Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

$listen_on_interface in foreman::config::passenger doesn't accept interfaces #649

Closed
bastelfreak opened this issue Jun 21, 2018 · 2 comments
Closed

$listen_on_interface in foreman::config::passenger doesn't accept interfaces #649

bastelfreak opened this issue Jun 21, 2018 · 2 comments
Labels
skip-changelog

Comments

@bastelfreak
Copy link
Member

hai everybody,

let's assume somebody did something like this in hiera;

---
foreman::config::passenger::listen_on_interface: 'etho'

from the class description:

puppet-foreman/manifests/config/passenger.pp

Lines 7 to 8 in 4a1f028

# $listen_on_interface:: Specify which interface to bind passenger to.
# Defaults to all interfaces.

So I assume an interface name is supposed to be valid. Later on we parse the name like this:

puppet-foreman/manifests/config/passenger.pp

Lines 115 to 120 in 4a1f028

# Check the value in case the interface doesn't exist, otherwise listen on all interfaces
if $listen_on_interface and $listen_on_interface in split($::interfaces, ',') {
$listen_interface = inline_template("<%= @ipaddress_${listen_on_interface} %>")
} else {
$listen_interface = undef
}

And pass it to an apache::vhost defined resource:

puppet-foreman/manifests/config/passenger.pp

Lines 141 to 145 in 4a1f028

apache::vhost { 'foreman':
add_default_charset => 'UTF-8',
docroot => $docroot,
manage_docroot => false,
ip => $listen_interface,

But from the puppetlabs-apache module:

https://github.com/puppetlabs/puppetlabs-apache/blob/1ab05064a8e93a0e8bdae73dc673b0a095d1c629/manifests/vhost.pp#L367-L370

$add_listen defaults to true and the foreman module doesn't expose a parameter to disable it. That means that the defined resource expects an IP-Address and not an interface name. Foreman throws this error message:

Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Function Call, Apache::Vhost[foreman]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this (file: /etc/puppetlabs/code/environments/production/modules/apache/manifests/vhost.pp, line: 368, column: 7) (file: /etc/puppetlabs/code/environments/production/modules/foreman/manifests/config/passenger.pp, line: 141)

My Puppet code to trigger this, without hiera:

class{'foreman':
    db_manage           => true,
    configure_epel_repo => false,
    passenger_interface => $facts['network_primary_interface'],
  }
@bastelfreak
Copy link
Member Author

okay I did some more debugging. My initial conclusion was horribly wrong here. The puppetlabs-apache module provides a default vhost. it listens on port 80 on all ip addresses / interfaces. Setting foreman::config::passenger::listen_on_interface: 'etho' sets the Listen directive only for the two foreman vhosts, but not for the default vhost. Since really nobody needs it, we can purge it with this in hiera:

---
apache::default_vhost: false

and everything is working as expected.

@ekohl
Copy link
Member

ekohl commented Jan 10, 2019

We do indeed set apache::default_vhost to false in our installer (via hiera) but we don't want to manage this in this module so it's left as a users exercise now.

#563 is open to make this more generic so I'm linking it here.

@ekohl ekohl closed this as completed Jan 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
skip-changelog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ekohl @bastelfreak