operatingsystemmajrelease => '7', 10 | :operatingsystem => 'RedHat', 11 | :concat_basedir => '/puppetconcat', 12 | } 13 | end 14 | describe 'general assumptions' do 15 | it { is_expected.to contain_class('tomcat') } 16 | it { is_expected.to contain_class('tomcat::params') } 17 | it { is_expected.to contain_class('tomcat::install') } 18 | end 19 | end 20 | -------------------------------------------------------------------------------- /manifests/install.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::install 2 | # 3 | # This class is a wrapper to install tomcat either from packages or archive 4 | # 5 | class tomcat::install { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | case $::tomcat::install_from { 12 | 'package' : { contain tomcat::install::package } 13 | default : { contain tomcat::install::archive } 14 | } 15 | 16 | # tomcat native library 17 | if $::tomcat::tomcat_native { 18 | package { 'tomcat native library': 19 | ensure => present, 20 | name => $::tomcat::tomcat_native_package_name 21 | } 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /templates/common/web.xml/000_header.erb: -------------------------------------------------------------------------------- 1 | 2 | 7 | <%- if scope.function_versioncmp([@version, '8']) <= 0 -%> 8 | <%- @xsdmajor = "3" -%> 9 | <%- @xsdminor = "0" -%> 10 | <%- elsif scope.function_versioncmp([@version, '8']) >= 0 && scope.function_versioncmp([@version, '9']) < 0 -%> 11 | <%- @xsdmajor = "3" -%> 12 | <%- @xsdminor = "1" -%> 13 | <%- else -%> 14 | <%- @xsdmajor = "4" -%> 15 | <%- @xsdminor = "0" -%> 16 | <%- end -%> 17 | 22 | -------------------------------------------------------------------------------- /templates/common/server.xml/100_valves.erb: -------------------------------------------------------------------------------- 1 | <%- if @singlesignon_valve %> 2 | 3 | <% end -%> 4 | <% if @accesslog_valve %> 5 | 8 | <% end -%> 9 | <%- if @valves and ! @valves.empty? -%> 10 | <%- [@valves].flatten.compact.each do |valve| -%> 11 | <%- valve.each_pair do |attrib, value| %> 12 | <%- if attrib == valve.keys.first -%> 13 | =<%= "#{value}".encode(:xml => :attr) -%> 14 | <%- else -%> 15 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 16 | <%- end -%> 17 | <%- end %> /> 18 | <%- end -%> 19 | <%- end -%> 20 | -------------------------------------------------------------------------------- /templates/instance/tomcat_init_generic.erb: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # ****************** 4 | # Managed by Puppet 5 | # ****************** 6 | # 7 | # tomcat This shell script takes care of starting and stopping Tomcat 8 | # 9 | # chkconfig: - 80 20 10 | # 11 | ### BEGIN INIT INFO 12 | # Provides: tomcat 13 | # Required-Start: $network $syslog 14 | # Required-Stop: $network $syslog 15 | # Default-Start: 16 | # Default-Stop: 17 | # Description: Release implementation for Servlet 2.5 and JSP 2.1 18 | # Short-Description: start and stop tomcat 19 | ### END INIT INFO 20 | 21 | 22 | export CATALINA_BASE=<%= @catalina_base_real %> 23 | 24 | start() { 25 | <%= @start_command %> 26 | } 27 | 28 | stop() { 29 | <%= @stop_command %> 30 | } 31 | 32 | status() { 33 | <%= @status_command %> 34 | } 35 | 36 | case $1 in 37 | start) 38 | start 39 | ;; 40 | stop) 41 | stop 42 | ;; 43 | restart) 44 | stop 45 | start 46 | ;; 47 | status) 48 | status 49 | ;; 50 | esac 51 | 52 | -------------------------------------------------------------------------------- /manifests/service.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::service 2 | # 3 | # This class is a wrapper to configure the appropriate tomcat service 4 | # 5 | class tomcat::service { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | # scenarios 12 | # ----------------------------------------------------------------- 13 | #| install. | package | archive | 14 | #| init | | | 15 | #|----------|---------------------|--------------------------------| 16 | #| sysVinit | use package script | create init.d, use catalina.sh | 17 | #|----------|---------------------|--------------------------------| 18 | #| systemd | use package unit | create unit, use catalina.sh | 19 | # ----------------------------------------------------------------- 20 | 21 | if $::tomcat::install_from == 'package' and !$::tomcat::force_init { 22 | contain tomcat::service::package 23 | } else { 24 | contain tomcat::service::archive 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /spec/classes/tomcat_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat' do 4 | let :facts do 5 | { 6 | :osfamily => 'RedHat', 7 | :operatingsystemmajrelease => '7', 8 | :operatingsystem => 'RedHat', 9 | :concat_basedir => '/puppetconcat', 10 | } 11 | end 12 | describe 'general assumptions' do 13 | it { is_expected.to contain_class('tomcat') } 14 | it { is_expected.to contain_class('tomcat::params') } 15 | it { is_expected.to contain_class('tomcat::install') } 16 | it { is_expected.to contain_class('tomcat::service').that_requires('Class[tomcat::install]') } 17 | it { is_expected.to contain_class('tomcat::config').that_requires('Class[tomcat::install]') } 18 | end 19 | describe 'optional features' do 20 | context 'extras libraries' do 21 | let(:params) { { :extras_enable => true } } 22 | it { is_expected.to contain_class('tomcat::extras').that_requires('Class[tomcat::install]') } 23 | end 24 | context 'firewall management' do 25 | let(:params) { { :manage_firewall => true } } 26 | it { is_expected.to contain_class('tomcat::firewall') } 27 | end 28 | end 29 | end 30 | -------------------------------------------------------------------------------- /templates/common/context.xml/012_realm.erb: -------------------------------------------------------------------------------- 1 | 2 | <%-# -- BEGIN initialize nested CredentialHandler -- %> 3 | <%- @credentialhandler = {} -%> 4 | <%- @has_nested_credentialhandler = false -%> 5 | <%- if @realm.has_key? 'credentialhandler' -%> 6 | <%- @credentialhandler = @realm.delete('credentialhandler') -%> 7 | <%- end -%> 8 | <%- if ! @credentialhandler.empty? -%> 9 | <%- @has_nested_credentialhandler = true -%> 10 | <%- end -%> 11 | <%-# -- END initialize nested CredentialHandler -- -%> 12 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><% end %><%= @has_nested_credentialhandler ? ">" : " />" %> 13 | <%-# -- -- %> 14 | <%-# -- CredentialHandler block -- %> 15 | <%-# -- -- %> 16 | <%- if @has_nested_credentialhandler -%> 17 | <%- @credentialhandler.each_pair do |attrib, value| -%> 18 | <%- if attrib == @credentialhandler.keys.first -%> 19 | =<%= "#{value}".encode(:xml => :attr) -%> 20 | <%- else %> 21 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 22 | <%- end -%> 23 | <%- end %> /> 24 | <%- end -%> 25 | <%- if @has_nested_credentialhandler -%> 26 | 27 | <%- end -%> 28 | -------------------------------------------------------------------------------- /spec/classes/service_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat::service' do 4 | let(:pre_condition) { 'include tomcat' } 5 | let :facts do 6 | { 7 | :osfamily => 'RedHat', 8 | :os => {:family => 'RedHat'}, 9 | :operatingsystemmajrelease => '7', 10 | :operatingsystem => 'RedHat', 11 | :concat_basedir => '/puppetconcat', 12 | } 13 | end 14 | describe 'general assumptions' do 15 | it { is_expected.to contain_class('tomcat') } 16 | it { is_expected.to contain_class('tomcat::params') } 17 | it { is_expected.to contain_class('tomcat::install') } 18 | end 19 | describe 'main class not included' do 20 | let(:pre_condition) {} 21 | it do 22 | is_expected.to raise_error(Puppet::Error, /You must include the tomcat base class before using any tomcat sub class/) 23 | end 24 | end 25 | describe 'create tomcat service' do 26 | context 'from package' do 27 | it { is_expected.to contain_class('tomcat::service::package') } 28 | it { is_expected.not_to contain_class('tomcat::service::archive') } 29 | end 30 | context 'from archive' do 31 | let(:pre_condition) { 'class { "tomcat": install_from => "archive" }' } 32 | it { is_expected.to contain_class('tomcat::service::archive') } 33 | it { is_expected.not_to contain_class('tomcat::service::package') } 34 | end 35 | end 36 | end 37 | -------------------------------------------------------------------------------- /templates/common/server.xml/020_globalnamingresources.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | <%- if @globalnaming_environments and ! @globalnaming_environments.empty? -%> 4 | <%- [@globalnaming_environments].flatten.compact.each do |environment| -%> 5 | <%- environment.each_pair do |attrib, value| %> 6 | <%- if attrib == environment.keys.first -%> 7 | =<%= "#{value}".encode(:xml => :attr) -%> 8 | <%- else -%> 9 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 10 | <%- end -%> 11 | <%- end %> /> 12 | <%- end -%> 13 | <%- end -%> 14 | <%- if @userdatabase_realm -%> 15 | 16 | 21 | <%- end -%> 22 | <%- if @globalnaming_resources and ! @globalnaming_resources.empty? -%> 23 | <%- [@globalnaming_resources].flatten.compact.each do |resource| -%> 24 | <%- resource.each_pair do |attrib, value| %> 25 | <%- if attrib == resource.keys.first -%> 26 | =<%= "#{value}".encode(:xml => :attr) -%> 27 | <%- else -%> 28 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 29 | <%- end -%> 30 | <%- end %> /> 31 | <%- end -%> 32 | <%- end -%> 33 | 34 | 35 | -------------------------------------------------------------------------------- /manifests/extras.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::extras 2 | # 3 | class tomcat::extras { 4 | # The base class must be included first 5 | if !defined(Class['tomcat']) { 6 | fail('You must include the tomcat base class before using any tomcat sub class') 7 | } 8 | 9 | Archive { 10 | proxy_server => $::tomcat::proxy_server, 11 | proxy_type => $::tomcat::proxy_type, 12 | extract => false, 13 | cleanup => false, 14 | require => File['global extras directory'], 15 | notify => $::tomcat::notify_service 16 | } 17 | 18 | archive { 19 | 'catalina-jmx-remote.jar': 20 | path => "${::tomcat::catalina_home_real}/lib/extras/catalina-jmx-remote-${::tomcat::version_real}.jar", 21 | source => "${::tomcat::extras_source_real}/catalina-jmx-remote.jar" 22 | ; 23 | 24 | 'catalina-ws.jar': 25 | path => "${::tomcat::catalina_home_real}/lib/extras/catalina-ws-${::tomcat::version_real}.jar", 26 | source => "${::tomcat::extras_source_real}/catalina-ws.jar" 27 | } 28 | 29 | file { 30 | 'global extras directory': 31 | ensure => directory, 32 | path => "${::tomcat::catalina_home_real}/lib/extras"; 33 | 34 | 'catalina-jmx-remote.jar': 35 | ensure => link, 36 | path => "${::tomcat::catalina_home_real}/lib/catalina-jmx-remote.jar", 37 | target => "extras/catalina-jmx-remote-${::tomcat::version_real}.jar"; 38 | 39 | 'catalina-ws.jar': 40 | ensure => link, 41 | path => "${::tomcat::catalina_home_real}/lib/catalina-ws.jar", 42 | target => "extras/catalina-ws-${::tomcat::version_real}.jar"; 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /templates/common/server.xml/091_hosts.erb: -------------------------------------------------------------------------------- 1 | <%- @hosts.each do |host| %> 2 | <%- host.each_pair do |attrib, value| -%> 3 | <%- if ! ['valves', 'contexts', 'aliases'].include? attrib -%> 4 | <%- if attrib == host.keys.first -%> 5 | =<%= "#{value}".encode(:xml => :attr) -%> 6 | <%- else %> 7 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 8 | <%- end -%> 9 | <%- end -%> 10 | <%- end -%>> 11 | <%- if host['aliases'] and ! host['aliases'].empty? -%> 12 | <%- host['aliases'].each do |al| -%> 13 | <%= al %> 14 | <%- end -%> 15 | <%- end -%> 16 | <%- if host['contexts'] and ! host['contexts'].empty? -%> 17 | <%- host['contexts'].each do |context| -%> 18 | <%- context.each_pair do |context_attrib, context_value| %> 19 | <%- if context_attrib == context.keys.first -%> 20 | =<%= "#{context_value}".encode(:xml => :attr) -%> 21 | <%- else -%> 22 | <%= context_attrib %>=<%= "#{context_value}".encode(:xml => :attr) -%> 23 | <%- end -%> 24 | <%- end -%> /> 25 | <%- end -%> 26 | <%- end -%> 27 | <%- if host['valves'] and ! host['valves'].empty? -%> 28 | <%- host['valves'].each do |valve| -%> 29 | <%- valve.each_pair do |valve_attrib, valve_value| %> 30 | <%- if valve_attrib == valve.keys.first -%> 31 | =<%= "#{valve_value}".encode(:xml => :attr) -%> 32 | <%- else -%> 33 | <%= valve_attrib %>=<%= "#{valve_value}".encode(:xml => :attr) -%> 34 | <%- end -%> 35 | <%- end -%> /> 36 | <%- end -%> 37 | <%- end -%> 38 | 39 | <%- end -%> 40 | -------------------------------------------------------------------------------- /spec/classes/install_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat::install' do 4 | let(:pre_condition) { 'include tomcat' } 5 | let :facts do 6 | { 7 | :osfamily => 'RedHat', 8 | :os => {:family => 'RedHat'}, 9 | :operatingsystemmajrelease => '7', 10 | :operatingsystem => 'RedHat', 11 | :concat_basedir => '/puppetconcat', 12 | } 13 | end 14 | describe 'general assumptions' do 15 | it { is_expected.to contain_class('tomcat') } 16 | it { is_expected.to contain_class('tomcat::params') } 17 | end 18 | describe 'main class not included' do 19 | let(:pre_condition) {} 20 | it do 21 | is_expected.to raise_error(Puppet::Error, /You must include the tomcat base class before using any tomcat sub class/) 22 | end 23 | end 24 | describe 'install tomcat' do 25 | context 'from package' do 26 | it { is_expected.to contain_class('tomcat::install::package') } 27 | it { is_expected.not_to contain_class('tomcat::install::archive') } 28 | end 29 | context 'from archive' do 30 | let(:pre_condition) { 'class { "tomcat": install_from => "archive" }' } 31 | it { is_expected.to contain_class('tomcat::install::archive') } 32 | it { is_expected.not_to contain_class('tomcat::install::package') } 33 | end 34 | end 35 | describe 'extras packages' do 36 | context 'default installation' do 37 | it { is_expected.not_to contain_package('tomcat native library') } 38 | end 39 | context 'with tomcat native' do 40 | let(:pre_condition) { 'class { "tomcat": tomcat_native => true }' } 41 | it { is_expected.to contain_package('tomcat native library') } 42 | end 43 | end 44 | end 45 | -------------------------------------------------------------------------------- /manifests/firewall.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::firewall 2 | # 3 | class tomcat::firewall { 4 | # The base class must be included first 5 | if !defined(Class['tomcat']) { 6 | fail('You must include the tomcat base class before using any tomcat sub class') 7 | } 8 | 9 | # http connector 10 | if $::tomcat::http_connector { 11 | firewall { "${::tomcat::http_port} accept - tomcat": 12 | dport => $::tomcat::http_port, 13 | proto => 'tcp', 14 | action => 'accept' 15 | } 16 | } 17 | 18 | # ajp connector 19 | if $::tomcat::ajp_connector { 20 | firewall { "${::tomcat::ajp_port} accept - tomcat": 21 | dport => $::tomcat::ajp_port, 22 | proto => 'tcp', 23 | action => 'accept' 24 | } 25 | } 26 | 27 | # ssl connector 28 | if $::tomcat::ssl_connector { 29 | firewall { "${::tomcat::ssl_port} accept - tomcat": 30 | dport => $::tomcat::ssl_port, 31 | proto => 'tcp', 32 | action => 'accept' 33 | } 34 | } 35 | 36 | # jmx 37 | if $::tomcat::jmx_listener { 38 | firewall { "${::tomcat::jmx_registry_port}/${::tomcat::jmx_server_port} accept - tomcat": 39 | dport => [$::tomcat::jmx_registry_port, $::tomcat::jmx_server_port], 40 | proto => 'tcp', 41 | action => 'accept' 42 | } 43 | } 44 | 45 | #cluster 46 | if $::tomcat::use_simpletcpcluster { 47 | firewall { "${::tomcat::cluster_receiver_port} accept - tomcat": 48 | dport => $::tomcat::cluster_receiver_port, 49 | proto => 'tcp', 50 | action => 'accept' 51 | } 52 | firewall { "${::tomcat::cluster_membership_port} accept - tomcat": 53 | sport => $::tomcat::cluster_membership_port, 54 | dport => $::tomcat::cluster_membership_port, 55 | proto => 'udp', 56 | action => 'accept', 57 | destination => '228.0.0.4' 58 | } 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /manifests/install/package.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::install::package 2 | # 3 | # This class installs tomcat from installation packages 4 | # 5 | class tomcat::install::package { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | # install packages 12 | package { 'tomcat server': 13 | ensure => $::tomcat::package_ensure_real, 14 | name => $::tomcat::package_name 15 | } 16 | 17 | # install admin webapps 18 | if $::tomcat::admin_webapps { 19 | package { 'tomcat admin webapps': 20 | ensure => $::tomcat::package_ensure_real, 21 | name => $::tomcat::admin_webapps_package_name_real 22 | } 23 | } 24 | 25 | # install extras 26 | if $::tomcat::extras_enable_real and $::tomcat::extras_package_name { 27 | package { 'tomcat extras': 28 | ensure => $::tomcat::package_ensure_real, 29 | name => $::tomcat::extras_package_name 30 | } 31 | } 32 | 33 | # fix broken bits in some tomcat init scripts 34 | if $::osfamily == 'RedHat' and $::operatingsystem != 'Fedora' and $::operatingsystemmajrelease < '7' { #fix 'status' command for instances 35 | file_line { 'fix broken tomcat init script': 36 | path => "/etc/init.d/${::tomcat::service_name_real}", 37 | line => " pid=\"$(/usr/bin/pgrep -d , -u \${TOMCAT_USER} -G \${TOMCAT_USER} -f Dcatalina.base=\${CATALINA_BASE})\"", 38 | match => 'pid=.*pgrep', 39 | multiple => true, 40 | require => Package['tomcat server'] 41 | } 42 | } 43 | elsif $::osfamily == 'Debian' and $::tomcat::maj_version > '6' { #support symlinking init script to create instances 44 | file_line { 'fix broken tomcat init script': 45 | path => "/etc/init.d/${::tomcat::service_name_real}", 46 | line => "NAME=\"$(basename \$0)\"", 47 | match => "^NAME=.*\$", 48 | require => Package['tomcat server'] 49 | } 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /templates/common/web.xml/070_security_constraint.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | <%- [@security_constraints].flatten.compact.each do |sc| -%> 5 | <%- @wrc = sc.fetch('web-resource-collection', {}) -%> 6 | <%- @ac = sc.fetch('auth-constraint', {}) -%> 7 | <%- @udc = sc.fetch('user-data-constraint', {}) -%> 8 | 9 | <%= sc['display-name'].encode(:xml => :text) %> 10 | <%- if ! @wrc.empty? -%> 11 | 12 | <%- if @wrc.has_key?('web-resource-name') -%> 13 | <%= @wrc['web-resource-name'].encode(:xml => :text) %> 14 | <%- end -%> 15 | <%- @wrc.fetch('url-pattern', []).each do |value| -%> 16 | <%= "#{value}".encode(:xml => :text) %> 17 | <%- end -%> 18 | <%- @wrc.fetch('http-method', []).each do |value| -%> 19 | <%= "#{value}".encode(:xml => :text) %> 20 | <%- end -%> 21 | <%- @wrc.fetch('http-method-omission', []).each do |value| -%> 22 | <%= "#{value}".encode(:xml => :text) %> 23 | <%- end -%> 24 | 25 | <%- end -%> 26 | <%- if ! @ac.empty? -%> 27 | 28 | <%- @ac.fetch('role-name', []).each do |value| -%> 29 | <%= "#{value}".encode(:xml => :text) %> 30 | <%- end -%> 31 | 32 | <%- end -%> 33 | <%- if ! @udc.empty? -%> 34 | 35 | <%- if @udc.has_key?('transport-guarantee') -%> 36 | <%= @udc['transport-guarantee'].encode(:xml => :text) %> 37 | <%- end -%> 38 | 39 | <%- end -%> 40 | 41 | <%- end -%> 42 | -------------------------------------------------------------------------------- /templates/common/setenv.erb: -------------------------------------------------------------------------------- 1 | # ****************** 2 | # Managed by Puppet 3 | # ****************** 4 | 5 | <% if @java_home and @java_home != '' %>JAVA_HOME="<%= @java_home %>" 6 | 7 | <% end -%> 8 | CATALINA_BASE="<%= @catalina_base_real %>" 9 | CATALINA_HOME="<%= @catalina_home_real %>" 10 | JASPER_HOME="<%= @jasper_home_real %>" 11 | CATALINA_TMPDIR="<%= @catalina_tmpdir_real %>" 12 | <% if @catalina_pid_real and @catalina_pid_real != '' %>CATALINA_PID="<%= @catalina_pid_real %>" 13 | <% end -%> 14 | 15 | <% if @java_opts_real and @java_opts_real != '' %>JAVA_OPTS="<%= @java_opts_real %>" 16 | <% end -%> 17 | <% if @catalina_opts_real and @catalina_opts_real != '' %>CATALINA_OPTS="<%= @catalina_opts_real %>" 18 | <% end -%> 19 | 20 | <% if scope['::osfamily'] == 'Debian' -%> 21 | TOMCAT<%= @maj_version %>_USER="<%= @tomcat_user %>" 22 | TOMCAT<%= @maj_version %>_GROUP="<%= @tomcat_group %>" 23 | 24 | <% else -%> 25 | TOMCAT_USER="<%= @tomcat_user %>" 26 | TOMCAT_GROUP="<%= @tomcat_group %>" 27 | 28 | <% end -%> 29 | <% if @lang and @lang != '' -%>LANG="<%= @lang %>"<% end -%> 30 | <% if scope['::osfamily'] == 'Debian' -%> 31 | TOMCAT<%= @maj_version %>_SECURITY="<%= @security_manager_real %>" 32 | <% else -%> 33 | SECURITY_MANAGER="<%= @security_manager_real %>" 34 | <% end -%> 35 | 36 | <% if scope['::osfamily'] == 'RedHat' -%> 37 | SHUTDOWN_WAIT="<%= @shutdown_wait %>" 38 | SHUTDOWN_VERBOSE="<%= @shutdown_verbose %>" 39 | 40 | <% end -%> 41 | <% if @jpda_transport and @jpda_transport != '' %>JPDA_TRANSPORT="<%= @jpda_transport %>" 42 | <% end -%> 43 | <% if @jpda_address and @jpda_address != '' %>JPDA_ADDRESS="<%= @jpda_address %>" 44 | <% end -%> 45 | <% if @jpda_suspend and @jpda_suspend != '' %>JPDA_SUSPEND="<%= @jpda_suspend %>" 46 | <% end -%> 47 | <% if @jpda_opts_real and @jpda_opts_real != '' %>JPDA_OPTS="<%= @jpda_opts_real %>" 48 | <% end -%> 49 | 50 | # Custom variables 51 | <%- if @custom_variables and ! @custom_variables.empty? -%> 52 | <%- @custom_variables.each_pair do |attrib, value| -%> 53 | <%= attrib %>="<%= value %>" 54 | <%- end -%> 55 | <%- end -%> 56 | -------------------------------------------------------------------------------- /templates/common/server.xml/080_realms.erb: -------------------------------------------------------------------------------- 1 | <%- @indent = "" -%> 2 | <%- if @combined_realm %> 3 | 4 | <%- @indent = @indent + " " -%> 5 | <%- end -%> 6 | <%- if @lockout_realm %> 7 | <%= @indent %> 8 | <%- @indent = @indent + " " -%> 9 | <%- end -%> 10 | <%- if @userdatabase_realm -%> 11 | 12 | <%= @indent %> resourceName="UserDatabase" /> 14 | <%- end -%> 15 | <%- if @realms and ! @realms.empty? -%> 16 | <%- [@realms].flatten.compact.each do |realm| -%> 17 | <%-# -- BEGIN initialize nested CredentialHandler -- %> 18 | <%- @credentialhandler = {} -%> 19 | <%- @has_nested_credentialhandler = false -%> 20 | <%- if realm.has_key? 'credentialhandler' -%> 21 | <%- @credentialhandler = realm.delete('credentialhandler') -%> 22 | <%- end -%> 23 | <%- if defined? @credentialhandler and ! @credentialhandler.empty? -%> 24 | <%- @has_nested_credentialhandler = true -%> 25 | <%- end -%> 26 | <%-# -- END initialize nested CredentialHandler -- %> 27 | <%- realm.each_pair do |attrib, value| %> 28 | <%- if attrib == realm.keys.first -%> 29 | <%= @indent %> =<%= "#{value}".encode(:xml => :attr) -%> 30 | <%- else -%> 31 | <%= @indent %> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 32 | <%- end -%> 33 | <%- end %><%= @has_nested_credentialhandler ? ">" : " />" %> 34 | <%-# -- -- %> 35 | <%-# -- CredentialHandler block -- %> 36 | <%-# -- -- %> 37 | <%- if @has_nested_credentialhandler -%> 38 | <%- @credentialhandler.each_pair do |attrib, value| -%> 39 | <%- if attrib == @credentialhandler.keys.first -%> 40 | <%= @indent %> =<%= "#{value}".encode(:xml => :attr) -%> 41 | <%- else %> 42 | <%= @indent %> <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 43 | <%- end -%> 44 | <%- end %> /> 45 | <%- end -%> 46 | <%- if @has_nested_credentialhandler -%> 47 | <%= @indent %> 48 | <%- end -%> 49 | <%- end -%> 50 | <%- end -%> 51 | <%- if @lockout_realm and @combined_realm %> 52 | 53 | <%- elsif @lockout_realm %> 54 | 55 | <%- end -%> 56 | <%- if @combined_realm %> 57 | 58 | <%- end -%> 59 | -------------------------------------------------------------------------------- /templates/common/server.xml/010_listeners.erb: -------------------------------------------------------------------------------- 1 | 2 | <%- if @versionlogger_listener and scope.function_versioncmp([@version_real, '7']) >= 0 -%> 3 | 4 | <%- if defined? @versionlogger_logargs %>logArgs="<%= @versionlogger_logargs %>" <% end -%> 5 | <%- if defined? @versionlogger_logenv %>logEnv="<%= @versionlogger_logenv.encode(:xml => :attr) %>" <% end -%> 6 | <%- if defined? @versionlogger_logprops %>logProps="<%= @versionlogger_logprops %>" <% end %>/> 7 | <%- end -%> 8 | <%- if @maj_version == '7' -%> 9 | 10 | <%- end -%> 11 | <%- if scope.function_versioncmp([@maj_version, '6']) <= 0 -%> 12 | 13 | <%- end -%> 14 | <%- if @maj_version == '5' -%> 15 | 16 | <%- end -%> 17 | <%- if scope.function_versioncmp([@maj_version, '6']) >= 0 -%> 18 | 19 | <%- if @jrememleak_attrs and ! @jrememleak_attrs.empty? -%> 20 | <%- @jrememleak_attrs.each_pair do |attrib, value| %> 21 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 22 | <%- end -%> 23 | <%- end %> /> 24 | <%- end -%> 25 | 26 | <%- if scope.function_versioncmp([@maj_version, '7']) >= 0 -%> 27 | 28 | <%- end -%> 29 | <%- if @jmx_listener -%> 30 | 31 | <%- if @jmx_bind_address and @jmx_bind_address != '' -%> rmiBindAddress="<%= @jmx_bind_address %>" <% end -%> 32 | <%- if defined? @jmx_uselocalports %>useLocalPorts="<%= @jmx_uselocalports %>" <% end -%>/> 33 | <%- end -%> 34 | <%- if @apr_listener -%> 35 | SSLEngine="<%= @apr_sslengine %>" <% end -%>/> 36 | <%- end -%> 37 | <%- if @listeners and ! @listeners.empty? -%> 38 | <%- [@listeners].flatten.compact.each do |listener| -%> 39 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) %><%- end -%> /> 40 | <%- end -%> 41 | <%- end -%> 42 | -------------------------------------------------------------------------------- /templates/common/server.xml/070_cluster.erb: -------------------------------------------------------------------------------- 1 | 2 | 4 | 7 | 8 | 11 | bind="<%= @cluster_membership_bind_address %>" 12 | <%- end -%> 13 | port="<%= @cluster_membership_port %>" 14 | domain="<%= @cluster_membership_domain %>" 15 | frequency="500" 16 | dropTime="3000"/> 17 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 31 | 32 | <%- if @cluster_farm_deployer -%> 33 | 38 | <%- end -%> 39 | <%- if scope.function_versioncmp([@maj_version, '8']) < 0 -%> 40 | 41 | <%- end -%> 42 | 43 | 44 | -------------------------------------------------------------------------------- /manifests/service/archive.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::service::archive 2 | # 3 | # This class configures the tomcat service when installed from archive 4 | # 5 | class tomcat::service::archive { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | # forward variables used in templates 12 | $catalina_base_real = $::tomcat::catalina_base_real 13 | $service_start_real = $::tomcat::service_start_real 14 | $service_stop_real = $::tomcat::service_stop_real 15 | $service_name_real = $::tomcat::service_name_real 16 | $config_path_real = $::tomcat::config_path_real 17 | $tomcat_user = $::tomcat::tomcat_user_real 18 | $tomcat_group = $::tomcat::tomcat_group_real 19 | $systemd_service_type_real = $::tomcat::systemd_service_type_real 20 | 21 | $notify_service = $::tomcat::restart_on_change ? { 22 | true => Service[$::tomcat::service_name_real], 23 | false => undef, 24 | } 25 | 26 | if $::tomcat::params::systemd { 27 | # manage systemd unit on compatible systems 28 | # Template uses: 29 | # - $systemd_service_type_real 30 | # - $service_name_real 31 | # - $config_path_real 32 | # - $service_start_real 33 | # - $service_stop_real 34 | # - $tomcat_user 35 | # - $tomcat_group 36 | file { "${service_name_real} service unit": 37 | path => "/etc/systemd/system/${service_name_real}.service", 38 | owner => 'root', 39 | group => 'root', 40 | content => template("${module_name}/instance/systemd_service_unit.erb") 41 | } 42 | # Refresh systemd configuration 43 | exec { "refresh ${service_name_real}": 44 | path => ['/usr/bin/','/bin/'], 45 | command => 'systemctl daemon-reload', 46 | refreshonly => true, 47 | subscribe => File["${service_name_real} service unit"], 48 | notify => $notify_service 49 | } 50 | } else { # Debian, RHEL 6, SLES 11, ... 51 | $start_command = "/bin/su ${tomcat_user} -s /bin/bash -c '${service_start_real}'" 52 | $stop_command = "/bin/su ${tomcat_user} -s /bin/bash -c '${service_stop_real}'" 53 | $status_command = "/usr/bin/pgrep -d , -u ${tomcat_user} -G ${tomcat_group} -f Dcatalina.base=\$CATALINA_BASE" 54 | 55 | # create init script 56 | # Template uses: 57 | # - $catalina_base_real 58 | # - $start_command 59 | # - $stop_command 60 | # - $status_command 61 | file { "${service_name_real} service unit": 62 | ensure => present, 63 | path => "/etc/init.d/${service_name_real}", 64 | owner => 'root', 65 | group => 'root', 66 | mode => '0755', 67 | content => template("${module_name}/instance/tomcat_init_generic.erb"), 68 | notify => $notify_service 69 | } 70 | } 71 | 72 | service { $service_name_real: 73 | ensure => $::tomcat::service_ensure, 74 | enable => $::tomcat::service_enable, 75 | require => File["${service_name_real} service unit"]; 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /templates/common/server.xml/053_connectors.erb: -------------------------------------------------------------------------------- 1 | <%- [@connectors].flatten.compact.each do |connector| -%> 2 | <%-# -- BEGIN initialize nested elements -- %> 3 | <%- @upgradeprotocol = {} -%> 4 | <%- @sslhostconfigs = [] -%> 5 | <%- @has_nested_elements = false -%> 6 | <%- if connector.has_key? 'upgradeprotocol' -%> 7 | <%- @upgradeprotocol = connector.delete('upgradeprotocol') -%> 8 | <%- end -%> 9 | <%- if connector.has_key? 'sslhostconfigs' -%> 10 | <%- @sslhostconfigs = connector.delete('sslhostconfigs') -%> 11 | <%- end -%> 12 | <%- if ! @sslhostconfigs.empty? or ! @upgradeprotocol.empty? -%> 13 | <%- @has_nested_elements = true -%> 14 | <%- end -%> 15 | <%-# -- END initialize nested elements -- %> 16 | <%- connector.each_pair do |attrib, value| %> 17 | <%- if attrib == connector.keys.first -%> 18 | =<%= "#{value}".encode(:xml => :attr) -%> 19 | <%- else -%> 20 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 21 | <%- end -%> 22 | <%- end %><%= @has_nested_elements ? ">" : " />" %> 23 | <%-# -- -- %> 24 | <%-# -- UpgradeProtocol block -- %> 25 | <%-# -- -- %> 26 | <%- if ! @upgradeprotocol.empty? -%> 27 | <%- @upgradeprotocol.each_pair do |attrib, value| -%> 28 | <%- if attrib == @upgradeprotocol.keys.first -%> 29 | =<%= "#{value}".encode(:xml => :attr) -%> 30 | <%- else %> 31 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 32 | <%- end -%> 33 | <%- end %> /> 34 | <%- end -%> 35 | <%-# -- -- %> 36 | <%-# -- SSLHostConfig block -- %> 37 | <%-# -- -- %> 38 | <%- [@sslhostconfigs].flatten.compact.each do |sslhostconfig| -%> 39 | <%-# -- BEGIN initialize nested Certificates -- %> 40 | <%- @certificates = [] -%> 41 | <%- @has_nested_certificates = false -%> 42 | <%- if sslhostconfig.has_key? 'certificates' -%> 43 | <%- @certificates = sslhostconfig.delete('certificates') -%> 44 | <%- end -%> 45 | <%- if ! @certificates.empty? -%> 46 | <%- @has_nested_certificates = true -%> 47 | <%- end -%> 48 | <%-# -- END initialize nested Certificates -- %> 49 | <%- sslhostconfig.each_pair do |attrib, value| -%> 50 | <%- if attrib == sslhostconfig.keys.first -%> 51 | =<%= "#{value}".encode(:xml => :attr) -%> 52 | <%- else %> 53 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 54 | <%- end -%> 55 | <%- end %><%= @has_nested_certificates ? ">" : " />" %> 56 | <%-# -- -- %> 57 | <%-# -- Certificate block -- %> 58 | <%-# -- -- %> 59 | <%- [@certificates].flatten.compact.each do |certificate| -%> 60 | <%- certificate.each_pair do |attrib, value| -%> 61 | <%- if attrib == certificate.keys.first -%> 62 | =<%= "#{value}".encode(:xml => :attr) -%> 63 | <%- else %> 64 | <%= attrib %>=<%= "#{value}".encode(:xml => :attr) -%> 65 | <%- end -%> 66 | <%- end %> /> 67 | <%- end -%> 68 | <%- if @has_nested_certificates -%> 69 | 70 | <%- end -%> 71 | <%- end -%> 72 | <%- if @has_nested_elements -%> 73 | 74 | <%- end -%> 75 | <%- end -%> 76 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "aco-tomcat", 3 | "summary": "Puppet module for Tomcat", 4 | "author": "Antoine Cotten", 5 | "version": "1.9.0", 6 | "license": "Apache-2.0", 7 | "project_page": "https://github.com/antoineco/aco-tomcat", 8 | "source": "git://github.com/antoineco/aco-tomcat.git", 9 | "tags": ["tomcat", "java", "apache"], 10 | "dependencies": [ 11 | { 12 | "name": "puppetlabs/concat", 13 | "version_requirement": ">= 1.0.0 < 5.0.0" 14 | }, 15 | { 16 | "name": "puppetlabs/stdlib", 17 | "version_requirement": ">= 4.4.0 < 5.0.0" 18 | }, 19 | { 20 | "name": "puppetlabs/firewall", 21 | "version_requirement": ">= 1.1.3 < 2.0.0" 22 | }, 23 | { 24 | "name": "puppet/archive", 25 | "version_requirement": ">= 0.4.4 < 3.0.0" 26 | } 27 | ], 28 | "operatingsystem_support": [ 29 | { 30 | "operatingsystem": "RedHat", 31 | "operatingsystemrelease": [ 32 | "5", 33 | "6", 34 | "7" 35 | ] 36 | }, 37 | { 38 | "operatingsystem": "CentOS", 39 | "operatingsystemrelease": [ 40 | "5", 41 | "6", 42 | "7" 43 | ] 44 | }, 45 | { 46 | "operatingsystem": "OracleLinux", 47 | "operatingsystemrelease": [ 48 | "5", 49 | "6", 50 | "7" 51 | ] 52 | }, 53 | { 54 | "operatingsystem": "Scientific", 55 | "operatingsystemrelease": [ 56 | "5", 57 | "6", 58 | "7" 59 | ] 60 | }, 61 | { 62 | "operatingsystem": "Amazon", 63 | "operatingsystemrelease": [ 64 | "2015.03", 65 | "2015.09", 66 | "2016.03", 67 | "2016.09", 68 | "2017.03" 69 | ] 70 | }, 71 | { 72 | "operatingsystem": "Fedora", 73 | "operatingsystemrelease": [ 74 | "25", 75 | "26" 76 | ] 77 | }, 78 | { 79 | "operatingsystem": "OpenSuSE", 80 | "operatingsystemrelease": [ 81 | "13.2", 82 | "42.1", 83 | "42.2", 84 | "42.3" 85 | ] 86 | }, 87 | { 88 | "operatingsystem": "SuSE", 89 | "operatingsystemrelease": [ 90 | "11.3", 91 | "11.4", 92 | "12.0", 93 | "12.1", 94 | "12.2", 95 | "12.3" 96 | ] 97 | }, 98 | { 99 | "operatingsystem": "SLES", 100 | "operatingsystemrelease": [ 101 | "11.3", 102 | "11.4", 103 | "12.0", 104 | "12.1", 105 | "12.2", 106 | "12.3" 107 | ] 108 | }, 109 | { 110 | "operatingsystem": "SLED", 111 | "operatingsystemrelease": [ 112 | "11.3", 113 | "11.4", 114 | "12.0", 115 | "12.1", 116 | "12.2", 117 | "12.3" 118 | ] 119 | }, 120 | { 121 | "operatingsystem": "Debian", 122 | "operatingsystemrelease": [ 123 | "7", 124 | "8", 125 | "9" 126 | ] 127 | }, 128 | { 129 | "operatingsystem": "Ubuntu", 130 | "operatingsystemrelease": [ 131 | "14.04", 132 | "14.10", 133 | "15.04", 134 | "15.10", 135 | "16.04", 136 | "16.10", 137 | "17.04", 138 | "17.10" 139 | ] 140 | } 141 | ], 142 | "requirements": [ 143 | { 144 | "name": "puppet", 145 | "version_requirement": ">= 3.4.0" 146 | } 147 | ] 148 | } 149 | -------------------------------------------------------------------------------- /manifests/install/archive.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::install::archive 2 | # 3 | # This class installs tomcat from an archive 4 | # 5 | class tomcat::install::archive { 6 | # The base class must be included first 7 | if !defined(Class['tomcat']) { 8 | fail('You must include the tomcat base class before using any tomcat sub class') 9 | } 10 | 11 | # dependency 12 | if !defined(Class['archive']) { 13 | include archive 14 | } 15 | 16 | # create user if not present 17 | if !defined(Group[$::tomcat::tomcat_group_real]) { 18 | group { $::tomcat::tomcat_group_real: 19 | ensure => present, 20 | gid => $::tomcat::tomcat_group_id, 21 | system => true 22 | } 23 | } 24 | 25 | if !defined(User[$::tomcat::tomcat_user_real]) { 26 | user { $::tomcat::tomcat_user_real: 27 | ensure => present, 28 | uid => $::tomcat::tomcat_user_id, 29 | gid => $::tomcat::tomcat_group_real, 30 | home => $::tomcat::catalina_home_real, 31 | system => true 32 | } 33 | } 34 | 35 | File { 36 | owner => $::tomcat::tomcat_user_real, 37 | group => $::tomcat::tomcat_group_real, 38 | mode => '0644' 39 | } 40 | 41 | file { $::tomcat::catalina_home_real: 42 | ensure => directory 43 | } 44 | 45 | archive { "apache-tomcat-${::tomcat::version_real}.tar.gz": 46 | path => "${::tomcat::catalina_home_real}/apache-tomcat-${::tomcat::version_real}.tar.gz", 47 | source => "${::tomcat::archive_source_real}/${::tomcat::archive_filename_real}", 48 | proxy_server => $::tomcat::proxy_server, 49 | proxy_type => $::tomcat::proxy_type, 50 | cleanup => true, 51 | extract => true, 52 | user => $::tomcat::tomcat_user_real, 53 | group => $::tomcat::tomcat_group_real, 54 | checksum_verify => $::tomcat::checksum_verify, 55 | checksum_type => $::tomcat::checksum_type, 56 | checksum => $::tomcat::checksum, 57 | extract_path => $::tomcat::catalina_home_real, 58 | extract_command => 'tar xf %s --strip-components=1', 59 | creates => "${::tomcat::catalina_home_real}/LICENSE", 60 | require => File[$::tomcat::catalina_home_real] 61 | } 62 | 63 | 64 | # ordering 65 | Archive["apache-tomcat-${::tomcat::version_real}.tar.gz"] -> File <| tag == 'tomcat_tree' |> 66 | 67 | if $::tomcat::log_path_real != "${::tomcat::catalina_base_real}/logs" { 68 | file { 69 | 'tomcat logs symlink': 70 | ensure => link, 71 | path => "${::tomcat::catalina_base_real}/logs", 72 | target => $::tomcat::log_path_real, 73 | mode => '0777', 74 | force => true, 75 | tag => 'tomcat_tree' 76 | } 77 | } 78 | 79 | if !defined(File[$::tomcat::log_path_real]) { 80 | file { $::tomcat::log_path_real: 81 | ensure => directory, 82 | path => $::tomcat::log_path_real, 83 | mode => $::tomcat::log_folder_mode, 84 | alias => 'tomcat logs directory', 85 | tag => 'tomcat_tree' 86 | } 87 | } 88 | 89 | # default pid file directory 90 | file { 'tomcat pid directory': 91 | ensure => directory, 92 | path => "/var/run/${::tomcat::service_name_real}", 93 | owner => $::tomcat::tomcat_user_real, 94 | group => $::tomcat::tomcat_group_real 95 | } 96 | 97 | # warn if admin webapps were selected for installation 98 | if $::tomcat::admin_webapps { 99 | warning("tomcat archives always contain admin webapps, ignoring parameter 'admin_webapps'") 100 | } 101 | } 102 | -------------------------------------------------------------------------------- /spec/classes/install/archive_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'tomcat::install::archive' do 4 | let(:pre_condition) { 'class { "tomcat": install_from => "archive" }' } 5 | let :facts do 6 | { 7 | :osfamily => 'RedHat', 8 | :os => {:family => 'RedHat'}, 9 | :operatingsystemmajrelease => '7', 10 | :operatingsystem => 'RedHat', 11 | :concat_basedir => '/puppetconcat' 12 | } 13 | end 14 | describe 'general assumptions' do 15 | it { is_expected.to contain_class('tomcat') } 16 | it { is_expected.to contain_class('tomcat::params') } 17 | it { is_expected.to contain_class('tomcat::install') } 18 | it do 19 | is_expected.to contain_group('tomcat').with({ 20 | 'ensure' => 'present', 21 | 'system' => true 22 | }) 23 | end 24 | it do 25 | is_expected.to contain_user('tomcat').with({ 26 | 'ensure' => 'present', 27 | 'gid' => 'tomcat', 28 | 'system' => true 29 | }) 30 | end 31 | end 32 | describe 'default params' do 33 | describe 'RedHat family' do 34 | let :facts do 35 | { 36 | :osfamily => 'RedHat', 37 | :os => {:family => 'RedHat'}, 38 | :concat_basedir => '/puppetconcat' 39 | } 40 | end 41 | context 'on RedHat 7' do 42 | let :facts do 43 | super().merge({ 44 | :operatingsystem => 'RedHat', 45 | :operatingsystemmajrelease => '7' 46 | }) 47 | end 48 | it do 49 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat7' }) 50 | end 51 | end 52 | context 'on RedHat 6' do 53 | let :facts do 54 | super().merge({ 55 | :operatingsystem => 'RedHat', 56 | :operatingsystemmajrelease => '6' 57 | }) 58 | end 59 | it do 60 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat6' }) 61 | end 62 | end 63 | context 'on RedHat 5' do 64 | let :facts do 65 | super().merge({ 66 | :operatingsystem => 'RedHat', 67 | :operatingsystemmajrelease => '5' 68 | }) 69 | end 70 | it do 71 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat5' }) 72 | end 73 | end 74 | context 'on Fedora' do 75 | let :facts do 76 | super().merge({ 77 | :operatingsystem => 'Fedora', 78 | :operatingsystemmajrelease => '26' 79 | }) 80 | end 81 | it do 82 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat8' }) 83 | end 84 | end 85 | end 86 | describe 'SuSE family' do 87 | let :facts do 88 | { 89 | :osfamily => 'Suse', 90 | :os => {:family => 'Suse'}, 91 | :concat_basedir => '/puppetconcat', 92 | } 93 | end 94 | context 'on OpenSuSE' do 95 | let :facts do 96 | super().merge({ 97 | :operatingsystem => 'OpenSuSE', 98 | :operatingsystemrelease => '42.3' 99 | }) 100 | end 101 | it do 102 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat8' }) 103 | end 104 | end 105 | context 'on SLES 12.0' do 106 | let :facts do 107 | super().merge({ 108 | :operatingsystem => 'SLES', 109 | :operatingsystemrelease => '12.0' 110 | }) 111 | end 112 | it do 113 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat7' }) 114 | end 115 | end 116 | context 'on SLES 11.3' do 117 | let :facts do 118 | super().merge({ 119 | :operatingsystem => 'SLES', 120 | :operatingsystemrelease => '11.3' 121 | }) 122 | end 123 | it do 124 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat6' }) 125 | end 126 | end 127 | end 128 | describe 'Debian family' do 129 | let :facts do 130 | { 131 | :osfamily => 'Debian', 132 | :os => {:family => 'Debian'}, 133 | :concat_basedir => '/puppetconcat', 134 | } 135 | end 136 | context 'on Ubuntu 15.04' do 137 | let :facts do 138 | super().merge({ 139 | :operatingsystem => 'Ubuntu', 140 | :operatingsystemrelease => '15.04' 141 | }) 142 | end 143 | it do 144 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat8' }) 145 | end 146 | end 147 | context 'on Ubuntu 14.04' do 148 | let :facts do 149 | super().merge({ 150 | :operatingsystem => 'Ubuntu', 151 | :operatingsystemrelease => '14.04' 152 | }) 153 | end 154 | it do 155 | is_expected.to contain_user('tomcat').with({ 'home' => '/usr/share/tomcat7' }) 156 | end 157 | end 158 | end 159 | end 160 | end 161 | -------------------------------------------------------------------------------- /manifests/web.pp: -------------------------------------------------------------------------------- 1 | # == Define: tomcat::web 2 | # 3 | define tomcat::web ( 4 | $path, 5 | $owner = $::tomcat::tomcat_user_real, 6 | $group = $::tomcat::tomcat_group_real, 7 | $file_mode = $::tomcat::file_mode, 8 | $default_servlet_params = {}, 9 | $jsp_servlet_params = {}, 10 | $default_servletmapping_urlpatterns = [], 11 | $jsp_servletmapping_urlpatterns = [], 12 | $sessionconfig_sessiontimeout = undef, 13 | $sessionconfig_trackingmode = undef, 14 | $welcome_file_list = [], 15 | $security_constraints = [], 16 | $version = $::tomcat::version_real 17 | ) { 18 | # The base class must be included first 19 | if !defined(Class['tomcat']) { 20 | fail('You must include the tomcat base class before using any tomcat defined resources') 21 | } 22 | 23 | # generate and manage context configuration 24 | concat { "${name} tomcat web": 25 | path => $path, 26 | owner => $owner, 27 | group => $group, 28 | mode => $file_mode, 29 | order => 'numeric' 30 | } 31 | 32 | # Template uses: 33 | # - $version 34 | concat::fragment { "${name} tomcat web header": 35 | order => 0, 36 | content => template("${module_name}/common/web.xml/000_header.erb"), 37 | target => "${name} tomcat web" 38 | } 39 | 40 | concat::fragment { "${name} tomcat web servlet title": 41 | order => 010, 42 | content => template("${module_name}/common/web.xml/010_servlet_title.erb"), 43 | target => "${name} tomcat web" 44 | } 45 | 46 | # Template uses: 47 | # - $default_servlet_params 48 | if $default_servlet_params and $default_servlet_params != {} { 49 | concat::fragment { "${name} tomcat web servlet default": 50 | order => 011, 51 | content => template("${module_name}/common/web.xml/011_servlet_default.erb"), 52 | target => "${name} tomcat web" 53 | } 54 | } 55 | 56 | # Template uses: 57 | # - $jsp_servlet_params 58 | if $jsp_servlet_params and $jsp_servlet_params != {} { 59 | concat::fragment { "${name} tomcat web servlet jsp": 60 | order => 012, 61 | content => template("${module_name}/common/web.xml/012_servlet_jsp.erb"), 62 | target => "${name} tomcat web" 63 | } 64 | } 65 | 66 | if ($default_servletmapping_urlpatterns and $default_servletmapping_urlpatterns != []) or ($jsp_servletmapping_urlpatterns and $jsp_servletmapping_urlpatterns != []) { 67 | concat::fragment { "${name} tomcat web servlet-mapping title": 68 | order => 020, 69 | content => template("${module_name}/common/web.xml/020_servletmapping_title.erb"), 70 | target => "${name} tomcat web" 71 | } 72 | } 73 | 74 | # Template uses: 75 | # - $default_servletmapping_urlpatterns 76 | if $default_servletmapping_urlpatterns and $default_servletmapping_urlpatterns != [] { 77 | concat::fragment { "${name} tomcat web servlet-mapping default": 78 | order => 021, 79 | content => template("${module_name}/common/web.xml/021_servletmapping_default.erb"), 80 | target => "${name} tomcat web" 81 | } 82 | } 83 | 84 | # Template uses: 85 | # - $jsp_servletmapping_urlpatterns 86 | if $jsp_servletmapping_urlpatterns and $jsp_servletmapping_urlpatterns != [] { 87 | concat::fragment { "${name} tomcat web servlet-mapping jsp": 88 | order => 022, 89 | content => template("${module_name}/common/web.xml/022_servletmapping_jsp.erb"), 90 | target => "${name} tomcat web" 91 | } 92 | } 93 | 94 | # TODO: enable filters configuration 95 | #concat::fragment { "${name} tomcat web filter": 96 | # order => 030, 97 | # content => template("${module_name}/common/web.xml/030_filter.erb"), 98 | # target => "${name} tomcat web" 99 | #} 100 | 101 | # Template uses: 102 | # - $sessionconfig_sessiontimeout 103 | # - $sessionconfig_trackingmode 104 | if ($sessionconfig_sessiontimeout and $sessionconfig_sessiontimeout != '') or ($sessionconfig_trackingmode and $sessionconfig_trackingmode != '') { 105 | concat::fragment { "${name} tomcat web session-config": 106 | order => 040, 107 | content => template("${module_name}/common/web.xml/040_sessionconfig.erb"), 108 | target => "${name} tomcat web" 109 | } 110 | } 111 | 112 | concat::fragment { "${name} tomcat web mime-mapping": 113 | order => 050, 114 | content => template("${module_name}/common/web.xml/050_mime_mapping.erb"), 115 | target => "${name} tomcat web" 116 | } 117 | 118 | # Template uses: 119 | # - $welcome_file_list 120 | if $welcome_file_list and $welcome_file_list != [] { 121 | concat::fragment { "${name} tomcat web welcome-file-list": 122 | order => 060, 123 | content => template("${module_name}/common/web.xml/060_welcome_file_list.erb"), 124 | target => "${name} tomcat web" 125 | } 126 | } 127 | 128 | # Template uses: 129 | # - $security_constraints 130 | if $security_constraints and $security_constraints != [] { 131 | concat::fragment { "${name} tomcat web security-constraint": 132 | order => 070, 133 | content => template("${module_name}/common/web.xml/070_security_constraint.erb"), 134 | target => "${name} tomcat web" 135 | } 136 | } 137 | 138 | concat::fragment { "${name} tomcat web footer": 139 | order => 200, 140 | content => template("${module_name}/common/web.xml/200_footer.erb"), 141 | target => "${name} tomcat web" 142 | } 143 | } 144 | -------------------------------------------------------------------------------- /manifests/context.pp: -------------------------------------------------------------------------------- 1 | # == Define: tomcat::context 2 | # 3 | define tomcat::context ( 4 | $path, 5 | $owner = $::tomcat::tomcat_user_real, 6 | $group = $::tomcat::tomcat_group_real, 7 | $file_mode = $::tomcat::file_mode, 8 | $params = {}, 9 | $cookieprocessor = {}, 10 | $loader = {}, 11 | $manager = {}, 12 | $realm = {}, 13 | $resources = {}, 14 | $watchedresources = [], 15 | $parameters = [], 16 | $environments = [], 17 | $listeners = [], 18 | $valves = [], 19 | $resourcedefs = [], 20 | $resourcelinks = [] 21 | ) { 22 | # The base class must be included first 23 | if !defined(Class['tomcat']) { 24 | fail('You must include the tomcat base class before using any tomcat defined resources') 25 | } 26 | 27 | # generate and manage context configuration 28 | concat { "${name} tomcat context": 29 | path => $path, 30 | owner => $owner, 31 | group => $group, 32 | mode => $file_mode, 33 | order => 'numeric' 34 | } 35 | 36 | # Template uses: 37 | # - $params 38 | concat::fragment { "${name} tomcat context header": 39 | order => 0, 40 | content => template("${module_name}/common/context.xml/000_header.erb"), 41 | target => "${name} tomcat context" 42 | } 43 | 44 | # Template uses: 45 | # - $cookieprocessor 46 | if $cookieprocessor and $cookieprocessor != {} { 47 | concat::fragment { "${name} tomcat context cookieprocessor": 48 | order => 005, 49 | content => template("${module_name}/common/context.xml/005_cookieprocessor.erb"), 50 | target => "${name} tomcat context" 51 | } 52 | } 53 | 54 | # Template uses: 55 | # - $loader 56 | if $loader and $loader != {} { 57 | concat::fragment { "${name} tomcat context loader": 58 | order => 010, 59 | content => template("${module_name}/common/context.xml/010_loader.erb"), 60 | target => "${name} tomcat context" 61 | } 62 | } 63 | 64 | # Template uses: 65 | # - $manager 66 | if $manager and $manager != {} { 67 | concat::fragment { "${name} tomcat context manager": 68 | order => 011, 69 | content => template("${module_name}/common/context.xml/011_manager.erb"), 70 | target => "${name} tomcat context" 71 | } 72 | } 73 | 74 | # Template uses: 75 | # - $realm 76 | if $realm and $realm != {} { 77 | concat::fragment { "${name} tomcat context realm": 78 | order => 012, 79 | content => template("${module_name}/common/context.xml/012_realm.erb"), 80 | target => "${name} tomcat context" 81 | } 82 | } 83 | 84 | # Template uses: 85 | # - $resources 86 | if $resources and $resources != {} { 87 | concat::fragment { "${name} tomcat context resources": 88 | order => 013, 89 | content => template("${module_name}/common/context.xml/013_resources.erb"), 90 | target => "${name} tomcat context" 91 | } 92 | } 93 | 94 | # Template uses: 95 | # - $watchedresources 96 | if $watchedresources and $watchedresources != [] { 97 | concat::fragment { "${name} tomcat context watchedresources": 98 | order => 014, 99 | content => template("${module_name}/common/context.xml/014_watchedresources.erb"), 100 | target => "${name} tomcat context" 101 | } 102 | } 103 | 104 | # Template uses: 105 | # - $parameters 106 | if $parameters and $parameters != [] { 107 | concat::fragment { "${name} tomcat context parameters": 108 | order => 020, 109 | content => template("${module_name}/common/context.xml/020_parameters.erb"), 110 | target => "${name} tomcat context" 111 | } 112 | } 113 | 114 | # Template uses: 115 | # - $environments 116 | if $environments and $environments != [] { 117 | concat::fragment { "${name} tomcat context environments": 118 | order => 030, 119 | content => template("${module_name}/common/context.xml/030_environments.erb"), 120 | target => "${name} tomcat context" 121 | } 122 | } 123 | 124 | # Template uses: 125 | # - $listeners 126 | if $listeners and $listeners != [] { 127 | concat::fragment { "${name} tomcat context listeners": 128 | order => 040, 129 | content => template("${module_name}/common/context.xml/040_listeners.erb"), 130 | target => "${name} tomcat context" 131 | } 132 | } 133 | 134 | # Template uses: 135 | # - $valves 136 | if $valves and $valves != [] { 137 | concat::fragment { "${name} tomcat context valves": 138 | order => 050, 139 | content => template("${module_name}/common/context.xml/050_valves.erb"), 140 | target => "${name} tomcat context" 141 | } 142 | } 143 | 144 | # Template uses: 145 | # - $resourcedefs 146 | if $resourcedefs and $resourcedefs != [] { 147 | concat::fragment { "${name} tomcat context resourcedefs": 148 | order => 060, 149 | content => template("${module_name}/common/context.xml/060_resourcedefs.erb"), 150 | target => "${name} tomcat context" 151 | } 152 | } 153 | 154 | # Template uses: 155 | # - $resourcelinks 156 | if $resourcelinks and $resourcelinks != [] { 157 | concat::fragment { "${name} tomcat context resourcelinks": 158 | order => 070, 159 | content => template("${module_name}/common/context.xml/070_resourcelinks.erb"), 160 | target => "${name} tomcat context" 161 | } 162 | } 163 | 164 | concat::fragment { "${name} tomcat context footer": 165 | order => 200, 166 | content => template("${module_name}/common/context.xml/200_footer.erb"), 167 | target => "${name} tomcat context" 168 | } 169 | } 170 | -------------------------------------------------------------------------------- /manifests/params.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::params 2 | # 3 | class tomcat::params { 4 | case $::osfamily { 5 | 'RedHat' : { 6 | case $::operatingsystem { 7 | 'Fedora' : { 8 | case $::operatingsystemmajrelease { 9 | # https://dl.fedoraproject.org/pub/fedora/linux/updates/26/x86_64/t/ 10 | '26' : { 11 | $version = '1:8.0.46' 12 | $package_name = 'tomcat' 13 | } 14 | # https://dl.fedoraproject.org/pub/fedora/linux/updates/25/x86_64/t/ 15 | '25' : { 16 | $version = '1:8.0.46' 17 | $package_name = 'tomcat' 18 | } 19 | default : { 20 | fail("Unsupported OS version ${::operatingsystemmajrelease}") 21 | } 22 | } 23 | $systemd = true 24 | } 25 | 'Amazon' : { 26 | # https://alas.aws.amazon.com 27 | $version = '8.5.23' # ALAS-2017-913 28 | $package_name = 'tomcat8' 29 | # $version = '7.0.82' # ALAS-2017-913 30 | # $package_name = 'tomcat7' 31 | # $version = '6.0.53' # ALAS-2017-821 32 | # $package_name = 'tomcat6' 33 | $systemd = false 34 | } 35 | default : { 36 | case $::operatingsystemmajrelease { 37 | # http://mirror.centos.org/centos-7/7/updates/x86_64/Packages/ 38 | '7' : { 39 | $version = '7.0.76' 40 | $package_name = 'tomcat' 41 | $systemd = true 42 | } 43 | # http://mirror.centos.org/centos-6/6/updates/x86_64/Packages/ 44 | '6' : { 45 | $version = '6.0.24' 46 | $package_name = 'tomcat6' 47 | # = epel repo = 48 | # https://dl.fedoraproject.org/pub/epel/6/x86_64/ 49 | # $version = '7.0.72-1.el6' 50 | # $package_name = 'tomcat' 51 | # = jpackage6 repo = 52 | # http://mirrors.dotsrc.org/jpackage/6.0/generic/free/repoview/letter_t.group.html 53 | # $version = '5.5.35-1.jpp6' 54 | # $package_name = 'tomcat5' 55 | # $version = '6.0.33-2.jpp6' 56 | # $package_name = 'tomcat6' 57 | # $version = '7.0.54-2.jpp6' 58 | # $package_name = 'tomcat7' 59 | $systemd = false 60 | } 61 | # http://vault.centos.org/5.11/os/x86_64/CentOS/ 62 | '5' : { 63 | $version = '5.5.23' 64 | $package_name = 'tomcat5' 65 | # = jpackage5 repo = 66 | # http://mirrors.dotsrc.org/jpackage/5.0-updates/generic/free/repoview/letter_t.group.html 67 | # $version = '5.5.27-7.jpp5' 68 | # $package_name = 'tomcat5' 69 | # $version = '6.0.36-1.jpp5' 70 | # $package_name = 'tomcat6' 71 | $systemd = false 72 | } 73 | default : { 74 | fail("Unsupported OS version ${::operatingsystemmajrelease}") 75 | } 76 | } 77 | } 78 | } 79 | $tomcat_native_package_name = 'tomcat-native' 80 | } 81 | 'Suse' : { 82 | case $::operatingsystem { 83 | 'OpenSuSE' : { 84 | case $::operatingsystemrelease { 85 | '42.3' : { 86 | # http://download.opensuse.org/distribution/leap/42.3/repo/oss/suse/noarch/ 87 | # http://download.opensuse.org/update/leap/42.3/oss/noarch/ 88 | $version = '8.0.43' 89 | $package_name = 'tomcat' 90 | } 91 | '42.2' : { 92 | # http://download.opensuse.org/distribution/leap/42.2/repo/oss/suse/noarch/ 93 | # http://download.opensuse.org/update/leap/42.2/oss/noarch/ 94 | $version = '8.0.43' 95 | $package_name = 'tomcat' 96 | # = JAVA repo = 97 | # http://download.opensuse.org/repositories/Java:/packages/openSUSE_Leap_42.2/noarch/ 98 | # $version = '8.0.39-118.8' 99 | # $package_name = 'tomcat' 100 | } 101 | '42.1' : { 102 | # http://download.opensuse.org/distribution/leap/42.1/repo/oss/suse/noarch/ 103 | # http://download.opensuse.org/update/leap/42.1/oss/noarch/ 104 | $version = '8.0.43' 105 | $package_name = 'tomcat' 106 | # = JAVA repo = 107 | # http://download.opensuse.org/repositories/Java:/packages/openSUSE_Leap_42.1/noarch/ 108 | # $version = '8.0.39-118.6' 109 | # $package_name = 'tomcat' 110 | } 111 | '13.2' : { 112 | # http://download.opensuse.org/distribution/13.2/repo/oss/suse/noarch/ 113 | $version = '7.0.55' 114 | $package_name = 'tomcat' 115 | } 116 | default : { 117 | fail("Unsupported OS version ${::operatingsystemrelease}") 118 | } 119 | } 120 | $systemd = true 121 | } 122 | /^(SLES|SLED|SuSE)$/ : { 123 | # https://download.suse.com/patch/finder 124 | case $::operatingsystemrelease { 125 | '12.3' : { 126 | $version = '8.0.43' 127 | $package_name = 'tomcat' 128 | $systemd = true 129 | } 130 | '12.2' : { 131 | $version = '8.0.43' 132 | $package_name = 'tomcat' 133 | $systemd = true 134 | } 135 | '12.1' : { 136 | $version = '8.0.43' 137 | $package_name = 'tomcat' 138 | # = JAVA repo = 139 | # http://download.opensuse.org/repositories/Java:/packages/SLE_12_SP1/noarch/ 140 | # $version = '' 141 | $systemd = true 142 | } 143 | '12.0' : { 144 | $version = '7.0.68' 145 | $package_name = 'tomcat' 146 | $systemd = true 147 | } 148 | '11.4' : { 149 | $version = '6.0.45' 150 | $package_name = 'tomcat6' 151 | $systemd = false 152 | } 153 | '11.3' : { 154 | $version = '6.0.41' 155 | $package_name = 'tomcat6' 156 | $systemd = false 157 | } 158 | default : { 159 | fail("Unsupported OS version ${::operatingsystemrelease}") 160 | } 161 | } 162 | } 163 | default : { 164 | fail("Unsupported OS ${::operatingsystem}") 165 | } 166 | } 167 | $tomcat_native_package_name = 'libtcnative-1-0' 168 | } 169 | 'Debian' : { 170 | case $::operatingsystem { 171 | 'Debian' : { 172 | case $::operatingsystemmajrelease { 173 | # stretch 174 | # https://packages.debian.org/stretch/tomcat8 175 | '9' : { 176 | $version = '8.5.14-1+deb9u2' 177 | $package_name = 'tomcat8' 178 | } 179 | # jessie 180 | # https://packages.debian.org/jessie/tomcat8 181 | '8' : { 182 | $version = '8.0.14-1+deb8u11' 183 | $package_name = 'tomcat8' 184 | # $version = '7.0.56-3+deb8u10' 185 | # $package_name = 'tomcat7' 186 | } 187 | # wheezy 188 | # https://packages.debian.org/wheezy/tomcat7 189 | '7' : { 190 | $version = '7.0.28-4+deb7u15' 191 | $package_name = 'tomcat7' 192 | # $version = '6.0.45+dfsg-1~deb7u5' 193 | # $package_name = 'tomcat6' 194 | } 195 | default : { 196 | fail("Unsupported OS version ${::operatingsystemmajrelease}") 197 | } 198 | } 199 | } 200 | 'Ubuntu' : { 201 | case $::operatingsystemrelease { 202 | # artful 203 | # https://packages.ubuntu.com/artful/tomcat8 204 | '17.10' : { 205 | $version = '8.5.21-1ubuntu1' 206 | $package_name = 'tomcat8' 207 | } 208 | # zesty 209 | # http://packages.ubuntu.com/zesty/tomcat8 210 | '17.04' : { 211 | $version = '8.0.38-2ubuntu2' 212 | $package_name = 'tomcat8' 213 | } 214 | # yakkety 215 | '16.10' : { 216 | $version = '8.0.37-1ubuntu0.1' 217 | $package_name = 'tomcat8' 218 | # $version = '7.0.72-1' 219 | # $package_name = 'tomcat7' 220 | } 221 | # xenial 222 | # https://packages.ubuntu.com/xenial-updates/tomcat8 223 | '16.04' : { 224 | $version = '8.0.32-1ubuntu1.4' 225 | $package_name = 'tomcat8' 226 | # $version = '7.0.68-1ubuntu0.1' 227 | # $package_name = 'tomcat7' 228 | } 229 | # wily 230 | '15.10' : { 231 | $version = '8.0.26-1' 232 | $package_name = 'tomcat8' 233 | # $version = '7.0.64-1ubuntu0.3' 234 | # $package_name = 'tomcat7' 235 | } 236 | # vivid 237 | '15.04' : { 238 | $version = '8.0.14-1+deb8u1build0.15.04.1' 239 | $package_name = 'tomcat8' 240 | # $version = '7.0.56-2ubuntu0.1' 241 | # $package_name = 'tomcat7' 242 | } 243 | # utopic 244 | '14.10' : { 245 | $version = '8.0.9-1' 246 | $package_name = 'tomcat8' 247 | # $version = '7.0.55-1ubuntu0.2' 248 | # $package_name = 'tomcat7' 249 | # $version = '6.0.41-1' 250 | # $package_name = 'tomcat6' 251 | } 252 | # trusty 253 | # https://packages.ubuntu.com/trusty-updates/tomcat7 254 | '14.04' : { 255 | $version = '7.0.52-1ubuntu0.11' 256 | $package_name = 'tomcat7' 257 | # $version = '6.0.39-1' 258 | # $package_name = 'tomcat6' 259 | } 260 | default : { 261 | fail("Unsupported OS version ${::operatingsystemrelease}") 262 | } 263 | } 264 | } 265 | default : { 266 | fail("Unsupported OS ${::operatingsystem}") 267 | } 268 | } 269 | $tomcat_native_package_name = 'libtcnative-1' 270 | $systemd = false 271 | } 272 | default : { 273 | fail("Unsupported OS family ${::osfamily}") 274 | } 275 | } 276 | } 277 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ### 1.9.0 2 | 3 | * Add support for nested Host elements, controlled via the `hosts` parameter ([HerveMARTIN](https://github.com/HerveMARTIN)) 4 | * New parameters: 5 | - `tomcat_user_id` ([HerveMARTIN](https://github.com/HerveMARTIN)) 6 | - `tomcat_group_id` ([HerveMARTIN](https://github.com/HerveMARTIN)) 7 | - `context_cookieprocessor` ([HerveMARTIN](https://github.com/HerveMARTIN)) 8 | - `archive_mirror` ([azryelryvel](https://github.com/azryelryvel)) 9 | * Fix usage of 'user-data-constraint' key in `security_constraints` hash ([ronnbcnews](https://github.com/ronnbcnews)) 10 | 11 | ### 1.8.4 12 | 13 | * Fix admin contexts resources ordering ([alvagante](https://github.com/alvagante)) 14 | * Update default package versions 15 | 16 | ### 1.8.3 17 | 18 | * Add configuration of 19 | - nested Host contexts (`contexts` parameter) ([HerveMARTIN](https://github.com/HerveMARTIN)) 20 | - global security constraints (`security_constraints` parameter) 21 | * Update default package versions 22 | * Add support for SuSE 12.3 23 | 24 | ### 1.8.2 25 | 26 | * New parameters `log_folder_mode` and `accesslog_valve_pattern` ([HerveMARTIN](https://github.com/HerveMARTIN)) 27 | * Add support for Debian 9, OpenSuSE 42.3 28 | * Drop support for Ubuntu 12.04, 12.10, 13.04, 13.10, Fedora 23, 24 29 | * Update default package versions 30 | 31 | ### 1.8.1 32 | 33 | Hotfix: remove references to tomcat-juli extra libraries 34 | 35 | ### 1.8.0 36 | 37 | * Drop support for internal logging with log4j 38 | - [Removed](https://bz.apache.org/bugzilla/show_bug.cgi?id=58588) in Tomcat 8.5 39 | * Update default package versions 40 | 41 | ### 1.7.0 42 | 43 | * Add support for Tomcat 9 44 | - Configurable nested UpgradeProtocol, SSLHostConfig and Certificate elements (Connector) 45 | - Configurable nested CredentialHandler element (Realm) 46 | - *Refer to the configuration examples for further usage instructions* 47 | * Make the VersionLogger Listener attributes configurable via `versionlogger_*` parameters 48 | * Make the JreMemoryLeakPrevention Listener attributes configurable via `jrememleak_attrs` parameter 49 | * New parameter `jmx_uselocalports` for the JMX Listener 50 | * **Warning:** the path to Tomcat archives is now composed of both `archive_source` and `archive_filename` (new) parameters 51 | * Fix ignored `listeners` parameter 52 | 53 | ### 1.6.2 54 | 55 | * Add proxy support via new parameters `proxy_server` and `proxy_type` 56 | * New parameter `force_init` which generates a generic init script/unit for packages which do not include any 57 | * Add support for SuSE 12.1 58 | * Update default package versions 59 | 60 | ### 1.6.1 61 | 62 | * Unset `provider` parameter on all `archive` resources (from `puppet-archive` module) 63 | - quick and dirty workaround until [SERVER-94](https://tickets.puppetlabs.com/browse/SERVER-94) gets fixed 64 | - **Warning:** may break behind a HTTP proxy (untested) 65 | 66 | ### 1.6.0 67 | 68 | * Configurable `web.xml` files 69 | - **Warning:** replaces `default_servlet` instance parameter 70 | - New `tomcat::web` defined type to manage `web.xml` files 71 | - See `default_servlet*`, `jsp_servlet*`, `sessionconfig_sessiontimeout` and `welcome_file_list` parameters 72 | * Update systemd unit, expect tomcat script path as set in latest available packages 73 | - **Warning:** check the current location of your tomcat startup script, especially if using an old OS package version 74 | * Replace or remove calls to deprecated `validate_*` stdlib functions 75 | * Add support for Fedora 25 and Amazon Linux 2016.09 76 | * Drop support for Fedora 22 77 | 78 | ### 1.5.0 79 | 80 | **Warning:** the `host_deployOnStartup` parameter was renamed to `host_deployonstartup` (lowercase) in this release. Backward compatibility will be maintained until the next minor release only. 81 | 82 | * New `tomcat::userdb_role_entry` defined type to manage roles in the user database ([hdeadman](https://github.com/hdeadman)) 83 | * New `tomcat_users` and `tomcat_roles` hash parameters to help the definition of users and roles ([hdeadman](https://github.com/hdeadman)) 84 | * Add support for Engine scoped valves: `engine_valves` parameter ([hdeadman](https://github.com/hdeadman)) 85 | * New parameters `restart_on_change` and `file_mode` ([ruriky](https://github.com/ruriky)) 86 | * Allow enabling the Security Manager on `archive` installations ([hdeadman](https://github.com/hdeadman)) 87 | * Fix default systemd service type on `archive` installations ([hdeadman](https://github.com/hdeadman)) 88 | * Improve usage of clustering features (SimpleTcpCluster) ([hdeadman](https://github.com/hdeadman)) 89 | - see undocumented `cluster_*` parameters 90 | * Fix empty user/group in systemd units 91 | * Encode values in XML templates ([scitechfh](https://github.com/scitechfh)) 92 | * Set default provider to `curl` for `archive` resources ([scitechfh](https://github.com/scitechfh)) 93 | * Add support for Ubuntu 16.10 (Yakkety), OpenSuSE 42.2, SuSE 12.1 94 | * Update default package versions 95 | 96 | ### 1.4.0 97 | 98 | **Warning:** the `enable_extras` parameter was renamed to `extras_enable` in this release. Backward compatibility will be maintained until the next minor release only. 99 | 100 | * New parameters: `package_ensure` and `extras_package_name` ([scitechfh](https://github.com/scitechfh)) 101 | * New parameters: `checksum_verify`, `checksum_type`, `checksum` and `extras_source` ([angrox](https://github.com/angrox)) 102 | * Replace dependency on `puppet/staging` by `puppet/archive` 103 | * Align content of systemd templates on current state of official RPM packages (RedHat and derivatives) 104 | * Add support for Ubuntu 16.04 (Xenial), Fedora 24 and Amazon Linux 2016.03 105 | * Drop support for Debian 6 (Squeeze), OpenSuSE 13.1 and below, Fedora 21 and below 106 | * Update default package versions 107 | * Bug fixes: 108 | - parameters left blank in systemd units on some Puppet versions 109 | - work around for [PUP-1597](https://tickets.puppetlabs.com/browse/PUP-3615) on RHEL 7 110 | - dependency cycle between service and context resources 111 | - file permissions too strict on configuration files 112 | - activation of extras/log4j not working with multi-version setups 113 | - tomcat service not notified of all relevant changes 114 | 115 | ### 1.3.2 116 | 117 | * New parameters: `globalnaming_environments` and `ssl_sslenabledprotocols` ([roysjosh](https://github.com/roysjosh)) 118 | * Support Amazon Linux 2015.x ([thkrmr](https://github.com/thkrmr)) 119 | * Update default package versions (Fedora 23) 120 | 121 | ### 1.3.1 122 | 123 | * New `systemd_service_type` parameter ([joshuabaird](https://github.com/joshuabaird)) 124 | * Reload systemd daemon after unit update ([scitechfh](https://github.com/scitechfh)) 125 | * Update deprecated `port` firewall parameter ([scitechfh](https://github.com/scitechfh)) 126 | * Support Fedora 23 127 | 128 | ### 1.3.0 129 | 130 | * Support per-instance user 131 | * New `tomcat::instance` parameter: `default_servlet` 132 | * Fix default owner/group on context.xml 133 | * Contain sub-classes 134 | * Update default package versions (Debian 6/7) 135 | * Support Ubuntu 15.10 136 | 137 | ### 1.2.1 138 | 139 | * Fix obsolete start/stop commands and systemd unit on RHEL7 140 | * Support Epoch tag in package version 141 | * Move information about tomcat user/group to the right place in the documentation 142 | * Update default package versions (RHEL6/7) 143 | 144 | ### 1.2.0 145 | 146 | Enforce tomcat package version. `version` now takes a full package version when tomcat is installed from a package repository. 147 | 148 | ### 1.1.0 149 | 150 | New `tomcat::context` defined type to manage `context.xml` files 151 | 152 | ### 1.0.3 153 | 154 | Fix regression due to changes in pid file management 155 | 156 | ### 1.0.2 157 | 158 | * Add missing `ensure` attributes ([hanej](https://github.com/hanej)) 159 | * Do not force pid file creation (fixes startup issue with Tomcat 6) 160 | 161 | ### 1.0.1 162 | 163 | Fix documentation format and add Context config example 164 | 165 | ### 1.0.0 166 | 167 | * New Context parameters for configuring context.xml: 168 | - `context_params` 169 | - `context_loader` 170 | - `context_manager` 171 | - `context_realm` 172 | - `context_resources` 173 | - `context_parameters` 174 | - `context_environments` 175 | - `context_listeners` 176 | - `context_valves` 177 | - `context_resourcedefs` 178 | - `context_resourcelinks` 179 | * Support Debian 8, Fedora 22 and RHEL 5 180 | * Do not create user/group if already defined 181 | * Minor bugfixes 182 | 183 | ### 0.9.3 184 | 185 | * Allow several instances to use the same `log_path` 186 | * Parameters validation 187 | * Partial spec tests 188 | 189 | ### 0.9.2 190 | 191 | * Enable multi-version tomcat installation 192 | * New parameter `log_path`: define log directory 193 | * Fix issue with generic init script always returning 0 194 | 195 | ### 0.9.1 196 | 197 | Fix compatibility with future parser in Puppet 3.7.4 ([PUP-3615](https://tickets.puppetlabs.com/browse/PUP-3615)) 198 | 199 | ### 0.9.0 200 | 201 | **Warning:** this release is a big step forward, please read the documentation carefully 202 | 203 | * New `listeners` parameters: create custom Listener components within the server configuration 204 | * New Server parameters. Warning: `control_port` renamed to `server_control_port` 205 | - `server_control_port` 206 | - `server_shutdown` 207 | - `server_address` 208 | * New Service parameters. 209 | - `svc_name` 210 | - `svc_params` 211 | * New Engine parameters. Warning: `jvmroute` renamed to `engine_jvmroute` 212 | - `engine_name` 213 | - `engine_defaulthost` 214 | - `engine_jvmroute` 215 | - `engine_params` 216 | * New Host parameters. Warning: **all** old parameters renamed and default values removed! 217 | - `host_name` 218 | - `host_appbase` 219 | - `host_autodeploy` 220 | - `host_deployOnStartup` 221 | - `host_undeployoldversions` 222 | - `host_unpackwars` 223 | - `host_params` 224 | * Fix instance startup on Fedora 20+, drop support for Fedora 15 and 16 225 | * `custom_fragment` renamed to `custom_variables` (hash) 226 | * Refactoring 227 | 228 | ### 0.8.2 229 | 230 | * New parameters related to Executors 231 | - `threadpool_name` 232 | - `threadpool_nameprefix` 233 | - `threadpool_maxthreads` 234 | - `threadpool_minsparethreads` 235 | - `threadpool_params` 236 | - `executors` 237 | 238 | ### 0.8.1 239 | 240 | * Fix Critical messages generated when concaneting empty fragments to server.xml 241 | * New parameter `valves`: create custom Valve components within the server configuration 242 | * Change default value for `catalina_pid` (instance context) and manage pid file 243 | * Improve template formatting 244 | 245 | ### 0.8.0 246 | 247 | * Numerous new Connector parameters (see documentation, thanks [etlweather](https://github.com/etlweather) for the help) 248 | * Split bulky server.xml template into independant fragments 249 | * New `context_resources` parameter: add ResourceLink elements to context.xml ([etlweather](https://github.com/etlweather)) 250 | * Added basic support for SimpleTcpCluster ([etlweather](https://github.com/etlweather), experimental and undocumented, need contributions) 251 | * Updated documentation 252 | 253 | ### 0.7.0 254 | 255 | * New realm parameters: `$lockout_realm`, `$userdatabase_realm` ([etlweather](https://github.com/etlweather)) 256 | * New `globalnaming_resources` and `realms` parameters: possibility to define custom GlobalNamingResources and Realm elements ([etlweather](https://github.com/etlweather)) 257 | * Changed `root_path` default value (instance context) 258 | * Proper startup script for distributions without systemd 259 | * Better support of SuSE OS family 260 | * Fix tomcat6 startup script on RHEL (warning: now requires stdlib >= 4.4.0) 261 | 262 | ### 0.6.0 263 | 264 | * Compatible with future parser 265 | * Minor code improvements 266 | 267 | ### 0.5.4 268 | 269 | Fix [compatibility issue](https://tickets.puppetlabs.com/browse/PUP-1597) with Puppet versions between 3.4 and 3.6 270 | 271 | ### 0.5.3 272 | 273 | Removed `root_path` parameter from main class (redundant with `catalina_home`) 274 | 275 | ### 0.5.2 276 | 277 | * `installation_support` renamed to `install_from` 278 | * New debugging parameters: `jpda_enable`, `jpda_transport`, `jpda_address`, `jpda_suspend` and `jpda_opts` 279 | 280 | ### 0.5.1 281 | 282 | * `tomcat_user` defaults to `service_name` if installed from package 283 | * Log name in Access Log valve now matches `hostname` 284 | * Fixed log folder permissions 285 | 286 | ### 0.5.0 287 | 288 | * Support SuSE OS family 289 | * Configures instance admin webapps properly when installed from archive 290 | * Does not uninstall unrequired libraries anymore (native, log4j) 291 | * Improve warning logging 292 | * Cleanup 293 | 294 | ### 0.4.1 295 | 296 | * Document missing parameter `installation_support` 297 | * Improve documentation 298 | 299 | ### 0.4.0 300 | 301 | * Support installation from archive 302 | * Use `nanliu/staging` instead of `nanliu/archive` to download and extract files 303 | * Improved systemd support 304 | * `create_default_admin` defaults to `false` 305 | * Numerous improvements in code and documentation 306 | 307 | ### 0.3.2 308 | 309 | New parameter `manage_firewall` 310 | 311 | ### 0.3.1 312 | 313 | * `java_opts` and `catalina_opts` are now array parameters 314 | * Path to "setenv" file can be set using `config_path` 315 | * `extras` renamed to `enable_extras` 316 | * `tomcat_native` and `log4j` default to false 317 | 318 | ### 0.3.0 319 | 320 | **Warning:** this release is a big step forward, please read the documentation carefully 321 | 322 | * New type `tomcat::instance`, allows creation of individual instances 323 | * Old `log4j` parameter now split between `log4j` (package) and `log4j_enable` (conf) 324 | * New parameters `apr_listener`, `apr_sslengine` 325 | * Removed parameters `logfile_days` and `logfile_compress` 326 | * Reorganized files and templates 327 | * Fixed broken init script (service status check) 328 | * Use `nanliu/archive` module to download extra libraries 329 | 330 | ### 0.2.1 331 | 332 | * New parameters `logfile_days` and `logfile_compress` 333 | * Added log rotation 334 | * `catalina_base` defaults to `catalina_home` on RedHat (inverted the logic) 335 | * merged Debian and RedHat main configuration files 336 | 337 | ### 0.2.0 338 | 339 | * New parameter `jmx_bind_address` 340 | * `catalina_home` now defaults to `catalina_base` on RedHat 341 | * Removed `defaulthost` parameter 342 | * Minor improvements in code quality, documentation and metadata 343 | 344 | ### 0.1.0 345 | 346 | * Support Debian/Ubuntu 347 | * Renamed `enable_manager` parameter to `admin_webapps` 348 | * New parameters `admin_webapps_package_name` and `log4j_package_name` 349 | 350 | ### 0.0.4 351 | 352 | Stop managing tomcat user, RPMs already take care of it 353 | 354 | ### 0.0.3 355 | 356 | * The package name for Tomcat native library can now be set 357 | * Notify tomcat service when a package resource is modified 358 | 359 | ### 0.0.2 360 | 361 | Fixed a bug with 'extras' libraries get path 362 | 363 | ### 0.0.1 364 | 365 | First forge release 366 | -------------------------------------------------------------------------------- /manifests/config.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat::config 2 | # 3 | class tomcat::config { 4 | # The base class must be included first 5 | if !defined(Class['tomcat']) { 6 | fail('You must include the tomcat base class before using any tomcat sub class') 7 | } 8 | 9 | # forward variables used in templates 10 | $version_real = $::tomcat::version_real 11 | $maj_version = $::tomcat::maj_version 12 | $tomcat_user = $::tomcat::tomcat_user_real 13 | $tomcat_group = $::tomcat::tomcat_group_real 14 | $server_params_real = $::tomcat::server_params_real 15 | $jrememleak_attrs = $::tomcat::jrememleak_attrs 16 | $versionlogger_listener = $::tomcat::versionlogger_listener 17 | $versionlogger_logargs = $::tomcat::versionlogger_logargs 18 | $versionlogger_logenv = $::tomcat::versionlogger_logenv 19 | $versionlogger_logprops = $::tomcat::versionlogger_logprops 20 | $apr_listener = $::tomcat::apr_listener 21 | $apr_sslengine = $::tomcat::apr_sslengine 22 | $jmx_listener = $::tomcat::jmx_listener 23 | $jmx_registry_port = $::tomcat::jmx_registry_port 24 | $jmx_server_port = $::tomcat::jmx_server_port 25 | $jmx_bind_address = $::tomcat::jmx_bind_address 26 | $jmx_uselocalports = $::tomcat::jmx_uselocalports 27 | $listeners = $::tomcat::listeners 28 | $svc_params_real = $::tomcat::svc_params_real 29 | $threadpool_executor = $::tomcat::threadpool_executor 30 | $threadpool_name = $::tomcat::threadpool_name 31 | $threadpool_params_real = $::tomcat::threadpool_params_real 32 | $executors = $::tomcat::executors 33 | $http_connector = $::tomcat::http_connector 34 | $http_port = $::tomcat::http_port 35 | $http_params_real = $::tomcat::http_params_real 36 | $ssl_connector = $::tomcat::ssl_connector 37 | $ssl_port = $::tomcat::ssl_port 38 | $ssl_params_real = $::tomcat::ssl_params_real 39 | $ajp_connector = $::tomcat::ajp_connector 40 | $ajp_port = $::tomcat::ajp_port 41 | $ajp_protocol = $::tomcat::ajp_protocol 42 | $ajp_params_real = $::tomcat::ajp_params_real 43 | $connectors = $::tomcat::connectors 44 | $engine_params_real = $::tomcat::engine_params_real 45 | $host_name = $::tomcat::host_name 46 | $host_params_real = $::tomcat::host_params_real 47 | $hosts = $::tomcat::hosts 48 | $contexts = $::tomcat::contexts 49 | $use_simpletcpcluster = $::tomcat::use_simpletcpcluster 50 | $cluster_membership_port = $::tomcat::cluster_membership_port 51 | $cluster_membership_bind_address = $::tomcat::cluster_membership_bind_address 52 | $cluster_membership_domain = $::tomcat::cluster_membership_domain 53 | $cluster_receiver_address = $::tomcat::cluster_receiver_address 54 | $cluster_receiver_port = $::tomcat::cluster_receiver_port 55 | $cluster_farm_deployer = $::tomcat::cluster_farm_deployer 56 | $cluster_parent_real = $::tomcat::cluster_parent_real 57 | $cluster_farm_deployer_watchdir = $::tomcat::cluster_farm_deployer_watchdir 58 | $cluster_farm_deployer_deploydir = $::tomcat::cluster_farm_deployer_deploydir 59 | $cluster_farm_deployer_watch_enabled = $::tomcat::cluster_farm_deployer_watch_enabled 60 | $combined_realm = $::tomcat::combined_realm 61 | $lockout_realm = $::tomcat::lockout_realm 62 | $userdatabase_realm = $::tomcat::userdatabase_realm 63 | $realms = $::tomcat::realms 64 | $singlesignon_valve = $::tomcat::singlesignon_valve 65 | $accesslog_valve = $::tomcat::accesslog_valve 66 | $accesslog_valve_pattern = $::tomcat::accesslog_valve_pattern 67 | $valves = $::tomcat::valves 68 | $engine_valves = $::tomcat::engine_valves 69 | $globalnaming_environments = $::tomcat::globalnaming_environments 70 | $globalnaming_resources = $::tomcat::globalnaming_resources 71 | $context_params = $::tomcat::context_params 72 | $context_cookieprocessor = $::tomcat::context_cookieprocessor 73 | $context_loader = $::tomcat::context_loader 74 | $context_manager = $::tomcat::context_manager 75 | $context_realm = $::tomcat::context_realm 76 | $context_resources = $::tomcat::context_resources 77 | $context_watchedresources = $::tomcat::context_watchedresources 78 | $context_parameters = $::tomcat::context_parameters 79 | $context_environments = $::tomcat::context_environments 80 | $context_listeners = $::tomcat::context_listeners 81 | $context_valves = $::tomcat::context_valves 82 | $context_resourcedefs = $::tomcat::context_resourcedefs 83 | $context_resourcelinks = $::tomcat::context_resourcelinks 84 | $java_home = $::tomcat::java_home 85 | $catalina_base_real = $::tomcat::catalina_base_real 86 | $catalina_home_real = $::tomcat::catalina_home_real 87 | $jasper_home_real = $::tomcat::jasper_home_real 88 | $catalina_tmpdir_real = $::tomcat::catalina_tmpdir_real 89 | $catalina_pid_real = $::tomcat::catalina_pid_real 90 | $java_opts_real = $::tomcat::java_opts_real 91 | $catalina_opts_real = $::tomcat::catalina_opts_real 92 | $lang = $::tomcat::lang 93 | $security_manager_real = $::tomcat::security_manager_real 94 | $shutdown_wait = $::tomcat::shutdown_wait 95 | $shutdown_verbose = $::tomcat::shutdown_verbose 96 | $jpda_transport = $::tomcat::jpda_transport 97 | $jpda_address = $::tomcat::jpda_address 98 | $jpda_suspend = $::tomcat::jpda_suspend 99 | $jpda_opts_real = $::tomcat::jpda_opts_real 100 | $custom_variables = $::tomcat::custom_variables 101 | 102 | $notify_service = $::tomcat::restart_on_change ? { 103 | true => Service[$::tomcat::service_name_real], 104 | false => undef, 105 | } 106 | 107 | # generate and manage server configuration 108 | concat { 'tomcat server configuration': 109 | path => "${::tomcat::catalina_base_real}/conf/server.xml", 110 | owner => $tomcat_user, 111 | group => $tomcat_group, 112 | mode => $::tomcat::file_mode, 113 | order => 'numeric', 114 | notify => $notify_service 115 | } 116 | 117 | # Template uses: 118 | # - $server_params_real 119 | concat::fragment { 'server.xml header': 120 | order => 0, 121 | content => template("${module_name}/common/server.xml/000_header.erb"), 122 | target => 'tomcat server configuration' 123 | } 124 | 125 | # Template uses: 126 | # - $jrememleak_attrs 127 | # - $jmx_listener 128 | # - $jmx_registry_port 129 | # - $jmx_server_port 130 | # - $jmx_bind_address 131 | # - $versionlogger_listener 132 | # - $versionlogger_logargs 133 | # - $versionlogger_logenv 134 | # - $versionlogger_logprops 135 | # - $apr_listener 136 | # - $apr_sslengine 137 | # - $listeners 138 | # - $version_real 139 | # - $maj_version 140 | concat::fragment { 'server.xml listeners': 141 | order => 10, 142 | content => template("${module_name}/common/server.xml/010_listeners.erb"), 143 | target => 'tomcat server configuration' 144 | } 145 | 146 | # Template uses: 147 | # - $userdatabase_realm 148 | # - $globalnaming_environments 149 | # - $globalnaming_resources 150 | if $userdatabase_realm or ($globalnaming_environments and $globalnaming_environments != []) or ($globalnaming_resources and $globalnaming_resources != []) { 151 | concat::fragment { 'server.xml globalnamingresources': 152 | order => 20, 153 | content => template("${module_name}/common/server.xml/020_globalnamingresources.erb"), 154 | target => 'tomcat server configuration' 155 | } 156 | } 157 | 158 | # Template uses: 159 | # - $svc_params_real 160 | concat::fragment { 'server.xml service': 161 | order => 30, 162 | content => template("${module_name}/common/server.xml/030_service.erb"), 163 | target => 'tomcat server configuration' 164 | } 165 | 166 | # Template uses: 167 | # - $threadpool_executor 168 | # - $threadpool_name 169 | # - $threadpool_params_real 170 | if $threadpool_executor { 171 | concat::fragment { 'server.xml threadpool executor': 172 | order => 40, 173 | content => template("${module_name}/common/server.xml/040_threadpool_executor.erb"), 174 | target => 'tomcat server configuration' 175 | } 176 | } 177 | 178 | # Template uses: 179 | # - $executors 180 | if $executors and $executors != [] { 181 | concat::fragment { 'server.xml executors': 182 | order => 41, 183 | content => template("${module_name}/common/server.xml/041_executors.erb"), 184 | target => 'tomcat server configuration' 185 | } 186 | } 187 | 188 | # Template uses: 189 | # - $http_connector 190 | # - $http_port 191 | # - $http_params_real 192 | # - $ssl_connector 193 | # - $ssl_port 194 | if $http_connector { 195 | concat::fragment { 'server.xml http connector': 196 | order => 50, 197 | content => template("${module_name}/common/server.xml/050_http_connector.erb"), 198 | target => 'tomcat server configuration' 199 | } 200 | } 201 | 202 | # Template uses: 203 | # - $ssl_connector 204 | # - $ssl_port 205 | # - $ssl_params_real 206 | if $ssl_connector { 207 | concat::fragment { 'server.xml ssl connector': 208 | order => 51, 209 | content => template("${module_name}/common/server.xml/051_ssl_connector.erb"), 210 | target => 'tomcat server configuration' 211 | } 212 | } 213 | 214 | # Template uses: 215 | # - $ajp_connector 216 | # - $ajp_port 217 | # - $ajp_protocol 218 | # - $ajp_params_real 219 | # - $ssl_connector 220 | # - $ssl_port 221 | if $ajp_connector { 222 | concat::fragment { 'server.xml ajp connector': 223 | order => 52, 224 | content => template("${module_name}/common/server.xml/052_ajp_connector.erb"), 225 | target => 'tomcat server configuration' 226 | } 227 | } 228 | 229 | # Template uses: 230 | # - $connectors 231 | if $connectors and $connectors != [] { 232 | concat::fragment { 'server.xml connectors': 233 | order => 53, 234 | content => template("${module_name}/common/server.xml/053_connectors.erb"), 235 | target => 'tomcat server configuration' 236 | } 237 | } 238 | 239 | # Template uses: 240 | # - $engine_params_real 241 | concat::fragment { 'server.xml engine': 242 | order => 60, 243 | content => template("${module_name}/common/server.xml/060_engine.erb"), 244 | target => 'tomcat server configuration' 245 | } 246 | 247 | # Template uses: 248 | # - $engine_valves 249 | if $engine_valves and $engine_valves != [] { 250 | concat::fragment { 'server.xml engine valves': 251 | order => 65, 252 | content => template("${module_name}/common/server.xml/065_engine_valves.erb"), 253 | target => 'tomcat server configuration' 254 | } 255 | } 256 | 257 | # Template uses: 258 | # - $use_simpletcpcluster 259 | # - $cluster_membership_port 260 | # - $cluster_membership_domain 261 | # - $cluster_receiver_address 262 | if $use_simpletcpcluster { 263 | $cluster_order = $cluster_parent_real ? { 'host' => 95, default => 70} 264 | concat::fragment { 'server.xml cluster': 265 | order => $cluster_order, 266 | content => template("${module_name}/common/server.xml/070_cluster.erb"), 267 | target => 'tomcat server configuration' 268 | } 269 | } 270 | 271 | # Template uses: 272 | # - $combined_realm 273 | # - $lockout_realm 274 | # - $userdatabase_realm 275 | # - $realms 276 | if $lockout_realm or $userdatabase_realm or ($realms and $realms != []) { 277 | concat::fragment { 'server.xml realms': 278 | order => 80, 279 | content => template("${module_name}/common/server.xml/080_realms.erb"), 280 | target => 'tomcat server configuration' 281 | } 282 | } 283 | 284 | if (empty($hosts)) { 285 | # Template uses: 286 | # - $host_name 287 | # - $host_params_real 288 | concat::fragment { 'server.xml host': 289 | order => 90, 290 | content => template("${module_name}/common/server.xml/090_host.erb"), 291 | target => 'tomcat server configuration' 292 | } 293 | 294 | # Template uses: 295 | # - $contexts 296 | concat::fragment { 'server.xml contexts': 297 | order => 95, 298 | content => template("${module_name}/common/server.xml/095_contexts.erb"), 299 | target => 'tomcat server configuration' 300 | } 301 | 302 | # Template uses: 303 | # - $singlesignon_valve 304 | # - $accesslog_valve 305 | # - $accesslog_valve_pattern 306 | # - $valves 307 | # - $host_name 308 | # - $maj_version 309 | if $singlesignon_valve or $accesslog_valve or ($valves and $valves != []) { 310 | concat::fragment { 'server.xml valves': 311 | order => 100, 312 | content => template("${module_name}/common/server.xml/100_valves.erb"), 313 | target => 'tomcat server configuration' 314 | } 315 | } 316 | 317 | # Template uses no variable, just 318 | concat::fragment { 'server.xml host close': 319 | order => 190, 320 | content => template("${module_name}/common/server.xml/190_host_close.erb"), 321 | target => 'tomcat server configuration' 322 | } 323 | } else { 324 | # Template uses : 325 | # - $hosts 326 | concat::fragment { 'server.xml hosts': 327 | order => 91, 328 | content => template("${module_name}/common/server.xml/091_hosts.erb"), 329 | target => 'tomcat server configuration' 330 | } 331 | } 332 | 333 | concat::fragment { 'server.xml footer': 334 | order => 200, 335 | content => template("${module_name}/common/server.xml/200_footer.erb"), 336 | target => 'tomcat server configuration' 337 | } 338 | 339 | # generate and manage context configuration 340 | ::tomcat::context { 'main default': 341 | path => "${::tomcat::catalina_base_real}/conf/context.xml", 342 | file_mode => $::tomcat::file_mode, 343 | params => $context_params, 344 | cookieprocessor => $context_cookieprocessor, 345 | loader => $context_loader, 346 | manager => $context_manager, 347 | realm => $context_realm, 348 | resources => $context_resources, 349 | watchedresources => $context_watchedresources, 350 | parameters => $context_parameters, 351 | environments => $context_environments, 352 | listeners => $context_listeners, 353 | valves => $context_valves, 354 | resourcedefs => $context_resourcedefs, 355 | resourcelinks => $context_resourcelinks, 356 | notify => $notify_service 357 | } 358 | 359 | # generate and manage default web apps configuration 360 | ::tomcat::web { 'main default': 361 | path => "${::tomcat::catalina_base_real}/conf/web.xml", 362 | file_mode => $::tomcat::file_mode, 363 | default_servlet_params => $::tomcat::default_servlet_params_real, 364 | jsp_servlet_params => $::tomcat::jsp_servlet_params_real, 365 | default_servletmapping_urlpatterns => $::tomcat::default_servletmapping_urlpatterns, 366 | jsp_servletmapping_urlpatterns => $::tomcat::jsp_servletmapping_urlpatterns, 367 | sessionconfig_sessiontimeout => $::tomcat::sessionconfig_sessiontimeout, 368 | sessionconfig_trackingmode => $::tomcat::sessionconfig_trackingmode, 369 | welcome_file_list => $::tomcat::welcome_file_list, 370 | security_constraints => $::tomcat::security_constraints, 371 | notify => $notify_service 372 | } 373 | 374 | # generate and manage global parameters 375 | # Template uses: 376 | # - $java_home 377 | # - $catalina_base_real 378 | # - $catalina_home_real 379 | # - $jasper_home_real 380 | # - $catalina_tmpdir_real 381 | # - $catalina_pid_real 382 | # - $java_opts_real 383 | # - $catalina_opts_real 384 | # - $tomcat::tomcat_user_real 385 | # - $tomcat::tomcat_group_real 386 | # - $maj_version 387 | # - $lang 388 | # - $security_manager_real 389 | # - $shutdown_wait 390 | # - $shutdown_verbose 391 | # - $jpda_transport 392 | # - $jpda_address 393 | # - $jpda_suspend 394 | # - $jpda_opts_real 395 | # - $custom_variables 396 | file { 'tomcat environment variables': 397 | ensure => present, 398 | path => $::tomcat::config_path_real, 399 | content => template("${module_name}/common/setenv.erb"), 400 | owner => $tomcat_user, 401 | group => $tomcat_group, 402 | mode => '0644', 403 | notify => $notify_service 404 | } 405 | 406 | if $::osfamily == 'RedHat' { 407 | # make sure system variables are in the right place 408 | file { 'tomcat default variables': 409 | ensure => present, 410 | path => "${::tomcat::catalina_base_real}/conf/${::tomcat::service_name_real}.conf", 411 | content => "# See ${::tomcat::config_path_real}" 412 | } 413 | } 414 | 415 | # generate and manage UserDatabase file 416 | concat { 'main UserDatabase': 417 | path => "${::tomcat::catalina_base_real}/conf/tomcat-users.xml", 418 | owner => $tomcat_user, 419 | group => $tomcat_group, 420 | mode => $::tomcat::file_mode, 421 | order => 'numeric', 422 | notify => $notify_service 423 | } 424 | 425 | concat::fragment { 'main UserDatabase header': 426 | target => 'main UserDatabase', 427 | content => template("${module_name}/common/UserDatabase_header.erb"), 428 | order => 1 429 | } 430 | 431 | concat::fragment { 'main UserDatabase footer': 432 | target => 'main UserDatabase', 433 | content => template("${module_name}/common/UserDatabase_footer.erb"), 434 | order => 4 435 | } 436 | 437 | # configure authorized access 438 | unless !$::tomcat::create_default_admin { 439 | ::tomcat::userdb_entry { "main ${::tomcat::admin_user}": 440 | database => 'main UserDatabase', 441 | username => $::tomcat::admin_user, 442 | password => $::tomcat::admin_password, 443 | roles => ['manager-gui', 'manager-script', 'admin-gui', 'admin-script'] 444 | } 445 | } 446 | 447 | # Configure users and roles defined in $tomcat_users and $tomcat_roles 448 | create_resources('::tomcat::userdb_entry', $::tomcat::tomcat_users, {}) 449 | create_resources('::tomcat::userdb_role_entry', $::tomcat::tomcat_roles, {}) 450 | } 451 | -------------------------------------------------------------------------------- /manifests/init.pp: -------------------------------------------------------------------------------- 1 | # == Class: tomcat 2 | # 3 | # This module installs the Tomcat application server from available repositories or archive 4 | # 5 | # === Parameters: 6 | # 7 | # [*install_from*] 8 | # what type of source to install from (valid: 'package'|'archive') 9 | # [*version*] 10 | # tomcat full version number (valid format: x.y.z[.M##][-package_suffix]) 11 | # [*archive_source*] 12 | # base path to the archive to download (only if installed from archive) 13 | # [*archive_filename*] 14 | # file name of the archive to download (only if installed from archive) 15 | # [*archive_mirror*] 16 | # mirror to use if installed from archive and no archive source was provided but version was 17 | # [*proxy_server*] 18 | # proxy server url 19 | # [*proxy_type*] 20 | # proxy server type (valid: 'none'|'http'|'https'|'ftp') 21 | # [*package_name*] 22 | # tomcat package name 23 | # [*package_ensure*] 24 | # tomcat package 'ensure' attribute (falls back to value of '$version') 25 | # [*service_name*] 26 | # tomcat service name 27 | # [*service_ensure*] 28 | # whether the service should be running (valid: 'stopped'|'running'|undef) 29 | # [*service_enable*] 30 | # enable service (boolean) 31 | # [*systemd_service_type*] 32 | # value for systemd service type 33 | # [*force_init*] 34 | # force generation of a generic init script/unit 35 | # [*service_start*] 36 | # override service startup command 37 | # [*service_stop*] 38 | # override service shutdown command 39 | # [*tomcat_user*] 40 | # service user 41 | # [*tomcat_user_id*] 42 | # service user id 43 | # [*tomcat_group*] 44 | # service group 45 | # [*tomcat_group_id*] 46 | # service group id 47 | # [*file_mode*] 48 | # mode for configuration files 49 | # [*tomcat_native*] 50 | # install tomcat native library (boolean) 51 | # [*tomcat_native_package_name*] 52 | # tomcat native library package name 53 | # [*extras_enable*] 54 | # install extra libraries (boolean) 55 | # [*extras_source*] 56 | # base path to tomcat extra libraries 57 | # [*extras_package_name*] 58 | # install extras from given package(s) 59 | # [*manage_firewall*] 60 | # manage firewall rules (boolean) 61 | # [*checksum_verify*] 62 | # verify the checksum if tomcat is installed from an archive (boolean) 63 | # [*checksum_type*] 64 | # archive file checksum type (valid: 'none'|'md5'|'sha1'|'sha2'|'sh256'|'sha384'|'sha512') 65 | # [*checksum*] 66 | # archive file checksum 67 | # [*admin_webapps*] 68 | # install admin webapps (boolean - *only* if installed from package) 69 | # [*admin_webapps_package_name*] 70 | # admin webapps package name 71 | # [*create_default_admin*] 72 | # create default admin user (boolean) 73 | # [*admin_user*] 74 | # admin user name 75 | # [*admin_password*] 76 | # admin user password 77 | # [*tomcat_users*] 78 | # hash containing user definitions 79 | # [*tomcat_roles*] 80 | # hash containing role definitions 81 | # 82 | # see README file for a description of all parameters related to server configuration 83 | # 84 | # === Actions: 85 | # 86 | # * Install tomcat 87 | # * Configure main instance 88 | # * Download extra libraries (optional) 89 | # 90 | # === Requires: 91 | # 92 | # * puppetlabs/stdlib module 93 | # * puppetlabs/concat module 94 | # 95 | # === Sample Usage: 96 | # 97 | # class { '::tomcat': 98 | # version => '7.0.56-2ubuntu0.1', 99 | # service_name => 'tomcat7' 100 | # } 101 | # 102 | class tomcat ( 103 | # 104 | # undef values are automatically generated within the class for convenience reasons 105 | # 106 | #.................................................................................. 107 | # packages and service 108 | #.................................................................................. 109 | $install_from = 'package', 110 | $version = $::tomcat::params::version, 111 | $archive_source = undef, 112 | $archive_filename = undef, 113 | $archive_mirror = 'http://archive.apache.org', 114 | $proxy_server = undef, 115 | $proxy_type = undef, 116 | $package_name = $::tomcat::params::package_name, 117 | $package_ensure = undef, 118 | $service_name = undef, 119 | $service_ensure = 'running', 120 | $service_enable = true, 121 | $restart_on_change = true, 122 | $systemd_service_type = undef, 123 | $force_init = false, 124 | $service_start = undef, 125 | $service_stop = undef, 126 | $tomcat_user = undef, 127 | $tomcat_user_id = undef, 128 | $tomcat_group = undef, 129 | $tomcat_group_id = undef, 130 | $file_mode = '0600', 131 | $tomcat_native = false, 132 | $tomcat_native_package_name = $::tomcat::params::tomcat_native_package_name, 133 | $extras_enable = false, 134 | $extras_source = undef, 135 | $extras_package_name = undef, 136 | $manage_firewall = false, 137 | #.................................................................................. 138 | # checksum for archive file 139 | #.................................................................................. 140 | $checksum_verify = false, 141 | $checksum_type = 'none', 142 | $checksum = undef, 143 | #.................................................................................. 144 | # security and administration 145 | #.................................................................................. 146 | $admin_webapps = true, 147 | $admin_webapps_package_name = undef, 148 | $create_default_admin = false, 149 | $admin_user = 'tomcatadmin', 150 | $admin_password = 'password', 151 | $tomcat_users = {}, 152 | $tomcat_roles = {}, 153 | #.................................................................................. 154 | # logging 155 | #.................................................................................. 156 | $log_path = undef, 157 | $log_folder_mode = '0660', 158 | #.................................................................................. 159 | # server configuration 160 | #.................................................................................. 161 | # server 162 | $server_control_port = 8005, 163 | $server_shutdown = 'SHUTDOWN', 164 | $server_address = undef, 165 | $server_params = {}, 166 | #.................................................................................. 167 | # listeners 168 | $jrememleak_attrs = {}, 169 | # versionlogger 170 | $versionlogger_listener = true, 171 | $versionlogger_logargs = undef, 172 | $versionlogger_logenv = undef, 173 | $versionlogger_logprops = undef, 174 | # apr 175 | $apr_listener = false, 176 | $apr_sslengine = undef, 177 | # jmx 178 | $jmx_listener = false, 179 | $jmx_registry_port = 8050, 180 | $jmx_server_port = 8051, 181 | $jmx_bind_address = undef, 182 | $jmx_uselocalports = undef, 183 | # custom listeners 184 | $listeners = [], 185 | #.................................................................................. 186 | # service 187 | $svc_name = 'Catalina', 188 | $svc_params = {}, 189 | #.................................................................................. 190 | # executors 191 | $threadpool_executor = false, 192 | $threadpool_name = 'tomcatThreadPool', 193 | $threadpool_nameprefix = 'catalina-exec-', 194 | $threadpool_maxthreads = undef, 195 | $threadpool_minsparethreads = undef, 196 | $threadpool_params = {}, 197 | # custom executors 198 | $executors = [], 199 | #.................................................................................. 200 | # connectors 201 | # http connector 202 | $http_connector = true, 203 | $http_port = 8080, 204 | $http_protocol = undef, 205 | $http_use_threadpool = false, 206 | $http_connectiontimeout = undef, 207 | $http_uriencoding = undef, 208 | $http_compression = undef, 209 | $http_maxthreads = undef, 210 | $http_params = {}, 211 | # ssl connector 212 | $ssl_connector = false, 213 | $ssl_port = 8443, 214 | $ssl_protocol = undef, 215 | $ssl_use_threadpool = false, 216 | $ssl_connectiontimeout = undef, 217 | $ssl_uriencoding = undef, 218 | $ssl_compression = false, 219 | $ssl_maxthreads = undef, 220 | $ssl_clientauth = undef, 221 | $ssl_sslenabledprotocols = undef, 222 | $ssl_sslprotocol = undef, 223 | $ssl_keystorefile = undef, 224 | $ssl_params = {}, 225 | # ajp connector 226 | $ajp_connector = true, 227 | $ajp_port = 8009, 228 | $ajp_protocol = 'AJP/1.3', 229 | $ajp_use_threadpool = false, 230 | $ajp_connectiontimeout = undef, 231 | $ajp_uriencoding = undef, 232 | $ajp_maxthreads = undef, 233 | $ajp_params = {}, 234 | # custom connectors 235 | $connectors = [], 236 | #.................................................................................. 237 | # engine 238 | $engine_name = 'Catalina', 239 | $engine_defaulthost = undef, 240 | $engine_jvmroute = undef, 241 | $engine_params = {}, 242 | #.................................................................................. 243 | # cluster (experimental) 244 | $use_simpletcpcluster = false, 245 | $cluster_membership_port = '45565', 246 | $cluster_membership_bind_address = undef, # useful if there are multiple NICs and multicast isn't using the right one 247 | $cluster_membership_domain = 'tccluster', 248 | $cluster_receiver_address = undef, 249 | $cluster_receiver_port = '4000', 250 | $cluster_farm_deployer = false, 251 | $cluster_parent = undef, # engine/host, must be 'host' if using farm deployer 252 | $cluster_farm_deployer_watchdir = undef, 253 | $cluster_farm_deployer_deploydir = undef, # directory not managed by this module 254 | $cluster_farm_deployer_watch_enabled = true, 255 | #.................................................................................. 256 | # realms 257 | $combined_realm = false, 258 | $lockout_realm = true, 259 | $userdatabase_realm = true, 260 | $realms = [], 261 | #.................................................................................. 262 | # host 263 | $host_name = 'localhost', 264 | $host_appbase = undef, 265 | $host_autodeploy = undef, 266 | $host_deployonstartup = undef, 267 | $host_undeployoldversions = undef, 268 | $host_unpackwars = undef, 269 | $host_params = {}, 270 | $hosts = {}, 271 | #.................................................................................. 272 | # host contexts 273 | $contexts = [], 274 | #.................................................................................. 275 | # host valves 276 | $singlesignon_valve = false, 277 | $accesslog_valve = true, 278 | $accesslog_valve_pattern = '%h %l %u %t "%r" %s %b', 279 | $valves = [], 280 | # engine valves 281 | $engine_valves = [], 282 | #.................................................................................. 283 | # misc 284 | $globalnaming_environments = [], 285 | $globalnaming_resources = [], 286 | #.................................................................................. 287 | # context configuration 288 | #.................................................................................. 289 | $context_params = {}, 290 | $context_cookieprocessor = {}, 291 | $context_loader = {}, 292 | $context_manager = {}, 293 | $context_realm = {}, 294 | $context_resources = {}, 295 | $context_watchedresources = ['WEB-INF/web.xml',"\${catalina.base}/conf/web.xml"], 296 | $context_parameters = [], 297 | $context_environments = [], 298 | $context_listeners = [], 299 | $context_valves = [], 300 | $context_resourcedefs = [], 301 | $context_resourcelinks = [], 302 | #.................................................................................. 303 | # web apps configuration 304 | #.................................................................................. 305 | # servlets 306 | $default_servlet_debug = 0, 307 | $default_servlet_listings = false, 308 | $default_servlet_gzip = undef, 309 | $default_servlet_input = undef, 310 | $default_servlet_output = undef, 311 | $default_servlet_readonly = undef, 312 | $default_servlet_fileencoding = undef, 313 | $default_servlet_showserverinfo = undef, 314 | $default_servlet_params = {}, 315 | $jsp_servlet_checkinterval = undef, 316 | $jsp_servlet_development = undef, 317 | $jsp_servlet_enablepooling = undef, 318 | $jsp_servlet_fork = false, 319 | $jsp_servlet_genstringaschararray = undef, 320 | $jsp_servlet_javaencoding = undef, 321 | $jsp_servlet_modificationtestinterval = undef, 322 | $jsp_servlet_trimspaces = undef, 323 | $jsp_servlet_xpoweredby = false, 324 | $jsp_servlet_params = {}, 325 | #.................................................................................. 326 | # servlet-mappings 327 | $default_servletmapping_urlpatterns = ['/'], 328 | $jsp_servletmapping_urlpatterns = ['*.jsp', '*.jspx'], 329 | #.................................................................................. 330 | # session-config 331 | $sessionconfig_sessiontimeout = 30, 332 | $sessionconfig_trackingmode = undef, 333 | #.................................................................................. 334 | # welcome-file-list 335 | $welcome_file_list = ['index.html', 'index.htm', 'index.jsp' ], 336 | #.................................................................................. 337 | # security-constraint 338 | $security_constraints = [], 339 | #.................................................................................. 340 | # environment variables 341 | #.................................................................................. 342 | $config_path = undef, 343 | # catalina 344 | $catalina_home = undef, 345 | $catalina_base = undef, 346 | $jasper_home = undef, 347 | $catalina_tmpdir = undef, 348 | $catalina_pid = undef, 349 | $catalina_opts = [], 350 | # java 351 | $java_home = undef, 352 | $java_opts = ['-server'], 353 | # debug 354 | $jpda_enable = false, 355 | $jpda_transport = undef, 356 | $jpda_address = undef, 357 | $jpda_suspend = undef, 358 | $jpda_opts = [], 359 | # other 360 | $security_manager = false, 361 | $lang = undef, 362 | $shutdown_wait = 30, 363 | $shutdown_verbose = false, 364 | $custom_variables = {}) inherits tomcat::params { 365 | # parameters validation 366 | if $install_from !~ /^(package|archive)$/ { 367 | fail('$install_from must be either \'package\' or \'archive\'') 368 | } 369 | if $version !~ /^([0-9]{1,2}:)?[0-9]\.[0-9]\.[0-9]{1,2}(\.M[0-9]{1,2})?(-.*)?$/ { 370 | fail('incorrect tomcat version number') 371 | } 372 | if $checksum_type !~ /^(none|md5|sha1|sha2|sh256|sha384|sha512)$/ { 373 | fail('$checksum can only be one of: none|md5|sha1|sha2|sh256|sha384|sha512') 374 | } 375 | if $checksum_verify and !$checksum { 376 | fail('Checksum verification requires $checksum variable to be set') 377 | } 378 | 379 | # split version string 380 | $array_version_full = split($version, '[-]') 381 | $version_real = regsubst($array_version_full[0], '[0-9]{1,2}:', '') 382 | $array_version_real = split($version_real, '[.]') 383 | $maj_version = $array_version_real[0] 384 | 385 | # autogenerated defaults 386 | if $service_name == undef { 387 | $service_name_real = $install_from ? { 388 | 'package' => $package_name, 389 | default => "tomcat${maj_version}" 390 | } } else { 391 | $service_name_real = $service_name 392 | } 393 | 394 | if $archive_source == undef { 395 | $archive_source_real = "${archive_mirror}/dist/tomcat/tomcat-${maj_version}/v${version_real}/bin" 396 | } else { 397 | $archive_source_real = $archive_source 398 | } 399 | 400 | if $archive_filename == undef { 401 | $archive_filename_real = "apache-tomcat-${version_real}.tar.gz" 402 | } else { 403 | $archive_filename_real = $archive_filename 404 | } 405 | 406 | if $extras_source == undef { 407 | $extras_source_real = "${archive_mirror}/dist/tomcat/tomcat-${maj_version}/v${version_real}/bin/extras" 408 | } else { 409 | $extras_source_real = $extras_source 410 | } 411 | 412 | if $admin_webapps_package_name == undef { 413 | $admin_webapps_package_name_real = $::osfamily ? { 414 | 'Debian' => "${package_name}-admin", 415 | default => "${package_name}-admin-webapps" 416 | } } else { 417 | $admin_webapps_package_name_real = $admin_webapps_package_name 418 | } 419 | 420 | if $catalina_home == undef { 421 | $catalina_home_real = "/usr/share/${service_name_real}" 422 | } else { 423 | $catalina_home_real = $catalina_home 424 | } 425 | 426 | if $catalina_base == undef { 427 | case $install_from { 428 | 'package' : { 429 | $catalina_base_real = $::osfamily ? { 430 | 'Debian' => "/var/lib/${service_name_real}", 431 | default => $catalina_home_real 432 | } } 433 | default : { 434 | $catalina_base_real = $catalina_home_real 435 | } 436 | } 437 | } else { 438 | $catalina_base_real = $catalina_base 439 | } 440 | 441 | if $jasper_home == undef { 442 | $jasper_home_real = $catalina_home_real 443 | } else { 444 | $jasper_home_real = $jasper_home 445 | } 446 | 447 | if $catalina_tmpdir == undef { 448 | case $install_from { 449 | 'package' : { 450 | $catalina_tmpdir_real = $::osfamily ? { 451 | 'Debian' => '$JVM_TMP', 452 | default => "${catalina_base_real}/temp" 453 | } } 454 | default : { 455 | $catalina_tmpdir_real = "${catalina_base_real}/temp" 456 | } 457 | } 458 | } else { 459 | $catalina_tmpdir_real = $catalina_tmpdir 460 | } 461 | 462 | if $catalina_pid == undef { 463 | case $install_from { 464 | 'package' : { 465 | $catalina_pid_real = "/var/run/${service_name_real}.pid" 466 | } 467 | default : { 468 | $catalina_pid_real = "/var/run/${service_name_real}/${service_name_real}.pid" 469 | } 470 | } 471 | } else { 472 | $catalina_pid_real = $catalina_pid 473 | } 474 | 475 | if $package_ensure { 476 | if $package_ensure !~ /^(latest|present)$/ { 477 | fail('$package_ensure must be either \'latest\' or \'present\'') 478 | } 479 | $package_ensure_real = $package_ensure 480 | } else { 481 | $package_ensure_real = $version 482 | } 483 | 484 | if $log_path == undef { 485 | $log_path_real = "/var/log/${service_name_real}" 486 | } else { 487 | $log_path_real = $log_path 488 | } 489 | 490 | if $config_path == undef { 491 | case $install_from { 492 | 'package' : { 493 | $config_path_real = $::osfamily ? { 494 | 'Debian' => "/etc/default/${service_name_real}", 495 | 'Suse' => "/etc/${service_name_real}/${service_name_real}.conf", 496 | default => "/etc/sysconfig/${service_name_real}" 497 | } } 498 | default : { 499 | $config_path_real = "${catalina_base_real}/bin/setenv.sh" 500 | } 501 | } 502 | } else { 503 | $config_path_real = $config_path 504 | } 505 | 506 | $notify_service = $restart_on_change ? { 507 | true => Service[$service_name_real], 508 | default => undef 509 | } 510 | 511 | if $systemd_service_type == undef { 512 | if $install_from == 'archive' { 513 | $systemd_service_type_real = 'forking' 514 | } else { 515 | $systemd_service_type_real = 'simple' 516 | } 517 | } else { 518 | $systemd_service_type_real = $systemd_service_type 519 | } 520 | 521 | if $service_start == undef { 522 | # unused when $install_from == 'package' 523 | $start_cmd = $jpda_enable ? { 524 | true => 'jpda start', 525 | default => 'start' 526 | } 527 | # catalina.sh in archive for takes -security option to enable security manager 528 | $security_arg = $security_manager ? { 529 | true => ' -security', 530 | default => '' 531 | } 532 | $service_start_real = "${catalina_home_real}/bin/catalina.sh ${start_cmd}${security_arg}" 533 | } else { 534 | $service_start_real = $service_start 535 | } 536 | 537 | if $service_stop == undef { 538 | # unused when $install_from == 'package' 539 | $service_stop_real = "${catalina_home_real}/bin/catalina.sh stop" 540 | } else { 541 | $service_stop_real = $service_stop 542 | } 543 | 544 | if $tomcat_user == undef { 545 | case $install_from { 546 | 'package' : { 547 | $tomcat_user_real = $::osfamily ? { 548 | 'Debian' => $service_name_real, 549 | default => 'tomcat' 550 | } } 551 | default : { 552 | $tomcat_user_real = 'tomcat' 553 | } 554 | } 555 | } else { 556 | $tomcat_user_real = $tomcat_user 557 | } 558 | 559 | if $tomcat_group == undef { 560 | $tomcat_group_real = $tomcat_user_real 561 | } else { 562 | $tomcat_group_real = $tomcat_group 563 | } 564 | 565 | if $::osfamily == 'Debian' { 566 | $security_manager_real = $security_manager ? { 567 | true => 'yes', 568 | default => 'no' 569 | } 570 | } else { 571 | $security_manager_real = $security_manager 572 | } 573 | 574 | if (empty($hosts)) { 575 | $engine_defaulthost_real = $engine_defaulthost ? { 576 | undef => $host_name, 577 | default => $engine_defaulthost 578 | } 579 | } else { 580 | $engine_defaulthost_real = $engine_defaulthost ? { 581 | undef => $hosts[0]['name'], 582 | default => $engine_defaulthost 583 | } 584 | } 585 | 586 | $java_opts_real = join($java_opts, ' ') 587 | $catalina_opts_real = join($catalina_opts, ' ') 588 | $jpda_opts_real = join($jpda_opts, ' ') 589 | 590 | # generate params hash 591 | $server_params_real = merge(delete_undef_values({ 592 | 'port' => $server_control_port, 593 | 'shutdown' => $server_shutdown, 594 | 'address' => $server_address 595 | } 596 | ), $server_params) 597 | 598 | $svc_params_real = merge(delete_undef_values({ 599 | 'name' => $svc_name 600 | } 601 | ), $svc_params) 602 | 603 | $threadpool_params_real = merge(delete_undef_values({ 604 | 'namePrefix' => $threadpool_nameprefix, 605 | 'maxThreads' => $threadpool_maxthreads, 606 | 'minSpareThreads' => $threadpool_minsparethreads 607 | } 608 | ), $threadpool_params) 609 | 610 | $http_params_real = merge(delete_undef_values({ 611 | 'protocol' => $http_protocol, 612 | 'executor' => $http_use_threadpool ? { 613 | true => $threadpool_name, 614 | default => undef 615 | }, 616 | 'connectionTimeout' => $http_connectiontimeout, 617 | 'URIEncoding' => $http_uriencoding, 618 | 'compression' => $http_compression ? { 619 | true => 'on', 620 | default => undef 621 | }, 622 | 'maxThreads' => $http_maxthreads 623 | } 624 | ), $http_params) 625 | 626 | $ssl_params_real = merge(delete_undef_values({ 627 | 'protocol' => $ssl_protocol, 628 | 'executor' => $ssl_use_threadpool ? { 629 | true => $threadpool_name, 630 | default => undef 631 | }, 632 | 'connectionTimeout' => $ssl_connectiontimeout, 633 | 'URIEncoding' => $ssl_uriencoding, 634 | 'compression' => $ssl_compression ? { 635 | true => 'on', 636 | default => undef 637 | }, 638 | 'maxThreads' => $ssl_maxthreads, 639 | 'clientAuth' => $ssl_clientauth, 640 | 'sslEnabledProtocols' => $ssl_sslenabledprotocols, 641 | 'sslProtocol' => $ssl_sslprotocol, 642 | 'keystoreFile' => $ssl_keystorefile 643 | } 644 | ), $ssl_params) 645 | 646 | $ajp_params_real = merge(delete_undef_values({ 647 | 'executor' => $ajp_use_threadpool ? { 648 | true => $threadpool_name, 649 | default => undef 650 | }, 651 | 'connectionTimeout' => $ajp_connectiontimeout, 652 | 'URIEncoding' => $ajp_uriencoding, 653 | 'maxThreads' => $ajp_maxthreads 654 | } 655 | ), $ajp_params) 656 | 657 | $engine_params_real = merge(delete_undef_values({ 658 | 'name' => $engine_name, 659 | 'defaultHost' => $engine_defaulthost_real, 660 | 'jvmRoute' => $engine_jvmroute 661 | } 662 | ), $engine_params) 663 | 664 | $host_params_real = merge(delete_undef_values({ 665 | 'appBase' => $host_appbase, 666 | 'autoDeploy' => $host_autodeploy, 667 | 'deployOnStartup' => $host_deployonstartup, 668 | 'undeployOldVersions' => $host_undeployoldversions, 669 | 'unpackWARs' => $host_unpackwars 670 | } 671 | ), $host_params) 672 | 673 | $default_servlet_params_real = merge(delete_undef_values({ 674 | 'debug' => $default_servlet_debug, 675 | 'listings' => $default_servlet_listings, 676 | 'gzip' => $default_servlet_gzip, 677 | 'input' => $default_servlet_input, 678 | 'output' => $default_servlet_output, 679 | 'readonly' => $default_servlet_readonly, 680 | 'fileEncoding' => $default_servlet_fileencoding, 681 | 'showServerInfo' => $default_servlet_showserverinfo 682 | } 683 | ), $default_servlet_params) 684 | 685 | $jsp_servlet_params_real = merge(delete_undef_values({ 686 | 'checkInterval' => $jsp_servlet_checkinterval, 687 | 'development' => $jsp_servlet_development, 688 | 'enablePooling' => $jsp_servlet_enablepooling, 689 | 'fork' => $jsp_servlet_fork, 690 | 'genStringAsCharArray' => $jsp_servlet_genstringaschararray, 691 | 'javaEncoding' => $jsp_servlet_javaencoding, 692 | 'modificationTestInterval' => $jsp_servlet_modificationtestinterval, 693 | 'trimSpaces' => $jsp_servlet_trimspaces, 694 | 'xpoweredBy' => $jsp_servlet_xpoweredby 695 | } 696 | ), $jsp_servlet_params) 697 | 698 | # should we force download extras libs? 699 | if $jmx_listener { 700 | $extras_enable_real = true 701 | } else { 702 | $extras_enable_real = $extras_enable 703 | } 704 | 705 | # cluster can live in engine or host, engine was original default, host is required if using farm deployer 706 | if $cluster_parent { 707 | if $cluster_parent !~ /^(engine|host)$/ { 708 | fail('$cluster_parent must be either \'host\' or \'engine\'') 709 | } 710 | if $cluster_farm_deployer and $cluster_parent == 'engine' { 711 | fail('Farm deployer cannot be used with $cluster_parent=\'engine\'') 712 | } 713 | $cluster_parent_real = $cluster_parent 714 | } else { 715 | $cluster_parent_real = $cluster_farm_deployer ? { true => 'host', default => 'engine' } 716 | } 717 | # default name for watchdir is "deploy" b/c you put WAR there to deploy it 718 | # deploydir (typically webapps) is where files are deployed to 719 | $cluster_farm_deployer_watchdir_real = pick($cluster_farm_deployer_watchdir,"${catalina_base_real}/deploy") 720 | $cluster_farm_deployer_deploydir_real = pick($cluster_farm_deployer_deploydir, "${catalina_base_real}/webapps") 721 | 722 | # start the real action 723 | contain tomcat::install 724 | contain tomcat::service 725 | contain tomcat::config 726 | Class['::tomcat::install'] -> Class['::tomcat::config'] -> Class['::tomcat::service'] 727 | 728 | if $extras_enable_real and !$extras_package_name { 729 | # download and install extras from archive 730 | contain tomcat::extras 731 | Class['::tomcat::install'] -> Class['::tomcat::extras'] -> Class['::tomcat::service'] 732 | } 733 | 734 | if $manage_firewall { 735 | contain tomcat::firewall 736 | } 737 | } 738 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # tomcat 2 | [![Build Status](https://travis-ci.org/antoineco/aco-tomcat.svg?branch=master)](https://travis-ci.org/antoineco/aco-tomcat) 3 | 4 | #### Table of Contents 5 | 6 | 1. [Overview - What is the tomcat module?](#overview) 7 | 2. [Module Description - What does the module do?](#module-description) 8 | 3. [Setup - The basics of getting started with tomcat](#setup) 9 | * [Installation scenarios](#installation-scenarios) 10 | * [Configuration scenarios](#configuration-scenarios) 11 | 4. [Usage - The classes and defined types available for configuration](#usage) 12 | * [Classes and Defined Types](#classes-and-defined-types) 13 | * [Class: tomcat](#class-tomcat) 14 | * [Define: tomcat::instance](#define-tomcatinstance) 15 | * [Common parameters](#common-parameters) 16 | * [Define: tomcat::userdb_entry](#define-tomcatuserdb_entry) 17 | * [Define: tomcat::userdb_role_entry](#define-tomcatuserdb_role_entry) 18 | * [Define: tomcat::context](#define-tomcatcontext) 19 | * [Define: tomcat::web](#define-tomcatweb) 20 | 5. [Testing - How to run the included spec tests](#testing) 21 | 6. [Contributors](#contributors) 22 | 23 | ## Overview 24 | 25 | The tomcat module installs and configures Apache Tomcat instances from either the packages available in your distribution's repositories, or from any archive file you provide to it. 26 | 27 | ## Module description 28 | 29 | This module will install the desired version of the Apache Tomcat Web Application Container from almost any possible source, including the repositories available on the target system (distribution repositories or third-party sources like [JPackage](http://www.jpackage.org) and [EPEL](https://fedoraproject.org/wiki/EPEL)) 30 | A long list of parameters allow a fine tuning of the server and the JVM. Tomcat's most common elements are provided, and virtually any missing parameters can be included using the hash parameters present in each block. 31 | It is also possible to configure, besides the server itself, admin applications, extra libraries, etc. 32 | The creation of individual instances following [Apache's guidelines](http://tomcat.apache.org/tomcat-9.0-doc/RUNNING.txt) is supported via a custom type. 33 | 34 | ## Setup 35 | 36 | tomcat will affect the following parts of your system: 37 | 38 | * tomcat packages and dependencies 39 | * tomcat service(s) 40 | * instances configuration 41 | * tomcat user database(s) and authorized users (defined type) 42 | 43 | Including the main class is enough to install the default version of Tomcat provided by your distribution, and run it with default settings. 44 | 45 | ```puppet 46 | include tomcat 47 | ``` 48 | 49 | #### Installation scenarios 50 | 51 | Install from archive instead of distribution package 52 | 53 | ```puppet 54 | class { 'tomcat': 55 | install_from => 'archive', 56 | version => '8.0.15' 57 | } 58 | ``` 59 | 60 | Disable main instance and setup 2 individual instances 61 | 62 | ```puppet 63 | class { 'tomcat': 64 | service_ensure => 'stopped', 65 | service_enable => false 66 | } 67 | tomcat::instance { 'instance1': 68 | server_control_port => 8005, 69 | http_port => 8080, 70 | ajp_connector => false, 71 | … 72 | } 73 | tomcat::instance { 'instance2': 74 | server_control_port => 8006, 75 | http_port => 8081, 76 | manage_firewall => true, 77 | … 78 | } 79 | ``` 80 | 81 | Start a second instance with a different tomcat version 82 | 83 | ```puppet 84 | class { 'tomcat': 85 | install_from => 'archive', 86 | version => '7.0.55' 87 | … 88 | } 89 | tomcat::instance { 'my_app': 90 | version => '8.0.18' 91 | … 92 | } 93 | ``` 94 | 95 | Use a non-default JVM and run it with custom options 96 | 97 | ```puppet 98 | class { 'tomcat': 99 | java_home => '/usr/java/jre1.7.0_65', 100 | java_opts => ['-server', '-Xmx2048m', '-Xms256m', '-XX:+UseConcMarkSweepGC'] 101 | } 102 | ``` 103 | 104 | Enable the manager/host-manager webapps and configure default admin 105 | 106 | ```puppet 107 | class { 'tomcat': 108 | … 109 | admin_webapps => true, 110 | create_default_admin => true, 111 | admin_user => 'tomcatmaster', 112 | admin_password => 'meow' 113 | } 114 | ``` 115 | 116 | Use with custom packages/custom installation layouts (eg. with [Ulyaoth](https://forge.puppetlabs.com/aco/ulyaoth)) 117 | 118 | ```puppet 119 | class { 'tomcat': 120 | package_name => 'ulyaoth-tomcat8', 121 | version => '8.0.15' 122 | service_name => 'tomcat', 123 | config_path => '/opt/tomcat/bin/setenv.sh', 124 | catalina_home => '/opt/tomcat', 125 | catalina_pid => '$CATALINA_TMPDIR/$SERVICE_NAME.pid', 126 | admin_webapps_package_name => 'ulyaoth-tomcat8-admin', 127 | tomcat_native => true, 128 | tomcat_native_package_name => 'ulyaoth-tomcat-native' 129 | … 130 | } 131 | ``` 132 | 133 | Download Tomcat archives behind a proxy server 134 | 135 | ```puppet 136 | class { 'tomcat': 137 | … 138 | proxy_server => 'http://user:password@proxy.example.com:8080' 139 | } 140 | ``` 141 | 142 | ### Configuration scenarios 143 | 144 | Enable the standard AJP connector on non-default port with custom parameters 145 | 146 | ```puppet 147 | class { 'tomcat': 148 | … 149 | ajp_connector => true, 150 | ajp_port => 8090, 151 | ajp_params => { 'address' => '127.0.0.1', 'packetSize' => 12288 } 152 | } 153 | ``` 154 | 155 | Configure custom connectors 156 | 157 | ```puppet 158 | class { 'tomcat': 159 | … 160 | connectors => [ 161 | { 'port' => 9080, 162 | 'protocol' => 'org.apache.coyote.http11.Http11Nio2Protocol', 163 | 'maxPostSize' => 2500000 164 | }, 165 | { 'port' => 9081, 166 | 'allowTrace' => true 167 | } 168 | ] 169 | } 170 | ``` 171 | 172 | Configure a nested HTTP/2 connector (Tomcat 8.5+) 173 | 174 | ```puppet 175 | class { 'tomcat': 176 | … 177 | connectors => [ 178 | { 'port' => 8443, 179 | 'protocol' => 'org.apache.coyote.http11.Http11AprProtocol', 180 | 'SSLEnabled' => true, 181 | 'defaultSSLHostConfigName' => 'example.com', 182 | 'upgradeprotocol' => { 183 | 'className' => 'org.apache.coyote.http2.Http2Protocol', 184 | 'readTimeout' => 5000 185 | }, 186 | 'sslhostconfigs' => [ 187 | { 'hostName' => 'example.com', 188 | 'honorCipherOrder' => true, 189 | 'certificates' => [ 190 | { 'certificateKeystoreFile' => 'conf/localhost.jks', 191 | 'type' => 'RSA' 192 | }, 193 | { 'certificateKeyFile' => 'conf/localhost-key.pem', 194 | 'certificateFile' => 'conf/localhost-crt.pem', 195 | 'certificateChainFile' => 'conf/localhost-chain.pem', 196 | 'type' => 'RSA' 197 | } 198 | ] 199 | } 200 | ] 201 | } 202 | ] 203 | } 204 | ``` 205 | 206 | Configure custom Listeners 207 | 208 | ```puppet 209 | class { 'tomcat': 210 | … 211 | listeners => [ 212 | { 'className' => 'org.apache.catalina.storeconfig.StoreConfigLifecycleListener' 213 | }, 214 | { 'className' => 'org.apache.catalina.startup.UserConfig', 215 | 'directoryName' => 'public_html' 216 | } 217 | ] 218 | } 219 | ``` 220 | 221 | Customize Host 222 | 223 | ```puppet 224 | class { 'tomcat': 225 | … 226 | host_autodeploy => false, 227 | host_deployonstartup => false, 228 | host_unpackwars => true, 229 | host_params => { createDirs => true }, 230 | contexts => [{ path => '', docBase => '/home/app', crossContext => true }] 231 | } 232 | ``` 233 | 234 | or for more complex setup 235 | ```puppet 236 | class { 'tomcat': 237 | … 238 | hosts => [ 239 | { 240 | name => 'www.example.org', 241 | deployonstartup => false, 242 | unpackwars => true, 243 | createDirs => true, 244 | contexts => [{ path => '', docBase => '/home/app', crossContext => true }], 245 | valves => [{ className => 'org.apache.catalina.valves.AccessLogValve', directory => 'logs', prefix => 'app_access_log', suffix => '.txt', pattern => '%h %l %u %t "%r" %s %b'}] 246 | }, 247 | { 248 | name => 'cas.example.org', 249 | deployonstartup => false, 250 | unpackwars => true, 251 | createDirs => true, 252 | contexts => [{ path => '', docBase => '/home/cas', crossContext => true }], 253 | valves => [{ className => 'org.apache.catalina.valves.AccessLogValve', directory => 'logs', prefix => 'cas_access_log', suffix => '.txt', pattern => '%h %l %u %t "%r" %s %b'}] 254 | } 255 | ] 256 | 257 | } 258 | ``` 259 | 260 | Enable the remote [JMX listener](http://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html#JMX_Remote_Lifecycle_Listener_-_org.apache.catalina.mbeans.JmxRemoteLifecycleListener) and remote JVM monitoring 261 | 262 | ```puppet 263 | class { 'tomcat': 264 | … 265 | jmx_listener => true, 266 | jmx_registry_port => '8050', 267 | jmx_server_port => '8051', 268 | jmx_bind_address => $ipaddress_eth0, 269 | catalina_opts => [ '-Dcom.sun.management.jmxremote', 270 | '-Dcom.sun.management.jmxremote.ssl=false', 271 | '-Dcom.sun.management.jmxremote.authenticate=false' ] 272 | } 273 | ``` 274 | 275 | Configure custom Realms 276 | 277 | ```puppet 278 | class { 'tomcat': 279 | … 280 | realms => [ 281 | { 'className' => 'org.apache.catalina.realm.MemoryRealm', 282 | 'pathname' => 'conf/myUsersDb.xml' 283 | }, 284 | { 'className' => 'org.apache.catalina.realm.DataSourceRealm', 285 | 'dataSourceName' => 'jdbc/myDataSource', 286 | 'credentialhandler' => { 287 | 'className' => 'org.apache.catalina.realm.MessageDigestCredentialHandler', 288 | 'algorithm' => 'md5' 289 | } 290 | } 291 | ] 292 | } 293 | ``` 294 | 295 | Configure main context.xml 296 | 297 | ```puppet 298 | class { 'tomcat': 299 | … 300 | context_params => { 'docBase' => 'myapproot', 'useHttpOnly' => false }, 301 | context_manager => { 'maxActiveSessions' => 1000 }, 302 | context_resourcelinks => [ 303 | { 'name' => 'linkToGlobalResource', 304 | 'global' => 'simpleValue', 305 | 'type' => 'java.lang.Integer' 306 | }, 307 | { 'name' => 'appDataSource', 308 | 'global' => 'sharedDataSource', 309 | 'type' => 'javax.sql.DataSource' 310 | } 311 | ] 312 | } 313 | ``` 314 | 315 | Configure default servlet (web.xml) 316 | 317 | ```puppet 318 | class { 'tomcat': 319 | … 320 | default_servlet_listings => true, 321 | default_servlet_gzip => true, 322 | default_servlet_params => { 'sendfileSize' => 64 } 323 | } 324 | ``` 325 | 326 | Configure security constraints (web.xml) 327 | 328 | ```puppet 329 | class { 'tomcat': 330 | … 331 | security_constraints => [ 332 | { 'display-name' => 'Security constraint 1', 333 | 'auth-constraint' => { 'role-name' => ['admin', 'authenticated'] }, 334 | 'web-resource-collection' => { 'web-resource-name' => 'My sample web resource', 335 | 'url-pattern' => ['/example', '*.gif'], 336 | 'http-method' => ['GET', 'POST'] } 337 | }, 338 | { 'display-name' => 'Security constraint 2', 339 | 'user-data-constraint' => { 'transport-guarantee' => 'CONFIDENTIAL', 340 | 'web-resource-collection' => { 'url-pattern' => ['/protected/*'], 341 | 'http-method-omission' => ['DELETE', 'PUT'] } 342 | } 343 | ] 344 | } 345 | ``` 346 | 347 | Add an additional admin for the manager using a defined type 348 | 349 | ```puppet 350 | tomcat::userdb_entry { 'foo': 351 | database => 'main UserDatabase', 352 | password => 'bar', 353 | roles => ['manager-gui', 'manager-script'] 354 | } 355 | ``` 356 | 357 | Add roles and users using helper parameters 358 | 359 | ```puppet 360 | class { 'tomcat': 361 | … 362 | tomcat_roles => { 363 | 'opsgroup' => {} , 364 | 'qagroup' => {} 365 | }, 366 | tomcat_users => { 367 | 'opsguy' => { 368 | password => 'qwerty', 369 | roles => [ 'opsgroup', 'admin-gui' ] 370 | }, 371 | 'qaguy' => { 372 | password => '01234', 373 | roles => [ 'qagroup', 'manager-gui' ] 374 | } 375 | } 376 | } 377 | ``` 378 | 379 | ## Usage 380 | 381 | This module distinguishes two different contexts: 382 | * **global**: default instance and global libraries 383 | * **instance**: individual tomcat instance 384 | 385 | Both contexts share most of their parameters. 386 | 387 | ### Classes and Defined Types 388 | 389 | #### Class: `tomcat` 390 | 391 | Primary class and entry point of the module 392 | 393 | **Parameters within `tomcat`:** 394 | 395 | **Packages and service** 396 | 397 | ##### `install_from` 398 | What type of source to install from. The module will download the necessary files by itself. Valid values are `package` and `archive`. Defaults to `package`. 399 | 400 | ##### `package_name` 401 | Tomcat package name. Ignored if installed from archive. Default depends on the distribution. 402 | 403 | ##### `package_ensure` 404 | Tomcat package `ensure` attribute. Valid values are `undef`, `present` and `latest`. Defaults to `undef` (falls back to [`${version}`](#version)). 405 | 406 | ##### `tomcat_native` 407 | Whether to install the Tomcat Native library. Boolean value. Defaults to `false`. 408 | 409 | ##### `tomcat_native_package_name` 410 | Tomcat Native library package name. Default depends on the distribution. 411 | 412 | ##### `extras_package_name` 413 | Package name for Tomcat extra libraries. If set, forces installation of Tomcat extra libraries from a package repository instead of Apache servers. The `ensure` attribute of the package resource will then default to the same value as [`${package_ensure}`](#package_ensure). Defaults to `undef`. 414 | 415 | ##### `admin_webapps_package_name` 416 | Admin webapps package name. Default depends on the distribution. 417 | 418 | See also [Common parameters](#common-parameters) 419 | 420 | #### Define: `tomcat::instance` 421 | 422 | Create a Tomcat instance 423 | 424 | **Parameters within `tomcat::instance`:** 425 | 426 | ##### `root_path` 427 | Absolute path to the root of all Tomcat instances. Defaults to `/var/lib/tomcats`. 428 | *Note:* instances will be installed in `${root_path}/${title}` and $CATALINA_BASE will be set to that directory 429 | 430 | See also [Common parameters](#common-parameters) 431 | 432 | #### Common parameters 433 | 434 | Parameters common to both `tomcat` and `tomcat::instance` 435 | 436 | **Packages and service** 437 | 438 | ##### `version` 439 | Tomcat full version number. The valid format is 'x.y.z[.M##][-package_suffix]'. The package `ensure` attribute will be enforced to this value if Tomcat is installed from a package repository. 440 | Must include the full package suffix on Debian variants. 441 | *Note:* multi-version only supported if installed from archive 442 | 443 | ##### `archive_source` 444 | Base path of the source of the Tomcat installation archive, if installed from archive. Supports local files, puppet://, http://, https:// and ftp://. Defaults to `${archive_mirror}/dist/tomcat/tomcat-/v/bin`. 445 | 446 | ##### `archive_filename` 447 | File name of the Tomcat installation archive, if installed from archive. Defaults to `apache-tomcat-.tar.gz`. 448 | 449 | ##### `archive_mirror` 450 | Mirror to use if installed from archive and no archive source was provided but version was. Defaults to `http://archive.apache.org`. 451 | 452 | ##### `proxy_server` 453 | URL of a proxy server used for downloading Tomcat archives 454 | 455 | ##### `proxy_type` 456 | Type of the proxy server. Valid values are `none`, `http`, `https` and `ftp`. Optional. Default determined by the scheme used in `${proxy_server}` 457 | 458 | ##### `checksum_verify` 459 | Whether to enable the checksum verification of Tomcat installation archive. Boolean value. Defaults to `false`. 460 | 461 | ##### `checksum_type` 462 | Checksum type. Valid values are `none`, `md5`, `sha1`, `sha2`, `sh256`, `sha384` and `sha512`. Defaults to `none`. 463 | 464 | ##### `checksum` 465 | Checksum to test against. Defaults to `undef`. 466 | 467 | ##### `service_name` 468 | Tomcat service name. Defaults to [`${package_name}`](#package_name) (global) / `${package_name}_${title}` (instance). 469 | 470 | ##### `service_ensure` 471 | Whether the service should be running. Valid values are `stopped` and `running`. Defaults to `running`. 472 | 473 | ##### `service_enable` 474 | Whether to enable the Tomcat service. Boolean value. Defaults to `true`. 475 | 476 | ##### `restart_on_change` 477 | Whether to restart Tomcat service after configuration change. Boolean value. Defaults to `true`. 478 | 479 | ##### `systemd_service_type` 480 | The value for the systemd service type if applicable. Defaults to 'simple' for install_from = package, 'forking' for install_from = archive. 481 | 482 | ##### `force_init` 483 | Whether to force the generation of a generic init script/unit for the tomcat service. Useful for custom OS packages which do not include any. Defaults to `false`. 484 | 485 | ##### `service_start` 486 | Optional override command for starting the service. Default depends on the platform. 487 | 488 | ##### `service_stop` 489 | Optional override command for stopping the service. Default depends on the platform. 490 | 491 | ##### `tomcat_user` 492 | Tomcat user. Defaults to [`${service_name}`](#service_name) (Debian) / `tomcat` (all other distributions). 493 | 494 | ##### `tomcat_user_id` 495 | Tomcat user id. Defaults to undef, will be generated at user creation. 496 | 497 | ##### `tomcat_group` 498 | Tomcat group. Defaults to [`${tomcat_user}`](#tomcat_user). 499 | 500 | ##### `tomcat_group_id` 501 | Tomcat group id. Defaults to undef, will be generated at group creation. 502 | 503 | ##### `file_mode` 504 | File mode for certain configuration xml files. Defaults to '0600'. 505 | 506 | ##### `extras_enable` 507 | Whether to install Tomcat extra libraries. Boolean value. Defaults to `false`. 508 | *Warning:* extra libraries are enabled globally if defined within the global context 509 | 510 | ##### `extras_source` 511 | Base path of the source of the Tomcat extra libraries. Supports local files, puppet://, http://, https:// and ftp://. Defaults to `${archive_mirror}/dist/tomcat/tomcat-/v/bin/extras`. 512 | 513 | ##### `manage_firewall` 514 | Whether to automatically manage firewall rules. Boolean value. Defaults to `false`. 515 | 516 | **Security and administration** 517 | 518 | ##### `admin_webapps` 519 | Whether to enable admin webapps (manager/host-manager). This will also install the required packages if Tomcat was installed from package. This parameter is ignored if Tomcat was installed from archive, since Tomcat archives always contain these apps. Boolean value. Defaults to `true`. 520 | 521 | ##### `create_default_admin` 522 | Whether to create default admin user (roles: 'manager-gui', 'manager-script', 'admin-gui' and 'admin-script'). Boolean value. Defaults to `false`. 523 | 524 | ##### `admin_user` 525 | Admin user name. Defaults to `tomcatadmin`. 526 | 527 | ##### `admin_password` 528 | Admin user password. Defaults to `password`. 529 | 530 | ##### `tomcat_users` 531 | Optional hash containing UserDatabase user entries. See [tomcat::userdb_entry](#define-tomcatuserdb_entry). Defaults to an empty hash. 532 | 533 | ##### `tomcat_roles` 534 | Optional hash containing UserDatabase role entries. See [tomcat::userdb_role_entry](#define-tomcatuserdb_role_entry). Defaults to an empty hash. 535 | 536 | **Server configuration** 537 | 538 | ##### `server_control_port` 539 | Server control port. Defaults to `8005` (global) / `8006` (instance). The [Server](https://tomcat.apache.org/tomcat-9.0-doc/config/server.html) can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 540 | - `server_shutdown`: command string that must be received in order to shut down Tomcat. Defaults to `SHUTDOWN`. 541 | - `server_address`: address on which this server waits for a shutdown command 542 | - `server_params`: optional hash of additional attributes/values to put in the Server element 543 | 544 | ##### `jrememleak_attrs` 545 | Optional hash of attributes for the [JRE Memory Leak Prevention Listener](http://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html#JRE_Memory_Leak_Prevention_Listener_-_org.apache.catalina.core.JreMemoryLeakPreventionListener). Defaults to an empty hash. 546 | 547 | ##### `versionlogger_listener` 548 | Whether to enable the [Version Logging Lifecycle Listener](https://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html#Version_Logging_Lifecycle_Listener_-_org.apache.catalina.startup.VersionLoggerListener). The Listener can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 549 | - `versionlogger_logargs`: log command line arguments 550 | - `versionlogger_logenv`: log current environment variables 551 | - `versionlogger_logprops`: log current Java system properties 552 | 553 | ##### `apr_listener` 554 | Whether to enable the [APR Lifecycle Listener](http://tomcat.apache.org/tomcat-9.0-doc/apr.html#APR_Lifecycle_Listener_Configuration). The Listener can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 555 | - `apr_sslengine`: name of the SSLEngine to use with the APR Lifecycle Listener 556 | 557 | ##### `jmx_listener` 558 | Whether to enable the [JMX Remote Lifecycle Listener](http://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html#JMX_Remote_Lifecycle_Listener_-_org.apache.catalina.mbeans.JmxRemoteLifecycleListener). The listener can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 559 | - `jmx_registry_port`: JMX/RMI registry port for the JMX Remote Lifecycle Listener. Defaults to `8050` (global) / `8052` (instance). 560 | - `jmx_server_port`: JMX/RMI server port for the JMX Remote Lifecycle Listener. Defaults to `8051` (global) / `8053` (instance). 561 | - `jmx_bind_address`: JMX/RMI server interface address for the JMX Remote Lifecycle Listener 562 | - `jmx_uselocalports`: force usage of local ports to connect to the the JMX/RMI server 563 | 564 | ##### `listeners` 565 | An array of custom `Listener` entries to be added to the `Server` block. Each entry is to be supplied as a hash of attributes/values for the `Listener` XML node. See [Listeners](http://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html) for the list of possible attributes. 566 | 567 | ##### `svc_name` 568 | Name of the default [Service](http://tomcat.apache.org/tomcat-9.0-doc/config/service.html). Defaults to `Catalina`. The Service can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 569 | - `svc_params`: optional hash of additional attributes/values to put in the Service element 570 | 571 | ##### `threadpool_executor` 572 | Whether to enable the default [Executor (thread pool)](http://tomcat.apache.org/tomcat-9.0-doc/config/executor.html). Boolean value. Defaults to `false`. The Executor can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 573 | - `threadpool_name`: a unique reference name. Defaults to `tomcatThreadPool`. 574 | - `threadpool_nameprefix`: name prefix for each thread created by the executor 575 | - `threadpool_maxthreads`: max number of active threads in this pool 576 | - `threadpool_minsparethreads`: minimum number of threads always kept alive 577 | - `threadpool_params`: optional hash of additional attributes/values to put in the Executor 578 | 579 | ##### `executors` 580 | An array of custom `Executor` entries to be added to the `Service` block. Each entry is to be supplied as a hash of attributes/values for the `Executor` XML node. See [Executor](http://tomcat.apache.org/tomcat-9.0-doc/config/executor.html) for the list of possible attributes. 581 | 582 | ##### `http_connector` 583 | Whether to enable the [HTTP connector](http://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Boolean value. Defaults to `true`. The Connector can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 584 | - `http_port`: HTTP connector port. Defaults to `8080` (global) / `8081` (instance). 585 | - `http_protocol`: protocol to use 586 | - `http_use_threadpool`: whether to use the default Executor within the HTTP connector. Defaults to `false`. 587 | - `http_connectiontimeout`: timeout for a connection 588 | - `http_uriencoding`: encoding to use for URI 589 | - `http_compression`: whether to use compression. Defaults to `false`. 590 | - `http_maxthreads`: maximum number of executor threads 591 | - `http_params`: optional hash of additional attributes/values to put in the HTTP connector 592 | 593 | ##### `ssl_connector` 594 | Whether to enable the [SSL-enabled HTTP connector](http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support). Boolean value. Defaults to `false`. The Connector can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 595 | - `ssl_port`: SSL connector port. Defaults to `8443` (global) / `8444` (instance). The HTTP connector's `redirect port` will also be set to this value. 596 | - `ssl_protocol`: protocol to use 597 | - `ssl_use_threadpool`: whether to use the default Executor within the HTTPS connector 598 | - `ssl_connectiontimeout`: timeout for a connection 599 | - `ssl_uriencoding`: encoding to use for URI 600 | - `ssl_compression`: whether to use compression. Defaults to `false`. 601 | - `ssl_maxthreads`: maximum number of executor threads 602 | - `ssl_clientauth`: whether to require a valid certificate chain from the client 603 | - `ssl_sslenabledprotocols`: SSL protocol(s) to use (explicitly by version) 604 | - `ssl_sslprotocol`: SSL protocol(s) to use (a single value may enable multiple protocols and versions) 605 | - `ssl_keystorefile`: path to keystore file 606 | - `ssl_params`: optional hash of additional attributes/values to put in the HTTPS connector 607 | 608 | ##### `ajp_connector` 609 | Whether to enable the [AJP connector](http://tomcat.apache.org/tomcat-9.0-doc/config/ajp). Boolean value. Defaults to `true`. The Connector can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 610 | - `ajp_port`: AJP connector port. Defaults to `8009` (global) / `8010` (instance). 611 | - `ajp_protocol`: protocol to use. Defaults to `AJP/1.3`. 612 | - `ajp_use_threadpool`: whether to use the default Executor within the AJP connector. Defaults to `false`. 613 | - `ajp_connectiontimeout`: timeout for a connection 614 | - `ajp_uriencoding`: encoding to use for URI 615 | - `ajp_maxthreads`: maximum number of executor threads 616 | - `ajp_params`: optional hash of additional attributes/values to put in the AJP connector 617 | 618 | ##### `connectors` 619 | An array of custom `Connector` entries to be added to the `Service` block. Each entry is to be supplied as a hash of attributes/values for the `Connector` XML node. See [HTTP](http://tomcat.apache.org/tomcat-9.0-doc/config/http.html)/[AJP](http://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html) for the list of possible attributes. 620 | Additionally, the following attributes are treated differently and used to configure nested elements: 621 | - `upgradeprotocol`: [HTTP Upgrade Protocol element](https://tomcat.apache.org/tomcat-9.0-doc/config/http2.html). Hash parameter 622 | - `sslhostconfigs`: [SSLHostConfig element(s)](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_SSLHostConfig). Array of Hashs parameter 623 | - `certificates`: [Certificate element(s)](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_Certificate). Array of Hashs parameter 624 | 625 | ##### `engine_name` 626 | Name of the default [Engine](http://tomcat.apache.org/tomcat-9.0-doc/config/engine.html). Defaults to `Catalina`. The Engine can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 627 | - `engine_defaulthost`: default host name. Defaults to [`${host_name}`](#host_name). 628 | - `engine_jvmroute`: identifier which must be used in load balancing scenarios to enable session affinity 629 | - `engine_params`: optional hash of additional attributes/values to put in the Engine container 630 | 631 | ##### `combined_realm` 632 | Whether to enable the [Combined Realm](http://tomcat.apache.org/tomcat-9.0-doc/config/realm.html#Combined_Realm_-_org.apache.catalina.realm.CombinedRealm). Boolean value. Defaults to `false`. 633 | 634 | ##### `lockout_realm` 635 | Whether to enable the [LockOut Realm](http://tomcat.apache.org/tomcat-9.0-doc/config/realm.html#LockOut_Realm_-_org.apache.catalina.realm.LockOutRealm). Boolean value. Defaults to `true`. 636 | 637 | ##### `userdatabase_realm` 638 | Whether to enable the [UserDatabase Realm](http://tomcat.apache.org/tomcat-9.0-doc/config/realm.html#UserDatabase_Realm_-_org.apache.catalina.realm.UserDatabaseRealm). 639 | Boolean value. Defaults to `true`. The User Database Realm is inserted within the Lock Out Realm if it is enabled. 640 | 641 | ##### `realms` 642 | An array of custom `Realm` entries to be added to the `Engine` container. Each entry is to be supplied as a hash of attributes/values for the `Realm` XML node. See [Realm](http://tomcat.apache.org/tomcat-9.0-doc/config/realm.html) for the list of possible attributes. 643 | Additionally, the following attributes are treated differently and used to configure nested elements: 644 | - `credentialhandler`: [CredentialHandler Component](https://tomcat.apache.org/tomcat-9.0-doc/config/credentialhandler.html). Hash parameter 645 | 646 | ##### `host_name` 647 | Name of the default [Host](http://tomcat.apache.org/tomcat-9.0-doc/config/host.html). Defaults to `localhost`. The Host can be further configured via a series of parameters (will use Tomcat's defaults when not specified): 648 | - `host_appbase`: Application Base directory for this virtual host 649 | - `host_autodeploy`: whether Tomcat should check periodically for new or updated web applications while Tomcat is running 650 | - `host_deployonstartup`: whether web applications from this host should be automatically deployed when Tomcat starts 651 | - `host_undeployoldversions`: whether to clean unused versions of web applications deployed using parallel deployment 652 | - `host_unpackwars`: whether to unpack web application archive (WAR) files 653 | - `host_params`: optional hash of additional attributes/values to put in the Host container 654 | 655 | ##### `hosts` 656 | An array of `Host` entries. Use this if you need more complex setup. You can nest valves and contexts with their parameters. 657 | See [Host](http://tomcat.apache.org/tomcat-9.0-doc/config/host.html) for the list of possible attributes. 658 | 659 | ##### `contexts` 660 | An array of custom `Context` entries to be added to the `Host` container. Each entry is to be supplied as a hash of attributes/values for the `Context` XML node. See [Context](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html) for the list of possible attributes. 661 | 662 | ##### `singlesignon_valve` 663 | Whether to enable the [Single Sign On Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Single_Sign_On_Valve). Boolean value. Defaults to `false`. 664 | 665 | ##### `accesslog_valve` 666 | Whether to enable the [Access Log Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Log_Valve). Boolean value. Defaults to `true`. 667 | 668 | ##### `accesslog_valve_pattern` 669 | Pattern to use for the [Access Log Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Log_Valve). 670 | 671 | ##### `valves` 672 | An array of custom `Valve` entries to be added to the `Host` container. Each entry is to be supplied as a hash of attributes/values for the `Valve` XML node. See [Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) for the list of possible attributes. 673 | 674 | ##### `engine_valves` 675 | An array of custom `Valve` entries to be added to the `Engine` container. Each entry is to be supplied as a hash of attributes/values for the `Valve` XML node. See [Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) for the list of possible attributes. 676 | 677 | ##### `globalnaming_environments` 678 | An array of `Environment` entries to be added to the `GlobalNamingResources` component. Each entry is to be supplied as a hash of attributes/values for the `Environment` XML node. See [Global Resources](http://tomcat.apache.org/tomcat-9.0-doc/config/globalresources.html#Environment_Entries) for the list of possible attributes. 679 | 680 | ##### `globalnaming_resources` 681 | An array of `Resource` entries to be added to the `GlobalNamingResources` component. Each entry is to be supplied as a hash of attributes/values for the `Resource` XML node. See [Global Resources](http://tomcat.apache.org/tomcat-9.0-doc/config/globalresources.html#Resource_Definitions) for the list of possible attributes. 682 | 683 | **Context configuration** 684 | 685 | ##### `context_params`, `context_cookieprocessor`, `context_loader`, `context_manager`, `context_realm`, `context_resources`, `context_watchedresource`, `context_parameters`, `context_environments`, `context_listeners`, `context_valves`, `context_resourcedefs`, `context_resourcelinks` 686 | See [tomcat::context](#define-tomcatcontext) defined type. 687 | 688 | **Servlets configuration** 689 | 690 | ##### `default_servlet_*` 691 | initParameters for the `default` servlet. Generate a single hash for the [`${default_servlet_params}`](#default_servlet_params) parameter of the [tomcat::web](#define-tomcatweb) defined type (will use Tomcat's defaults when not specified) 692 | - `default_servlet_debug`: debugging level. Defaults to `0`. 693 | - `default_servlet_listings`: whether directory listing is shown if no welcome file is present. Defaults to `false`. 694 | - `default_servlet_gzip`: whether to serve gzipped files if the user agent supports gzip 695 | - `default_servlet_input`: input buffer size in bytes when reading resources to be served 696 | - `default_servlet_output`: output buffer size in bytes when writing resources to be served 697 | - `default_servlet_readonly`: whether to reject PUT and DELETE commands (http) 698 | - `default_servlet_fileencoding`: file encoding used for reading static resources 699 | - `default_servlet_showserverinfo`: whether to present server information in response sent to clients 700 | - `default_servlet_params`: optional hash of additional attributes/values to configure the `default` servlet 701 | 702 | ##### `jsp_servlet_*` 703 | initParameters for the `jsp` servlet. Generate a single hash for the [`${jsp_servlet_params}`](#jsp_servlet_params) parameter of the [tomcat::web](#define-tomcatweb) defined type (will use Tomcat's defaults when not specified) 704 | - `jsp_servlet_checkinterval`: time in seconds between checks to see if a JSP page needs to be recompiled 705 | - `jsp_servlet_development`: whether to use Jasper in development mode 706 | - `jsp_servlet_enablepooling`: whether to enable tag handler pooling 707 | - `jsp_servlet_fork`: whether to perform JSP page compiles in a separate JVM from Tomcat. Defaults to `false`. 708 | - `jsp_servlet_genstringaschararray`: whether to generate text strings as char arrays 709 | - `jsp_servlet_javaencoding`: Java file encoding to use for generating java source files 710 | - `jsp_servlet_modificationtestinterval`: interval in seconds to check a JSP for modification 711 | - `jsp_servlet_trimspaces`: whether to trim white spaces in template text between actions or directives 712 | - `jsp_servlet_xpoweredby`: whether X-Powered-By response header is added by servlet. Defaults to `false`. 713 | - `jsp_servlet_params`: optional hash of additional attributes/values to configure the `jsp` servlet 714 | 715 | ##### `default_servletmapping_urlpatterns`, `jsp_servletmapping_urlpatterns`, `sessionconfig_sessiontimeout`, `sessionconfig_trackingmode`, `welcome_file_list`, `security_constraints` 716 | See [tomcat::web](#define-tomcatweb) defined type. 717 | 718 | **Global configuration file / environment variables** 719 | 720 | ##### `config_path` 721 | Absolute path to the environment configuration (*setenv*). Default depends on the platform. 722 | 723 | See [catalina.sh](http://svn.apache.org/repos/asf/tomcat/tc9.0.x/trunk/bin/catalina.sh) for a description of the following environment variables. 724 | 725 | ##### `catalina_home` 726 | $CATALINA_HOME. Default depends on the platform. 727 | 728 | ##### `catalina_base` 729 | $CATALINA_BASE. Default depends on the platform. 730 | 731 | ##### `jasper_home` 732 | $JASPER_HOME. Defaults to `catalina_home`. 733 | 734 | ##### `catalina_tmpdir` 735 | $CATALINA_TMPDIR. Defaults to `${catalina_base}/temp`. 736 | 737 | ##### `catalina_pid` 738 | $CATALINA_PID. Defaults to: `/var/run/${service_name}.pid`. 739 | 740 | ##### `catalina_opts` 741 | $CATALINA_OPTS. Array. Defaults to `[]`. 742 | 743 | ##### `java_home` 744 | $JAVA_HOME. Defaults to `undef` (use Tomcat default). 745 | 746 | ##### `java_opts` 747 | $JAVA_OPTS. Array. Defaults to `['-server']`. 748 | 749 | ##### `jpda_enable` 750 | Enable JPDA debugger. Boolean value. Effective only if installed from archive. Defaults to `false`. 751 | 752 | ##### `jpda_transport` 753 | $JPDA_TRANSPORT. Defaults to `undef` (use Tomcat default). 754 | 755 | ##### `jpda_address` 756 | $JPDA_ADDRESS. Defaults to `undef` (use Tomcat default). 757 | 758 | ##### `jpda_suspend` 759 | $JPDA_SUSPEND. Defaults to `undef` (use Tomcat default). 760 | 761 | ##### `jpda_opts` 762 | $JPDA_OPTS. Array. Defaults to `[]`. 763 | 764 | ##### `security_manager` 765 | Whether to enable the [Security Manager](https://tomcat.apache.org/tomcat-9.0-doc/security-manager-howto.html). Boolean value. Defaults to `false`. 766 | 767 | ##### `lang` 768 | Tomcat locale. Defaults to `undef` (use Tomcat default). 769 | 770 | ##### `shutdown_wait` 771 | How long to wait for a graceful shutdown before killing the process. Value in seconds. Only available on RedHat 6 systems if installed from package. Defaults to `30`. 772 | 773 | ##### `shutdown_verbose` 774 | Whether to display start/shutdown messages. Boolean value. Only available on RedHat 6 systems if installed from package. Defaults to `false`. 775 | 776 | ##### `custom_variables` 777 | Hash of custom environment variables. 778 | 779 | **Logging** 780 | 781 | ##### `log_path` 782 | Absolute path to the log directory. Defaults to `/var/log/${service_name}`. 783 | 784 | ##### `log_folder_mode` 785 | Mode for log folder, in case of archive install. Defaults to '0660'. 786 | 787 | #### Define: `tomcat::userdb_entry` 788 | 789 | Create Tomcat UserDatabase user entries. For creating a `tomcat::userdb_entry` using Hiera, see parameter `tomcat_users`. 790 | 791 | **Parameters within `tomcat::userdb_entry`:** 792 | 793 | ##### `database` 794 | Which database file the entry should be added to. `main UserDatabase` (global) / `instance ${title} UserDatabase` (instance) 795 | 796 | ##### `username` 797 | User name (string). Namevar. 798 | 799 | ##### `password` 800 | User password (string) 801 | 802 | ##### `roles` 803 | User roles (array) 804 | 805 | #### Define: `tomcat::userdb_role_entry` 806 | 807 | Create Tomcat UserDatabase role entries. For creating a `tomcat::userdb_role_entry` using Hiera, see parameter `tomcat_roles`. 808 | 809 | **Parameters within `tomcat::userdb_role_entry`:** 810 | 811 | ##### `database` 812 | Which database file the entry should be added to. `main UserDatabase` (global) / `instance ${title} UserDatabase` (instance) 813 | 814 | ##### `rolename` 815 | Role name (string). Namevar. 816 | 817 | #### Define: `tomcat::context` 818 | 819 | Create Tomcat context files 820 | 821 | **Parameters within `tomcat::context`:** 822 | 823 | ##### `path` 824 | Absolute path indicating where the context file should be created. Mandatory. Does not create parent directories. 825 | 826 | ##### `owner` 827 | File owner. Defaults to [`${tomcat_user}`](#tomcat_user). 828 | 829 | ##### `group` 830 | File group. Defaults to [`${tomcat_group}`](#tomcat_group). 831 | 832 | ##### `file_mode` 833 | File mode. Defaults to [`${file_mode}`](#file_mode). 834 | 835 | ##### `params` 836 | A hash of attributes/values for the `Context` container. See [Context](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Attributes) for the list of possible attributes. 837 | 838 | ##### `cookieprocessor` 839 | A hash of attributes/values for the `CookieProcessor` nested component. See [CookieProcessor](https://tomcat.apache.org/tomcat-9.0-doc/config/cookie-processor.html) for the list of possible attributes. 840 | 841 | ##### `loader` 842 | A hash of attributes/values for the `Loader` nested component. See [Loader](http://tomcat.apache.org/tomcat-9.0-doc/config/loader.html) for the list of possible attributes. 843 | 844 | ##### `manager` 845 | A hash of attributes/values for the `Manager` nested component. See [Manager](http://tomcat.apache.org/tomcat-9.0-doc/config/manager.html) for the list of possible attributes. 846 | 847 | ##### `realm` 848 | A hash of attributes/values for the `Realm` nested component. See [Realm](http://tomcat.apache.org/tomcat-9.0-doc/config/realm.html) for the list of possible attributes. 849 | Additionally, the following attributes are treated differently and used to configure nested elements: 850 | - `credentialhandler`: [CredentialHandler Component](https://tomcat.apache.org/tomcat-9.0-doc/config/credentialhandler.html). Hash parameter 851 | 852 | ##### `resources` 853 | A hash of attributes/values for the `Resources` nested component. See [Resources](http://tomcat.apache.org/tomcat-9.0-doc/config/resources.html) for the list of possible attributes. 854 | 855 | ##### `watchedresource` 856 | An array of `WatchedResource` entries to be added to the `Context` container. Each entry is to be supplied as a string. Defaults to `['WEB-INF/web.xml','${catalina.base}/conf/web.xml']`. 857 | 858 | ##### `parameters` 859 | An array of `Parameter` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `Parameter` XML node. See [Context Parameters](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Context_Parameters) for the list of possible attributes. 860 | 861 | ##### `environments` 862 | An array of `Environment` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `Environment` XML node. See [Environment Entries](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Environment_Entries) for the list of possible attributes. 863 | 864 | ##### `listeners` 865 | An array of `Listener` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `Listener` XML node. See [Lifecycle Listeners](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Lifecycle_Listeners) for the list of possible attributes. 866 | 867 | ##### `valves` 868 | An array of `Valve` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `Valve` XML node. See [Valve](http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html) for the list of possible attributes. 869 | 870 | ##### `resourcedefs` 871 | An array of `Resource` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `Resource` XML node. See [Resource Definitions](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Resource_Definitions) for the list of possible attributes. 872 | 873 | ##### `resourcelinks` 874 | An array of `ResourceLink` entries to be added to the `Context` container. Each entry is to be supplied as a hash of attributes/values for the `ResourceLink` XML node. See [Resource Links](http://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Resource_Links) for the list of possible attributes. 875 | 876 | #### Define: `tomcat::web` 877 | 878 | Create Tomcat web.xml files 879 | 880 | **Parameters within `tomcat::web`:** 881 | 882 | ##### `path` 883 | Absolute path indicating where the web.xml file should be created. Mandatory. Does not create parent directories. 884 | 885 | ##### `owner` 886 | File owner. Defaults to [`${tomcat_user}`](#tomcat_user). 887 | 888 | ##### `group` 889 | File group. Defaults to [`${tomcat_group}`](#tomcat_group). 890 | 891 | ##### `file_mode` 892 | File mode. Defaults to [`${file_mode}`](#file_mode). 893 | 894 | ##### `default_servlet_params` 895 | A hash of properties/values for the `default` servlet. See [Default Servlet](http://tomcat.apache.org/tomcat-9.0-doc/default-servlet.html) for the list of possible initParameters. 896 | 897 | ##### `jsp_servlet_params` 898 | A hash of properties/values for the `jsp` servlet. See [Jasper 2 JSP Engine](https://tomcat.apache.org/tomcat-9.0-doc/jasper-howto.html) for the list of possible initParameters. 899 | 900 | ##### `default_servletmapping_urlpatterns` 901 | List of request URI mapped to the `default` servlet. Defaults to `['/']`. 902 | 903 | ##### `jsp_servletmapping_urlpatterns` 904 | List of request URI mapped to the `jsp` servlet. Defaults to `['*.jsp', '*.jspx']`. 905 | 906 | ##### `sessionconfig_sessiontimeout` 907 | Default session timeout for applications, in minutes. Defaults to `30`. See [SessionConfig](https://tomcat.apache.org/tomcat-9.0-doc/api/org/apache/tomcat/util/descriptor/web/SessionConfig.html) for details about session configuration. 908 | 909 | ##### `sessionconfig_trackingmode` 910 | Default session tracking mode for applications. See [Enum SessionTrackingMode](https://tomcat.apache.org/tomcat-9.0-doc/servletapi/javax/servlet/SessionTrackingMode.html) for a list of possible values, and [ServletContext.getEffectiveSessionTrackingModes()](https://tomcat.apache.org/tomcat-9.0-doc/servletapi/javax/servlet/ServletContext.html#getDefaultSessionTrackingModes--) for a description of the default behaviour. 911 | 912 | ##### `welcome_file_list` 913 | List of file names to look up and serve when a request URI refers to a directory. Defaults to `['index.html', 'index.htm', 'index.jsp' ]`. 914 | 915 | ##### `security_constraints` 916 | List of nested Hashs describing global [Security Constraints](https://javaee.github.io/tutorial/security-webtier002.html#specifying-security-constraints). The following keys accept an Array value: 917 | - `role-name` (child of `auth-constraint`) 918 | - `url-pattern` (child of `web-resource-collection`) 919 | - `http-method` (child of `web-resource-collection`) 920 | 921 | ## Testing 922 | 923 | The only prerequisite is to have the [Bundler](http://bundler.io/) gem installed: 924 | 925 | ```shell 926 | $ gem install bundler 927 | ``` 928 | 929 | Install gem dependencies using Bundler (related documentation page [here](http://bundler.io/bundle_install.html)): 930 | 931 | ```shell 932 | $ bundle install 933 | ``` 934 | 935 | When your environment is set up, run the spec tests inside the module directory using: 936 | 937 | ```shell 938 | $ bundle exec rake spec 939 | ``` 940 | 941 | Check the [puppetlabs_spec_helper](https://github.com/puppetlabs/puppetlabs_spec_helper) GitHub repository for more information. 942 | 943 | ## Contributors 944 | 945 | * [ETL](https://github.com/etlweather) 946 | * [Jason Hane](https://github.com/hanej) 947 | * [Josh Baird](https://github.com/joshuabaird) 948 | * [Frank Holtz](https://github.com/scitechfh) 949 | * [Vincent Kramar](https://github.com/thkrmr) 950 | * [Joshua Roys](https://github.com/roysjosh) 951 | * [Martin Zehetmayer](https://github.com/angrox) 952 | * [Rurik Ylä-Onnenvuori](https://github.com/ruriky) 953 | * [Hal Deadman](https://github.com/hdeadman) 954 | * [Hervé Martin](https://github.com/HerveMARTIN) 955 | * [Alessandro Franceschi](https://github.com/alvagante) 956 | * [Daryl Piffre](https://github.com/azryelryvel) 957 | * [ronnbcnews](https://github.com/ronnbcnews) 958 | 959 | Features request and contributions are always welcome! 960 | --------------------------------------------------------------------------------