Linuxin keskitetty hallinta – Final assignment – Lighttpd (userdir enabled) and Varnish with Puppet

Lighttpd and Varnish module with Puppet (Linux)

Course homepage:

1) Introduction

This article describes a puppet module which:

  • installs lighttpd and varnish
  • enables userdir for lighttpd
  • configures lighttpd to listen to port 8080
  • configures varnish to listen to port 80

It also creates the directory /public_html and index.html inside /etc/skel, so that added users will be aware of their website capability.

2) Module structure

The module is called “lighty” and it resides in puppet/modules/lighty. It includes the following files:

  • manifests/init.pp
  • templates/lighty.erb
  • templates/main-index.erb
  • templates/user-index.erb
  • templates/varnish.erb

2.1 Module application

To apply to module, we ensure that we’re in the /puppet directory’s parent and use the following command:

sudo puppet apply --modulepath puppet/modules/ -e 'class {"lighty":}'

3) Init.pp

The manifest is fairly self-explanatory. Notes below.

class lighty {

	package { "lighttpd":
		ensure => "installed",

	package { "varnish":
		ensure => "installed",

	file { "/etc/lighttpd/lighttpd.conf":
		ensure => present,
		content => template("lighty/lighty.erb"),
		require => Package["lighttpd"],
		notify => Service["lighttpd"],

	file { "/etc/default/varnish":
		ensure => present,
		content => template("lighty/varnish.erb"),
		require => Package["varnish"],
		notify => Service["varnish"],

	service { "lighttpd":
		ensure => "running",
		require => Package["lighttpd"],

	service { "varnish":
		ensure => "running",
		require => Package["varnish"],

	file { "/etc/skel/public_html":
		ensure => directory,

	file { "/etc/skel/public_html/index.html":
		ensure => present,
		content => template("lighty/user-index.erb"),
		require => File["/etc/skel/public_html"],

	file { "/var/www/index.html":
		ensure => present,
		content => template("lighty/main-index.erb"),
		require => Package["lighttpd"],
		notify => [Service["lighttpd"], Service["varnish"]],

	exec { "userdir":
		notify => Service["lighttpd"],
		command => "/usr/sbin/lighty-enable-mod userdir",
		require => Package["lighttpd"],

First and foremost, the module ensures that lighttpd and varnish’s packages are installed, and that their services are running.

After all that is done, it copies the lighty.erb file from lighty/templates into /etc/lighttpd/lighttpd.conf. (Note: this is generally not best practice; you should work with conf.d instead) and does a similar thing with varnish’s configuration file. (Note the “require => Package[“lighttpd”]. It makes sure that lighttpd is installed before copying the file.)

The configuration files are default, except that lighttpd is set to listen to port 8080 and varnish to 80.

Also worth noting is that lighttpd’s userdir module is enabled with an exec resource. It is a viable choice in this case, since it doesn’t break anything if run multiple times. After the “/usr/sbin/lighty-enable-mod userdir” command has been executed, puppet notifies the lighttpd service which will then reload itself to reflect the changes.

4) Templates

The user-index.erb file is just a small html5 compliant webpage that says “Hi!”.

However, main-index.erb is more interesting. It looks like this:

<doctype html>
<title>Server info</title>
<p>Server info
<p>Running <%= @operatingsystem %> <%= @operatingsystemrelease %> @ <%= @hostname %> (<%= @ipaddress %>)
<p><% if has_variable?('is_virtual') then %>
<%= "This is a " %><%= virtual %><%= " machine." %>
<% end %>

It displays a brief server info page, whose content is provided by facter facts using ruby syntax. <%= @operatingsystem %> will read as “Ubuntu”, for example.

It also has a simple if then -structure. If the variable “is_virtual” exists, it prints a line whose output could say eg. “This is a virtualbox machine” or “This is a physical machine”.

The created index.html will reside in /var/www in the puppet managed system.

5) Test

When everything is in place, we can see whether the module actually does what it’s supposed to do. Let’s start by applying it. I’ve made a bash script out of the aforementioned apply command.

xubuntu@xubuntu:~$ ./ 
notice: /Stage[main]/Lighty/Package[lighttpd]/ensure: ensure changed 'purged' to 'present'
notice: /Stage[main]/Lighty/File[/var/www/index.html]/ensure: created
notice: /Stage[main]/Lighty/File[/etc/lighttpd/lighttpd.conf]/content: content changed '{md5}0ef8e76747a5f4ece7161da8e48f1d99' to '{md5}9e96d587d60683ed2efcf5e3bfc40668'
notice: /Stage[main]/Lighty/Package[varnish]/ensure: ensure changed 'purged' to 'present'
notice: /Stage[main]/Lighty/Exec[userdir]/returns: executed successfully
notice: /Stage[main]/Lighty/Service[lighttpd]: Triggered 'refresh' from 3 events
notice: /Stage[main]/Lighty/File[/etc/skel/public_html]/ensure: created
notice: /Stage[main]/Lighty/File[/etc/skel/public_html/index.html]/ensure: created
notice: /Stage[main]/Lighty/File[/etc/default/varnish]/content: content changed '{md5}189f82b61ddefb8fe0f0eb238f6ca239' to '{md5}07602a67180cdb0e7b1e9cbfdcebb961'
notice: /Stage[main]/Lighty/Service[varnish]: Triggered 'refresh' from 2 events
notice: Finished catalog run in 23.45 seconds

Looking good so far. No visible errors. We can now access localhost with a web browser and see whether it displays the main-index.erb server info page:


That one works. Next we need to test whether userdir works, and that user-index.erb gets copied properly. I’ll create a user called “kustaavaasa” and try to access localhost/~kustaavaasa:


Userdir works as well. These tests mean that the module does what it should, and can be applied without problems.

Sources used!topic/puppet-users/8-BBEmwH1bM



About a1100320

IT student, musician, gamer. Beep boop.
This entry was posted in Linuxin keskitetty hallinta ICT4TN011-3. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s