merge from dev/experimental

Change-Id: I9133bbcbad86f242f8cb232cf03f8f54be5b1b24
2014-10-20 14:20:10 -07:00 · 2014-10-20 14:20:10 -07:00 · 04a642bb4e
commit 04a642bb4e
parent 9b6bfcb921
1746 changed files with 71791 additions and 55784 deletions
--- a/chef/cookbooks/apache2/CHANGELOG.md
+++ b/chef/cookbooks/apache2/CHANGELOG.md
@ -1,5 +1,99 @@
-## v1.7.0:
+apache2 Cookbook Changelog
 ==========================
 This file is used to list changes made in each version of the apache2 cookbook.
 v1.9.6 (2014-02-28)
 -------------------
 [COOK-4391] - uncommenting the PIDFILE line
 v1.9.4 (2014-02-27)
 -------------------
 Bumping version for toolchain
 v1.9.1 (2014-02-27)
 -------------------
 [COOK-4348] Allow arbitrary params in sysconfig
 v1.9.0 (2014-02-21)
 -------------------
 ### Improvement
 - **[COOK-4076](https://tickets.opscode.com/browse/COOK-4076)** - foodcritic: dependencies are not defined properly
 - **[COOK-2572](https://tickets.opscode.com/browse/COOK-2572)** - Add mod_pagespeed recipe to apache2 
 ### Bug
 - **[COOK-4043](https://tickets.opscode.com/browse/COOK-4043)** - apache2 cookbook does not depend on 'iptables'
 - **[COOK-3919](https://tickets.opscode.com/browse/COOK-3919)** - Move the default pidfile for apache2 on Ubuntu 13.10 or greater
 - **[COOK-3863](https://tickets.opscode.com/browse/COOK-3863)** - Add recipe for mod_jk
 - **[COOK-3804](https://tickets.opscode.com/browse/COOK-3804)** - Fix incorrect datatype for apache/default_modules, use recipes option in metadata
 - **[COOK-3800](https://tickets.opscode.com/browse/COOK-3800)** - Cannot load modules that use non-standard module identifiers
 - **[COOK-1689](https://tickets.opscode.com/browse/COOK-1689)** - The perl package name should be configurable
 v1.8.14
 -------
 Version bump for toolchain sanity
 v1.8.12
 -------
 Fixing various style issues for travis
 v1.8.10
 -------
 fixing metadata version error. locking to 3.0"
 v1.8.8
 ------
 Version bump for toolchain sanity
 v1.8.6
 ------
 Locking yum dependency to '< 3'
 v1.8.4
 ------
 ### Bug
 - **[COOK-3769](https://tickets.opscode.com/browse/COOK-3769)** - Fix a critical bug where the `apache_module` could not enable modules
 v1.8.2
 ------
 ### Bug
 - **[COOK-3766](https://tickets.opscode.com/browse/COOK-3766)** - Fix an issue where the `mod_ssl` recipe fails due to a missing attribute
 v1.8.0
 ------
 ### Bug
 - **[COOK-3680](https://tickets.opscode.com/browse/COOK-3680)** - Update template paths
 - **[COOK-3570](https://tickets.opscode.com/browse/COOK-3570)** - Apache cookbook breaks on RHEL / CentOS 6
 - **[COOK-2944](https://tickets.opscode.com/browse/COOK-2944)** - Fix foodcritic failures
 - **[COOK-2893](https://tickets.opscode.com/browse/COOK-2893)** - Improve mod_auth_openid recipe with guards and idempotency
 - **[COOK-2758](https://tickets.opscode.com/browse/COOK-2758)** - Fix use of non-existent attribute
 ### New Feature
 - **[COOK-3665](https://tickets.opscode.com/browse/COOK-3665)** - Add recipe for mod_userdir
 - **[COOK-3646](https://tickets.opscode.com/browse/COOK-3646)** - Add recipe for mod_cloudflare
 - **[COOK-3213](https://tickets.opscode.com/browse/COOK-3213)** - Add recipe for mod_info
 ### Improvement
 - **[COOK-3656](https://tickets.opscode.com/browse/COOK-3656)** - Parameterize apache2 binary
 - **[COOK-3562](https://tickets.opscode.com/browse/COOK-3562)** - Allow mod_proxy settings to be configured as attributes
 - **[COOK-3326](https://tickets.opscode.com/browse/COOK-3326)** - Fix default_test to use ServerTokens attribute
 - **[COOK-2635](https://tickets.opscode.com/browse/COOK-2635)** - Add support for SVG mime types
 - **[COOK-2598](https://tickets.opscode.com/browse/COOK-2598)** - FastCGI Module only works on Debian-based platforms
 - **[COOK-1984](https://tickets.opscode.com/browse/COOK-1984)** - Add option to configure the address apache listens to
 v1.7.0
 ------
 ### Improvement
 - [COOK-3073]: make access.log location configurable per-platform
@ -11,173 +105,149 @@
 - [COOK-3184]: Add `mod_filter` recipe to Apache2-cookbook
 - [COOK-3236]: Add `mod_action` recipe to Apache2-cookbook
-## v1.6.6:
+v1.6.6
-
+------
 1.6.4 had a missed step in the automated release, long live 1.6.6.
 ### Bug
- [COOK-3018]: apache2_module does duplicate delayed restart of
+- [COOK-3018]: apache2_module does duplicate delayed restart of apache2 service when conf = true
-  apache2 service when conf = true
+- [COOK-3027]: Default site enable true, then false, does not disable default site
 - [COOK-3027]: Default site enable true, then false, does not disable
  default site
 - [COOK-3109]: fix apache lib_dir arch attribute regexp
-## v1.6.2
+v1.6.2
 ------
 - [COOK-2535] - `mod_auth_openid` requires libtool to run autogen.sh
 - [COOK-2667] - Typo in usage documentation
 - [COOK-2461] - `apache2::mod_auth_openid` fails on some ubuntu systems
 - [COOK-2720] - Apache2 minitest helper function `ran_recipe` is not portable
-* [COOK-2535] - `mod_auth_openid` requires libtool to run autogen.sh
+v1.6.0
-* [COOK-2667] - Typo in usage documentation
+------
-* [COOK-2461] - `apache2::mod_auth_openid` fails on some ubuntu systems
+- [COOK-2372] - apache2 mpm_worker: add ServerLimit attribute (default to 16)
 * [COOK-2720] - Apache2 minitest helper function `ran_recipe` is not
  portable
-## v1.6.0:
+v1.5.0
 ------
 The `mod_auth_openid` attributes are changed. The upstream maintainer deprecated the older release versions, and the source repository has releases available at specific SHA1SUM references. The new attribute, `node['apache']['mod_auth_openid']['ref']` is used to set this.
-* [COOK-2372] - apache2 mpm_worker: add ServerLimit attribute (default
+- [COOK-2198] - `apache::mod_auth_openid` compiles from source, but does not install make on debian/ubuntu
-  to 16)
+- [COOK-2224] - version conflict between cucumber and other gems
 - [COOK-2248] - `apache2::mod_php5` uses `not_if` "which php" without ensuring package 'which' is installed
 - [COOK-2269] - Set allow list for mod_status incase external monitor scripts need
 - [COOK-2276] - cookbook apache2 documentation regarding listening ports doesn't match default attributes
 - [COOK-2296] - `mod_auth_openid` doesn't have tags/releases for the version I need for features and fixes
 - [COOK-2323] - Add Oracle linux support
-## v1.5.0:
+v1.4.2
 ------
 - [COOK-1721] - fix logrotate recipe
-**NOTE** The `mod_auth_openid` attributes are changed. The upstream
+v1.4.0
-  maintainer deprecated the older release versions, and the source
+------
-  repository has releases available at specific SHA1SUM references.
+- [COOK-1456] - iptables enhancements
-  The new attribute, `node['apache']['mod_auth_openid']['ref']` is
+- [COOK-1473] - apache2 does not disable default site when setting "`default_site_enabled`" back to false
-  used to set this.
+- [COOK-1824] - the apache2 cookbook needs to specify which binary is used on rhel platform
 - [COOK-1916] - Download location wrong for apache2 `mod_auth_openid` >= 0.7
 - [COOK-1917] - Improve `mod_auth_openid` recipe to handle module upgrade more gracefully
 - [COOK-2029] - apache2 restarts on every run on RHEL and friends, generate-module-list on every run.
 - [COOK-2036] - apache2: Cookbook style
-* [COOK-2198] - `apache::mod_auth_openid` compiles from source, but
+v1.3.2
-  does not install make on debian/ubuntu
+------
-* [COOK-2224] - version conflict between cucumber and other gems
+- [COOK-1804] - fix `web_app` definition parameter so site can be disabled.
 * [COOK-2248] - `apache2::mod_php5` uses `not_if` "which php" without
  ensuring package 'which' is installed
 * [COOK-2269] - Set allow list for mod_status incase external monitor scripts need
 * [COOK-2276] - cookbook apache2 documentation regarding listening
  ports doesn't match default attributes
 * [COOK-2296] - `mod_auth_openid` doesn't have tags/releases for the
  version I need for features and fixes
 * [COOK-2323] - Add Oracle linux support
-## v1.4.2:
+v1.3.0
 ------
 - [COOK-1738] - Better configuration for `mod_include` and some overrides in `web_app` definition
 - [COOK-1470] - Change SSL Ciphers to Mitigate BEAST attack
-* [COOK-1721] - fix logrotate recipe
+v1.2.0
-
+------
-## v1.4.0:
+- [COOK-692] - delete package conf.d files in module recipes, for EL
-
+- [COOK-1693] - Foodcritic finding for unnecessary string interpolation
-* [COOK-1456] - iptables enhancements
+- [COOK-1757] - platform_family and better style / usage practices
 * [COOK-1473] - apache2 does not disable default site when setting
  "`default_site_enabled`" back to false
 * [COOK-1824] - the apache2 cookbook needs to specify which binary is
  used on rhel platform
 * [COOK-1916] - Download location wrong for apache2 `mod_auth_openid`
  >= 0.7
 * [COOK-1917] - Improve `mod_auth_openid` recipe to handle module
  upgrade more gracefully
 * [COOK-2029] - apache2 restarts on every run on RHEL and friends,
  generate-module-list on every run.
 * [COOK-2036] - apache2: Cookbook style
 ## v1.3.2:
 * [COOK-1804] - fix `web_app` definition parameter so site can be
  disabled.
 ## v1.3.0:
 * [COOK-1738] - Better configuration for `mod_include` and some
  overrides in `web_app` definition
 * [COOK-1470] - Change SSL Ciphers to Mitigate BEAST attack
 ## v1.2.0:
 * [COOK-692] - delete package conf.d files in module recipes, for EL
 * [COOK-1693] - Foodcritic finding for unnecessary string interpolation
 * [COOK-1757] - platform_family and better style / usage practices
 ## v1.1.16:
 v1.1.16
 -------
 re-releasing as .16 due to error on tag 1.1.14
-* [COOK-1466] - add `mod_auth_cas` recipe
+- [COOK-1466] - add `mod_auth_cas` recipe
-* [COOK-1609] - apache2 changes ports.conf twice per run when using
+- [COOK-1609] - apache2 changes ports.conf twice per run when using apache2::mod_ssl
  apache2::mod_ssl
-## v1.1.12:
+v1.1.12
 -------
 - [COOK-1436] - restore apache2 web_app definition
 - [COOK-1356] - allow ExtendedStatus via attribute
 - [COOK-1403] - add mod_fastcgi recipe
-* [COOK-1436] - restore apache2 web_app definition
+v1.1.10
-* [COOK-1356] - allow ExtendedStatus via attribute
+-------
-* [COOK-1403] - add mod_fastcgi recipe
+- [COOK-1315] - allow the default site to not be enabled
 - [COOK-1328] - cookbook tests (minitest, cucumber)
-## v1.1.10:
+v1.1.8
-
+------
-* [COOK-1315] - allow the default site to not be enabled
+- Some platforms with minimal installations that don't have perl won't have a `node['languages']['perl']` attribute, so remove the conditional and rely on the power of idempotence in the package resource.
-* [COOK-1328] - cookbook tests (minitest, cucumber)
+- [COOK-1214] - address foodcritic warnings
-
+- [COOK-1180] - add `mod_logio` and fix `mod_proxy`
 ## v1.1.8:
 * Some platforms with minimal installations that don't have perl won't
  have a `node['languages']['perl']` attribute, so remove the
  conditional and rely on the power of idempotence in the package
  resource.
 * [COOK-1214] - address foodcritic warnings
 * [COOK-1180] - add `mod_logio` and fix `mod_proxy`
 ## v1.1.6:
 v1.1.6
 ------
 FreeBSD users: This release requires the `freebsd` cookbook. See README.md.
-* [COOK-1025] - freebsd support in mod_php5 recipe
+- [COOK-1025] - freebsd support in mod_php5 recipe
-## v1.1.4:
+v1.1.4
 ------
 - [COOK-1100] - support amazon linux
-* [COOK-1100] - support amazon linux
+v1.1.2
 ------
 - [COOK-996] - apache2::mod_php5 can cause PHP and module API mismatches
 - [COOK-1083] - return string for v_f_p and use correct value for default
-## v1.1.2:
+v1.1.0
 ------
 - [COOK-861] - Add `mod_perl` and apreq2
 - [COOK-941] - fix `mod_auth_openid` on FreeBSD
 - [COOK-1021] - add a commented-out LoadModule directive to keep apxs happy
 - [COOK-1022] - consistency for icondir attribute
 - [COOK-1023] - fix platform test for attributes
 - [COOK-1024] - fix a2enmod script so it runs cleanly on !bash
 - [COOK-1026] - fix `error_log` location on FreeBSD
-* [COOK-996] - apache2::mod_php5 can cause PHP and module API mismatches
+v1.0.8
-* [COOK-1083] - return string for v_f_p and use correct value for
+------
-  default
+- COOK-548 - directory resource doesn't have backup parameter
-## v1.1.0:
+v1.0.6
 ------
 - COOK-915 - update to `mod_auth_openid` version 0.6, see __Recipes/mod_auth_openid__ below.
 - COOK-548 - Add support for FreeBSD.
-* [COOK-861] - Add `mod_perl` and apreq2
+v1.0.4
-* [COOK-941] - fix `mod_auth_openid` on FreeBSD
+------
-* [COOK-1021] - add a commented-out LoadModule directive to keep apxs happy
+- COOK-859 - don't hardcode module paths
 * [COOK-1022] - consistency for icondir attribute
 * [COOK-1023] - fix platform test for attributes
 * [COOK-1024] - fix a2enmod script so it runs cleanly on !bash
 * [COOK-1026] - fix `error_log` location on FreeBSD
-## v1.0.8:
+v1.0.2
 ------
 - Tickets resolved in this release: COOK-788, COOK-782, COOK-780
-* COOK-548 - directory resource doesn't have backup parameter
+v1.0.0
-
+------
-## v1.0.6:
+- Red Hat family support is greatly improved, all recipes except `god_monitor` converge.
-
+- Recipe `mod_auth_openid` now works on RHEL family distros
-* COOK-915 - update to `mod_auth_openid` version 0.6, see __Recipes/mod_auth_openid__ below.
+- Recipe `mod_php5` will now remove config from package on RHEL family so it doesn't conflict with the cookbook's.
-* COOK-548 - Add support for FreeBSD.
+- Added `php5.conf.erb` template for `mod_php5` recipe.
-
+- Create the run state directory for `mod_fcgid` to prevent a startup error on RHEL version 6.
-## v1.0.4:
+- New attribute `node['apache']['lib_dir']` to handle lib vs lib64 on RHEL family distributions.
-
+- New attribute `node['apache']['group']`.
-* COOK-859 - don't hardcode module paths
+- Scientific Linux support added.
-
+- Use a file resource instead of the generate-module-list executed perl script on RHEL family.
-## v1.0.2
+- "default" site can now be disabled.
-
+- web_app now has an "enable" parameter.
-* Tickets resolved in this release: COOK-788, COOK-782, COOK-780
+- Support for dav_fs apache module.
-
+- Tickets resolved in this release: COOK-754, COOK-753, COOK-665, COOK-624, COOK-579, COOK-519, COOK-518
-## v1.0.0
+- Fix node references in template for a2dissite
-
+- Use proper user and group attributes on files and templates.
-* Red Hat family support is greatly improved, all recipes except `god_monitor` converge.
+- Replace the anemic README.rdoc with this new and improved superpowered README.md :).
 * Recipe `mod_auth_openid` now works on RHEL family distros
 * Recipe `mod_php5` will now remove config from package on RHEL family so it doesn't conflict with the cookbook's.
 * Added `php5.conf.erb` template for `mod_php5` recipe.
 * Create the run state directory for `mod_fcgid` to prevent a startup error on RHEL version 6.
 * New attribute `node['apache']['lib_dir']` to handle lib vs lib64 on RHEL family distributions.
 * New attribute `node['apache']['group']`.
 * Scientific Linux support added.
 * Use a file resource instead of the generate-module-list executed perl script on RHEL family.
 * "default" site can now be disabled.
 * web_app now has an "enable" parameter.
 * Support for dav_fs apache module.
 * Tickets resolved in this release: COOK-754, COOK-753, COOK-665, COOK-624, COOK-579, COOK-519, COOK-518
 * Fix node references in template for a2dissite
 * Use proper user and group attributes on files and templates.
 * Replace the anemic README.rdoc with this new and improved superpowered README.md :).
--- a/chef/cookbooks/apache2/Gemfile
+++ b/chef/cookbooks/apache2/Gemfile
@ -1,10 +0,0 @@
 source "https://rubygems.org"
 gem 'cucumber', '~> 1.2.0'
 gem 'httparty', '~> 0.8.3'
 gem 'minitest', '~> 3.0.0'
 gem 'nokogiri', '~> 1.5.0'
 group :kitchen  do
  gem 'test-kitchen', '< 1.0'
 end
--- a/chef/cookbooks/apache2/README.md
+++ b/chef/cookbooks/apache2/README.md
@ -1,5 +1,7 @@
-Description
+apache2 Cookbook
-===========
+================
 [![Build Status](https://secure.travis-ci.org/opscode-cookbooks/apache2.png?branch=master)](http://travis-ci.org/opscode-cookbooks/apache2)
 This cookbook provides a complete Debian/Ubuntu style Apache HTTPD
 configuration. Non-Debian based distributions such as Red Hat/CentOS,
@ -150,6 +152,8 @@ attributes are determined based on the node's platform. See the
 attributes/default.rb file for default values in the case statement at
 the top of the file.
 * `node['apache']['package']` - Package name for Apache2
 * `node['apache']['perl_pkg']` - Package name for Perl
 * `node['apache']['dir']` - Location for the Apache configuration
 * `node['apache']['log_dir']` - Location for Apache logs
 * `node['apache']['error_log']` - Location for the default error log
@ -157,11 +161,13 @@ the top of the file.
 * `node['apache']['user']` - User Apache runs as
 * `node['apache']['group']` - Group Apache runs as
 * `node['apache']['binary']` - Apache httpd server daemon
 * `node['apache']['docroot_dir']` - Location for docroot
 * `node['apache']['cgibin_dir']` - Location for cgi-bin
 * `node['apache']['icondir']` - Location for icons
 * `node['apache']['cache_dir']` - Location for cached files used by Apache itself or recipes
 * `node['apache']['pid_file']` - Location of the PID file for Apache httpd
 * `node['apache']['lib_dir']` - Location for shared libraries
-* `node['apache']['default_site_enabled']` - Default site enabled. Defaults to true on redhat-family platforms
+* `node['apache']['default_site_enabled']` - Default site enabled. Default is false.
 * `node['apache']['ext_status']` - if true, enables ExtendedStatus for `mod_status`
 General settings
@ -170,12 +176,14 @@ General settings
 These are general settings used in recipes and templates. Default
 values are noted.
 * `node['apache']['listen_addresses']` - Addresses that httpd should listen on. Default is any ("*").
 * `node['apache']['listen_ports']` - Ports that httpd should listen on. Default is port 80.
 * `node['apache']['contact']` - Value for ServerAdmin directive. Default "ops@example.com".
 * `node['apache']['timeout']` - Value for the Timeout directive. Default is 300.
 * `node['apache']['keepalive']` - Value for the KeepAlive directive. Default is On.
 * `node['apache']['keepaliverequests']` - Value for MaxKeepAliveRequests. Default is 100.
 * `node['apache']['keepalivetimeout']` - Value for the KeepAliveTimeout directive. Default is 5.
 * `node['apache']['sysconfig_additional_params']` - Additionals variables set in sysconfig file. Default is empty.
 * `node['apache']['default_modules']` - Array of module names. Can take "mod_FOO" or "FOO" as names, where FOO is the apache module, e.g. "`mod_status`" or "`status`".
 The modules listed in `default_modules` will be included as recipes in `recipe[apache::default]`.
@ -413,13 +421,14 @@ the definition is used. See __Examples__.
 ### Parameters:
 * `name` - Name of the module enabled or disabled with the `a2enmod` or `a2dismod` scripts.
 * `identifier` - String to identify the module for the `LoadModule` directive. Not typically needed, defaults to `#{name}_module`
 * `enable` - Default true, which uses `a2enmod` to enable the module. If false, the module will be disabled with `a2dismod`.
 * `conf` - Default false. Set to true if the module has a config file, which will use `apache_conf` for the file.
 * `filename` - specify the full name of the file, e.g.
 ### Examples:
-Enable the ssl module, which also has a configuration template in `templates/default/ssl.conf.erb`.
+Enable the ssl module, which also has a configuration template in `templates/default/mods/ssl.conf.erb`.
    apache_module "ssl" do
      conf true
--- a/chef/cookbooks/apache2/attributes/default.rb
+++ b/chef/cookbooks/apache2/attributes/default.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Attributes:: apache
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,101 +17,105 @@
 # limitations under the License.
 #
-default['apache']['root_group']  = "root"
+default['apache']['root_group'] = 'root'
 # Where the various parts of apache are
-case platform
+case node['platform']
-when "redhat", "centos", "scientific", "fedora", "suse", "amazon", "oracle"
+when 'redhat', 'centos', 'scientific', 'fedora', 'suse', 'amazon', 'oracle'
-  default['apache']['package'] = "httpd"
+  default['apache']['package']     = 'httpd'
-  default['apache']['dir']     = "/etc/httpd"
+  default['apache']['perl_pkg']    = 'perl'
-  default['apache']['log_dir'] = "/var/log/httpd"
+  default['apache']['dir']         = '/etc/httpd'
-  default['apache']['error_log'] = "error.log"
+  default['apache']['log_dir']     = '/var/log/httpd'
-  default['apache']['access_log'] = "access.log"
+  default['apache']['error_log']   = 'error.log'
-  default['apache']['user']    = "apache"
+  default['apache']['access_log']  = 'access.log'
-  default['apache']['group']   = "apache"
+  default['apache']['user']        = 'apache'
-  default['apache']['binary']  = "/usr/sbin/httpd"
+  default['apache']['group']       = 'apache'
-  default['apache']['docroot_dir'] = "/var/www/html"
+  default['apache']['binary']      = '/usr/sbin/httpd'
-  default['apache']['cgibin_dir'] = "/var/www/cgi-bin"
+  default['apache']['docroot_dir'] = '/var/www/html'
-  default['apache']['icondir'] = "/var/www/icons"
+  default['apache']['cgibin_dir']  = '/var/www/cgi-bin'
-  default['apache']['cache_dir'] = "/var/cache/httpd"
+  default['apache']['icondir']     = '/var/www/icons'
-  if node['platform_version'].to_f >= 6 then
+  default['apache']['cache_dir']   = '/var/cache/httpd'
-    default['apache']['pid_file'] = "/var/run/httpd/httpd.pid"
+  default['apache']['pid_file']    = if node['platform_version'].to_f >= 6
                                       '/var/run/httpd/httpd.pid'
                                     else
-    default['apache']['pid_file'] = "/var/run/httpd.pid"
+                                       '/var/run/httpd.pid'
                                     end
-  default['apache']['lib_dir'] = node['kernel']['machine'] =~ /^i[36]86$/ ? "/usr/lib/httpd" : "/usr/lib64/httpd"
+  default['apache']['lib_dir']     = node['kernel']['machine'] =~ /^i[36]86$/ ? '/usr/lib/httpd' : '/usr/lib64/httpd'
  default['apache']['libexecdir']  = "#{node['apache']['lib_dir']}/modules"
  default['apache']['default_site_enabled'] = false
-when "debian", "ubuntu"
+when 'debian', 'ubuntu'
-  default['apache']['package'] = "apache2"
+  default['apache']['package']     = 'apache2'
-  default['apache']['dir']     = "/etc/apache2"
+  default['apache']['perl_pkg']    = 'perl'
-  default['apache']['log_dir'] = "/var/log/apache2"
+  default['apache']['dir']         = '/etc/apache2'
-  default['apache']['error_log'] = "error.log"
+  default['apache']['log_dir']     = '/var/log/apache2'
-  default['apache']['access_log'] = "access.log"
+  default['apache']['error_log']   = 'error.log'
-  default['apache']['user']    = "www-data"
+  default['apache']['access_log']  = 'access.log'
-  default['apache']['group']   = "www-data"
+  default['apache']['user']        = 'www-data'
-  default['apache']['binary']  = "/usr/sbin/apache2"
+  default['apache']['group']       = 'www-data'
-  default['apache']['docroot_dir'] = "/var/www"
+  default['apache']['binary']      = '/usr/sbin/apache2'
-  default['apache']['cgibin_dir'] = "/usr/lib/cgi-bin"
+  default['apache']['docroot_dir'] = '/var/www'
-  default['apache']['icondir'] = "/usr/share/apache2/icons"
+  default['apache']['cgibin_dir']  = '/usr/lib/cgi-bin'
-  default['apache']['cache_dir'] = "/var/cache/apache2"
+  default['apache']['icondir']     = '/usr/share/apache2/icons'
-  if node['platform_version'].to_f >= 14 then
+  default['apache']['cache_dir']   = '/var/cache/apache2'
-    default['apache']['pid_file']  = "/var/run/apache2/apache2.pid"
+  default['apache']['pid_file']    = if node['platform'] == 'ubuntu' && node['platform_version'].to_f >= 13.10
                                       '/var/run/apache2/apache2.pid'
                                     else
-    default['apache']['pid_file']  = "/var/run/apache2.pid"
+                                       '/var/run/apache2.pid'
                                     end
-  default['apache']['lib_dir'] = "/usr/lib/apache2"
+  default['apache']['lib_dir']     = '/usr/lib/apache2'
  default['apache']['libexecdir']  = "#{node['apache']['lib_dir']}/modules"
  default['apache']['default_site_enabled'] = false
-when "arch"
+when 'arch'
-  default['apache']['package'] = "apache"
+  default['apache']['package']     = 'apache'
-  default['apache']['dir']     = "/etc/httpd"
+  default['apache']['perl_pkg']    = 'perl'
-  default['apache']['log_dir'] = "/var/log/httpd"
+  default['apache']['dir']         = '/etc/httpd'
-  default['apache']['error_log'] = "error.log"
+  default['apache']['log_dir']     = '/var/log/httpd'
-  default['apache']['access_log'] = "access.log"
+  default['apache']['error_log']   = 'error.log'
-  default['apache']['user']    = "http"
+  default['apache']['access_log']  = 'access.log'
-  default['apache']['group']   = "http"
+  default['apache']['user']        = 'http'
-  default['apache']['binary']  = "/usr/sbin/httpd"
+  default['apache']['group']       = 'http'
-  default['apache']['docroot_dir'] = "/srv/http"
+  default['apache']['binary']      = '/usr/sbin/httpd'
-  default['apache']['cgibin_dir'] = "/usr/share/httpd/cgi-bin"
+  default['apache']['docroot_dir'] = '/srv/http'
-  default['apache']['icondir'] = "/usr/share/httpd/icons"
+  default['apache']['cgibin_dir']  = '/usr/share/httpd/cgi-bin'
-  default['apache']['cache_dir'] = "/var/cache/httpd"
+  default['apache']['icondir']     = '/usr/share/httpd/icons'
-  default['apache']['pid_file']  = "/var/run/httpd/httpd.pid"
+  default['apache']['cache_dir']   = '/var/cache/httpd'
-  default['apache']['lib_dir'] = "/usr/lib/httpd"
+  default['apache']['pid_file']    = '/var/run/httpd/httpd.pid'
  default['apache']['lib_dir']     = '/usr/lib/httpd'
  default['apache']['libexecdir']  = "#{node['apache']['lib_dir']}/modules"
  default['apache']['default_site_enabled'] = false
-when "freebsd"
+when 'freebsd'
-  default['apache']['package'] = "apache22"
+  default['apache']['package']     = 'apache22'
-  default['apache']['dir']     = "/usr/local/etc/apache22"
+  default['apache']['perl_pkg']    = 'perl5'
-  default['apache']['log_dir'] = "/var/log"
+  default['apache']['dir']         = '/usr/local/etc/apache22'
-  default['apache']['error_log'] = "httpd-error.log"
+  default['apache']['log_dir']     = '/var/log'
-  default['apache']['access_log'] = "httpd-access.log"
+  default['apache']['error_log']   = 'httpd-error.log'
-  default['apache']['root_group'] = "wheel"
+  default['apache']['access_log']  = 'httpd-access.log'
-  default['apache']['user']    = "www"
+  default['apache']['root_group']  = 'wheel'
-  default['apache']['group']    = "www"
+  default['apache']['user']        = 'www'
-  default['apache']['binary']  = "/usr/local/sbin/httpd"
+  default['apache']['group']       = 'www'
-  default['apache']['docroot_dir'] = "/usr/local/www/apache22/data"
+  default['apache']['binary']      = '/usr/local/sbin/httpd'
-  default['apache']['cgibin_dir'] = "/usr/local/www/apache22/cgi-bin"
+  default['apache']['docroot_dir'] = '/usr/local/www/apache22/data'
-  default['apache']['icondir'] = "/usr/local/www/apache22/icons"
+  default['apache']['cgibin_dir']  = '/usr/local/www/apache22/cgi-bin'
-  default['apache']['cache_dir'] = "/var/run/apache22"
+  default['apache']['icondir']     = '/usr/local/www/apache22/icons'
-  default['apache']['pid_file']  = "/var/run/httpd.pid"
+  default['apache']['cache_dir']   = '/var/run/apache22'
-  default['apache']['lib_dir'] = "/usr/local/libexec/apache22"
+  default['apache']['pid_file']    = '/var/run/httpd.pid'
  default['apache']['lib_dir']     = '/usr/local/libexec/apache22'
  default['apache']['libexecdir']  = node['apache']['lib_dir']
  default['apache']['default_site_enabled'] = false
 else
-  default['apache']['dir']     = "/etc/apache2"
+  default['apache']['dir']         = '/etc/apache2'
-  default['apache']['log_dir'] = "/var/log/apache2"
+  default['apache']['log_dir']     = '/var/log/apache2'
-  default['apache']['error_log'] = "error.log"
+  default['apache']['error_log']   = 'error.log'
-  default['apache']['access_log'] = "access.log"
+  default['apache']['access_log']  = 'access.log'
-  default['apache']['user']    = "www-data"
+  default['apache']['user']        = 'www-data'
-  default['apache']['group']   = "www-data"
+  default['apache']['group']       = 'www-data'
-  default['apache']['binary']  = "/usr/sbin/apache2"
+  default['apache']['binary']      = '/usr/sbin/apache2'
-  default['apache']['docroot_dir'] = "/var/www"
+  default['apache']['docroot_dir'] = '/var/www'
-  default['apache']['cgibin_dir'] = "/usr/lib/cgi-bin"
+  default['apache']['cgibin_dir']  = '/usr/lib/cgi-bin'
-  default['apache']['icondir'] = "/usr/share/apache2/icons"
+  default['apache']['icondir']     = '/usr/share/apache2/icons'
-  default['apache']['cache_dir'] = "/var/cache/apache2"
+  default['apache']['cache_dir']   = '/var/cache/apache2'
-  default['apache']['pid_file']  = "logs/httpd.pid"
+  default['apache']['pid_file']    = 'logs/httpd.pid'
-  default['apache']['lib_dir'] = "/usr/lib/apache2"
+  default['apache']['lib_dir']     = '/usr/lib/apache2'
  default['apache']['libexecdir']  = "#{node['apache']['lib_dir']}/modules"
  default['apache']['default_site_enabled'] = false
 end
@ -122,34 +126,39 @@ end
 ###
 # General settings
-default['apache']['listen_ports'] = ["80"]
+default['apache']['listen_addresses']  = %w[*]
-default['apache']['contact'] = "ops@example.com"
+default['apache']['listen_ports']      = %w[80]
 default['apache']['contact']           = 'ops@example.com'
 default['apache']['timeout']           = 300
-default['apache']['keepalive'] = "On"
+default['apache']['keepalive']         = 'On'
 default['apache']['keepaliverequests'] = 100
 default['apache']['keepalivetimeout']  = 5
 default['apache']['sysconfig_additional_params'] = {}
 # Security
-default['apache']['servertokens'] = "Prod"
+default['apache']['servertokens']    = 'Prod'
-default['apache']['serversignature'] = "On"
+default['apache']['serversignature'] = 'On'
-default['apache']['traceenable'] = "On"
+default['apache']['traceenable']     = 'On'
 # mod_auth_openids
-default['apache']['allowed_openids'] = Array.new
+default['apache']['allowed_openids'] = []
 # mod_status Allow list, space seprated list of allowed entries.
-default['apache']['status_allow_list'] = "localhost ip6-localhost"
+default['apache']['status_allow_list'] = 'localhost ip6-localhost'
 # mod_status ExtendedStatus, set to 'true' to enable
 default['apache']['ext_status'] = false
 # mod_info Allow list, space seprated list of allowed entries.
 default['apache']['info_allow_list'] = 'localhost ip6-localhost'
 # Prefork Attributes
 default['apache']['prefork']['startservers']        = 16
 default['apache']['prefork']['minspareservers']     = 16
 default['apache']['prefork']['maxspareservers']     = 32
 default['apache']['prefork']['serverlimit']         = 400
 default['apache']['prefork']['maxclients']          = 400
-default['apache']['prefork']['maxrequestsperchild'] = 10000
+default['apache']['prefork']['maxrequestsperchild'] = 10_000
 # Worker Attributes
 default['apache']['worker']['startservers']        = 4
@ -160,13 +169,18 @@ default['apache']['worker']['maxsparethreads'] = 192
 default['apache']['worker']['threadsperchild']     = 64
 default['apache']['worker']['maxrequestsperchild'] = 0
 # mod_proxy settings
 default['apache']['proxy']['order']      = 'deny,allow'
 default['apache']['proxy']['deny_from']  = 'all'
 default['apache']['proxy']['allow_from'] = 'none'
 # Default modules to enable via include_recipe
-default['apache']['default_modules'] = %w{
+default['apache']['default_modules'] = %w[
  status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex
  dir env mime negotiation setenvif
-}
+]
-%w{ log_config logio }.each do |log_mod|
+%w[log_config logio].each do |log_mod|
-  default['apache']['default_modules'] << log_mod if ["rhel", "fedora", "suse", "arch", "freebsd"].include?(node['platform_family'])
+  default['apache']['default_modules'] << log_mod if %w[rhel fedora suse arch freebsd].include?(node['platform_family'])
 end
--- a/chef/cookbooks/apache2/attributes/mod_auth_cas.rb
+++ b/chef/cookbooks/apache2/attributes/mod_auth_cas.rb
@ -1,2 +1,21 @@
 #
 # Cookbook Name:: apache2
 # Attributes:: mod_auth_cas
 #
 # Copyright 2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 default['apache']['mod_auth_cas']['from_source']     = false
-default['apache']['mod_auth_cas']['source_revision'] = "v1.0.8.1"
+default['apache']['mod_auth_cas']['source_revision'] = 'v1.0.8.1'
--- a/chef/cookbooks/apache2/attributes/mod_auth_openid.rb
+++ b/chef/cookbooks/apache2/attributes/mod_auth_openid.rb
@ -1,7 +1,8 @@
 #
-# Author:: Joshua Timberman <joshua@opscode.com>
+# Cookbook Name:: apache2
-# Copyright:: Copyright (c) 2011, Opscode, Inc.
+# Attributes:: mod_auth_cas
-# License:: Apache License, Version 2.0
+#
 # Copyright 2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -16,16 +17,16 @@
 # limitations under the License.
 #
-default['apache']['mod_auth_openid']['ref']  = "95043901eab868400937642d9bc55d17e9dd069f"
+default['apache']['mod_auth_openid']['ref']        = '95043901eab868400937642d9bc55d17e9dd069f'
 default['apache']['mod_auth_openid']['source_url'] = "https://github.com/bmuller/mod_auth_openid/archive/#{node['apache']['mod_auth_openid']['ref']}.tar.gz"
-default['apache']['mod_auth_openid']['cache_dir']  = "/var/cache/mod_auth_openid"
+default['apache']['mod_auth_openid']['cache_dir']  = '/var/cache/mod_auth_openid'
 default['apache']['mod_auth_openid']['dblocation'] = "#{node['apache']['mod_auth_openid']['cache_dir']}/mod_auth_openid.db"
 case node['platform_family']
-when "freebsd"
+when 'freebsd'
  default['apache']['mod_auth_openid']['configure_flags'] = [
-    "CPPFLAGS=-I/usr/local/include",
+    'CPPFLAGS=-I/usr/local/include',
-    "LDFLAGS=-I/usr/local/lib -lsqlite3"
+    'LDFLAGS=-I/usr/local/lib -lsqlite3'
  ]
 else
  default['apache']['mod_auth_openid']['configure_flags'] = []
--- a/chef/cookbooks/openstack-ops-messaging/recipes/default.rb
+++ b/chef/cookbooks/openstack-ops-messaging/recipes/default.rb
@ -1,6 +1,6 @@
 #
-# Cookbook Name:: openstack-ops-messaging
+# Cookbook Name:: apache2
-# Recipe:: default
+# Attributes:: mod_fastcgi
 #
 # Copyright 2013, Opscode, Inc.
 #
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-include_recipe "openstack-ops-messaging::#{node['openstack']['messaging']['service']}"
+default['apache']['mod_fastcgi']['download_url'] = 'http://www.fastcgi.com/dist/mod_fastcgi-current.tar.gz'
--- a/chef/cookbooks/apt/test/cookbooks/apt_test/files/default/tests/minitest/support/helpers.rb
+++ b/chef/cookbooks/apt/test/cookbooks/apt_test/files/default/tests/minitest/support/helpers.rb
@ -1,8 +1,8 @@
 #
-# Cookbook Name:: apt_test
+# Cookbook Name:: apache2
-# Recipe:: default
+# Attributes:: mod_pagespeed
 #
-# Copyright 2012, Opscode, Inc.
+# Copyright 2013, ZOZI
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,13 +17,9 @@
 # limitations under the License.
 #
-module Helpers
+default['apache2']['mod_pagespeed']['package_link'] =
-  module AptTest
+  if node['kernel']['machine'] =~ /^i[36']86$/
-    require 'chef/mixin/shell_out'
+    'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_i386.deb'
-    include Chef::Mixin::ShellOut
+  else
-    include MiniTest::Chef::Assertions
+    'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb'
    include MiniTest::Chef::Context
    include MiniTest::Chef::Resources
  end
 end
--- a/chef/cookbooks/apache2/attributes/mod_ssl.rb
+++ b/chef/cookbooks/apache2/attributes/mod_ssl.rb
@ -1,7 +1,8 @@
 #
-# Author:: Nathan L Smith <nlloyds@gmail.com>
+# Cookbook Name:: apache2
-# Copyright:: Copyright (c) 2012, Opscode, Inc.
+# Attributes:: mod_ssl
-# License:: Apache License, Version 2.0
+#
 # Copyright 2012-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/chef/cookbooks/apache2/definitions/apache_conf.rb
+++ b/chef/cookbooks/apache2/definitions/apache_conf.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Definition:: apache_conf
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-20013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -20,7 +20,7 @@
 define :apache_conf do
  template "#{node['apache']['dir']}/mods-available/#{params[:name]}.conf" do
    source   "mods/#{params[:name]}.conf.erb"
-    notifies :restart, "service[apache2]"
+    mode     '0644'
-    mode 0644
+    notifies :restart, 'service[apache2]'
  end
 end
--- a/chef/cookbooks/apache2/definitions/apache_module.rb
+++ b/chef/cookbooks/apache2/definitions/apache_module.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Definition:: apache_module
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,36 +18,35 @@
 #
 define :apache_module, :enable => true, :conf => false do
-  include_recipe "apache2"
+  include_recipe 'apache2::default'
  params[:filename]    = params[:filename] || "mod_#{params[:name]}.so"
  params[:module_path] = params[:module_path] || "#{node['apache']['libexecdir']}/#{params[:filename]}"
  params[:identifier]  = params[:identifier] || "#{params[:name]}_module"
-  if params[:conf]
+  apache_conf params[:name] if params[:conf]
    apache_conf params[:name]
  end
-  if platform_family?("rhel", "fedora", "arch", "suse", "freebsd")
+  if platform_family?('rhel', 'fedora', 'arch', 'suse', 'freebsd')
    file "#{node['apache']['dir']}/mods-available/#{params[:name]}.load" do
-      content "LoadModule #{params[:name]}_module #{params[:module_path]}\n"
+      content "LoadModule #{params[:identifier]} #{params[:module_path]}\n"
-      mode 0644
+      mode    '0644'
    end
  end
  if params[:enable]
    execute "a2enmod #{params[:name]}" do
      command "/usr/sbin/a2enmod #{params[:name]}"
-      notifies :restart, "service[apache2]"
+      notifies :restart, 'service[apache2]'
-      not_if do (::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") and
+      not_if do
-        ((::File.exists?("#{node['apache']['dir']}/mods-available/#{params[:name]}.conf"))?
+        ::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") &&
-          (::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.conf")):(true)))
+        (::File.exists?("#{node['apache']['dir']}/mods-available/#{params[:name]}.conf") ? ::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.conf") : true)
      end
    end
  else
    execute "a2dismod #{params[:name]}" do
      command "/usr/sbin/a2dismod #{params[:name]}"
-      notifies :restart, "service[apache2]"
+      notifies :restart, 'service[apache2]'
-      only_if do ::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") end
+      only_if { ::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") }
    end
  end
 end
--- a/chef/cookbooks/apache2/definitions/apache_site.rb
+++ b/chef/cookbooks/apache2/definitions/apache_site.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Definition:: apache_site
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,24 +18,24 @@
 #
 define :apache_site, :enable => true do
-  include_recipe "apache2"
+  include_recipe 'apache2::default'
  if params[:enable]
    execute "a2ensite #{params[:name]}" do
      command "/usr/sbin/a2ensite #{params[:name]}"
-      notifies :restart, resources(:service => "apache2")
+      notifies :restart, 'service[apache2]'
      not_if do
-        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") or
+        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") ||
        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/000-#{params[:name]}")
      end
-      only_if do ::File.exists?("#{node['apache']['dir']}/sites-available/#{params[:name]}") end
+      only_if { ::File.exists?("#{node['apache']['dir']}/sites-available/#{params[:name]}") }
    end
  else
    execute "a2dissite #{params[:name]}" do
      command "/usr/sbin/a2dissite #{params[:name]}"
-      notifies :restart, resources(:service => "apache2")
+      notifies :restart, 'service[apache2]'
      only_if do
-        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") or
+        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") ||
        ::File.symlink?("#{node['apache']['dir']}/sites-enabled/000-#{params[:name]}")
      end
    end
--- a/chef/cookbooks/apache2/definitions/web_app.rb
+++ b/chef/cookbooks/apache2/definitions/web_app.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Definition:: web_app
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,29 +17,27 @@
 # limitations under the License.
 #
-define :web_app, :template => "web_app.conf.erb", :enable => true do
+define :web_app, :template => 'web_app.conf.erb', :enable => true do
  application_name = params[:name]
-  include_recipe "apache2"
+  include_recipe 'apache2::default'
-  include_recipe "apache2::mod_rewrite"
+  include_recipe 'apache2::mod_rewrite'
-  include_recipe "apache2::mod_deflate"
+  include_recipe 'apache2::mod_deflate'
-  include_recipe "apache2::mod_headers"
+  include_recipe 'apache2::mod_headers'
  template "#{node['apache']['dir']}/sites-available/#{application_name}.conf" do
    source   params[:template]
-    owner "root"
+    owner    'root'
    group    node['apache']['root_group']
-    mode 0644
+    mode     '0644'
-    if params[:cookbook]
+    cookbook params[:cookbook] if params[:cookbook]
      cookbook params[:cookbook]
    end
    variables(
      :application_name => application_name,
      :params           => params
    )
    if ::File.exists?("#{node['apache']['dir']}/sites-enabled/#{application_name}.conf")
-      notifies :reload, resources(:service => "apache2"), :delayed
+      notifies :reload, 'service[apache2]'
    end
  end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/default_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/default_test.rb
@ -16,7 +16,7 @@ describe 'apache2::default' do
  end
  it 'creates the conf.d directory' do
-    directory("#{node['apache']['dir']}/conf.d").must_exist.with(:mode, "755")
+    directory("#{node['apache']['dir']}/conf.d").must_exist.with(:mode, '755')
  end
  it 'creates the logs directory' do
@ -36,7 +36,7 @@ describe 'apache2::default' do
  end
  it 'reports server name only, not detailed version info' do
-    assert_match(/^ServerTokens Prod *$/, File.read("#{node['apache']['dir']}/conf.d/security"))
+    assert_match(/^ServerTokens #{node['apache']['servertokens']} *$/, File.read("#{node['apache']['dir']}/conf.d/security"))
  end
  it 'listens on port 80' do
@ -50,10 +50,10 @@ describe 'apache2::default' do
  end
  it 'reports server name only, not detailed version info' do
-    file("#{node['apache']['dir']}/conf.d/security").must_match(/^ServerTokens Prod *$/)
+    file("#{node['apache']['dir']}/conf.d/security").must_match(/^ServerTokens #{node['apache']['servertokens']} *$/)
  end
-  it "enables default_modules" do
+  it 'enables default_modules' do
    node['apache']['default_modules'].each do |a2mod|
      apache_enabled_modules.must_include "#{a2mod}_module"
    end
@ -73,5 +73,4 @@ describe 'apache2::default' do
    it { config.must_include "Include #{node['apache']['dir']}/conf.d/" }
    it { apache_config_parses? }
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/god_monitor_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/god_monitor_test.rb
@ -17,15 +17,15 @@
 require File.expand_path('../support/helpers', __FILE__)
-describe "apache2::god_monitor" do
+describe 'apache2::god_monitor' do
  include Helpers::Apache
  it 'starts god service to supervise apache2' do
-    service("god").must_be_running
+    service('god').must_be_running
  end
  it 'creates the god service template for apache' do
-    file("/etc/god/conf.d/apache2.god").must_exist
+    file('/etc/god/conf.d/apache2.god').must_exist
  end
  it 'starts an apache2 service that works like a regular service' do
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_apreq2_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_apreq2_test.rb
@ -4,12 +4,12 @@ describe 'apache2::mod_apreq2' do
  include Helpers::Apache
  it 'enables apreq_module' do
-    apache_enabled_modules.must_include "apreq_module"
+    apache_enabled_modules.must_include 'apreq_module'
  end
  it 'symlinks the module on EL' do
-    skip unless %w{rhel fedora}.include?(node['platform_family'])
+    skip unless %w[rhel fedora].include?(node['platform_family'])
-    libdir = node['kernel']['machine'] == 'x86_64' ? "lib64" : "lib"
+    libdir = node['kernel']['machine'] == 'x86_64' ? 'lib64' : 'lib'
    link(
      "/usr/#{libdir}/httpd/modules/mod_apreq.so"
    ).must_exist.with(
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_auth_cas_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_auth_cas_test.rb
@ -1,11 +1,10 @@
 require File.expand_path('../support/helpers', __FILE__)
-describe "apache2::mod_auth_cas" do
+describe 'apache2::mod_auth_cas' do
  include Helpers::Apache
  it 'enables auth_cas_module' do
-    skip if %w{rhel fedora}.include?(node['platform_family']) && node['platform_version'].to_f > 6.0
+    skip if %w[rhel fedora].include?(node['platform_family']) && node['platform_version'].to_f > 6.0
-    apache_enabled_modules.must_include "auth_cas_module"
+    apache_enabled_modules.must_include 'auth_cas_module'
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_auth_openid_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_auth_openid_test.rb
@ -4,34 +4,33 @@ require 'pathname'
 describe 'apache2::mod_auth_openid' do
  include Helpers::Apache
-  it "installs the opekele library" do
+  it 'installs the opekele library' do
    lib_dir = Pathname.new(node['apache']['lib_dir']).dirname.to_s
    file("#{lib_dir}/libopkele.so").must_exist
  end
-  it "does not add the module to httpd.conf" do
+  it 'does not add the module to httpd.conf' do
    conffile = case node['platform']
               when 'debian', 'ubuntu'
-                 "apache2.conf"
+                 'apache2.conf'
-               when "redhat", "centos", "scientific", "fedora", "arch", "amazon"
+               when 'redhat', 'centos', 'scientific', 'fedora', 'arch', 'amazon'
-                 "conf/httpd.conf"
+                 'conf/httpd.conf'
-               when "freebsd"
+               when 'freebsd'
-                 "httpd.conf"
+                 'httpd.conf'
               end
    httpd_config = File.read(File.join(node['apache']['dir'], conffile))
    refute_match /^LoadModule authopenid_module /, httpd_config
  end
-  it "creates a cache directory for the module" do
+  it 'creates a cache directory for the module' do
    directory(node['apache']['mod_auth_openid']['cache_dir']).must_exist.with(:owner, node['apache']['user'])
  end
-  it "ensures the db file is writable by apache" do
+  it 'ensures the db file is writable by apache' do
-    file(node['apache']['mod_auth_openid']['dblocation']).must_exist.with(:owner, node['apache']['user']).and(:mode, "644")
+    file(node['apache']['mod_auth_openid']['dblocation']).must_exist.with(:owner, node['apache']['user']).and(:mode, '644')
  end
  it 'enables authopenid_module' do
-    apache_enabled_modules.must_include "authopenid_module"
+    apache_enabled_modules.must_include 'authopenid_module'
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_cgi_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_cgi_test.rb
@ -9,5 +9,4 @@ describe 'apache2::mod_cgi' do
      apache_enabled_modules.include?('cgid_module')
    )
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_dav_svn_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_dav_svn_test.rb
@ -4,11 +4,10 @@ describe 'apache2::mod_dav_svn' do
  include Helpers::Apache
  it 'enables dav_svn_module' do
-    apache_enabled_modules.must_include "dav_svn_module"
+    apache_enabled_modules.must_include('dav_svn_module')
  end
  it 'enables dav_module' do
-    apache_enabled_modules.must_include "dav_module"
+    apache_enabled_modules.must_include('dav_module')
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_fastcgi.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_fastcgi.rb
@ -1,11 +1,10 @@
 require File.expand_path('../support/helpers', __FILE__)
-describe "apache2::mod_fastcgi" do
+describe 'apache2::mod_fastcgi' do
  include Helpers::Apache
  it 'enables fastcgi_module' do
    skip if %w{rhel fedora}.include?(node['platform_family'])
-    apache_enabled_modules.must_include "fastcgi_module"
+    apache_enabled_modules.must_include 'fastcgi_module'
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_include_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_include_test.rb
@ -4,12 +4,11 @@ describe 'apache2::mod_include' do
  include Helpers::Apache
  it 'enables include_module' do
-    apache_enabled_modules.must_include "include_module"
+    apache_enabled_modules.must_include 'include_module'
  end
  it 'drops off the include module configuration' do
    assert_match(/AddType text\/html .shtml/, File.read("#{node['apache']['dir']}/mods-enabled/include.conf"))
    assert_match(/AddOutputFilter INCLUDES .shtml/, File.read("#{node['apache']['dir']}/mods-enabled/include.conf"))
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_perl_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_perl_test.rb
@ -4,7 +4,7 @@ describe 'apache2::mod_perl' do
  include Helpers::Apache
  it 'enables perl_module' do
-    apache_enabled_modules.must_include "perl_module"
+    apache_enabled_modules.must_include('perl_module')
  end
  it 'installs the apache request library' do
@ -14,5 +14,4 @@ describe 'apache2::mod_perl' do
              end
    package(req_pkg).must_be_installed
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_php5_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_php5_test.rb
@ -4,10 +4,10 @@ describe 'apache2::mod_php5' do
  include Helpers::Apache
  it 'enables php5_module' do
-    apache_enabled_modules.must_include "php5_module"
+    apache_enabled_modules.must_include('php5_module')
  end
-  it "deletes the packaged php config if any" do
+  it 'deletes the packaged php config if any' do
    file("#{node['apache']['dir']}/conf.d/php.conf").wont_exist
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_python_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_python_test.rb
@ -4,7 +4,6 @@ describe 'apache2::mod_python' do
  include Helpers::Apache
  it 'enables python_module' do
-    apache_enabled_modules.must_include "python_module"
+    apache_enabled_modules.must_include('python_module')
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/mod_ssl_test.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/mod_ssl_test.rb
@ -4,25 +4,26 @@ describe 'apache2::mod_ssl' do
  include Helpers::Apache
  it 'installs the mod_ssl package on RHEL distributions' do
-    skip unless ["rhel", "fedora"].include? node['platform_family']
+    skip unless %w[rhel fedora].include?(node['platform_family'])
-    package("mod_ssl").must_be_installed
+    package('mod_ssl').must_be_installed
  end
  it 'enables ssl_module' do
-    apache_enabled_modules.must_include "ssl_module"
+    apache_enabled_modules.must_include 'ssl_module'
  end
  it 'does not store SSL config in conf.d' do
    file("#{node['apache']['dir']}/conf.d/ssl.conf").wont_exist
  end
-  it "is configured to listen on port 443" do
+  it 'is configured to listen on port 443' do
    apache_configured_ports.must_include(443)
  end
  it 'configures SSLCiphersuit from an attribute' do
-    assert_match(/^SSLCipherSuite #{node['apache']['mod_ssl']['cipher_suite']}$/,
+    assert_match(
-      File.read("#{node['apache']['dir']}/mods-enabled/ssl.conf"))
+      /^SSLCipherSuite #{node['apache']['mod_ssl']['cipher_suite']}$/,
      File.read("#{node['apache']['dir']}/mods-enabled/ssl.conf")
      )
  end
 end
--- a/chef/cookbooks/apache2/files/default/tests/minitest/support/helpers.rb
+++ b/chef/cookbooks/apache2/files/default/tests/minitest/support/helpers.rb
@ -1,4 +1,5 @@
 module Helpers
  # MiniTest helpers
  module Apache
    require 'chef/mixin/shell_out'
    include Chef::Mixin::ShellOut
@ -30,9 +31,9 @@ module Helpers
    def apache_service
      service(
        case node['platform']
-        when "debian", "ubuntu" then "apache2"
+        when 'debian', 'ubuntu' then 'apache2'
-        when "freebsd" then "apache22"
+        when 'freebsd' then 'apache22'
-        else "httpd"
+        else 'httpd'
        end
      )
    end
@ -40,26 +41,25 @@ module Helpers
    def config
      file(
        case node['platform']
-        when "debian", "ubuntu" then "#{node['apache']['dir']}/apache2.conf"
+        when 'debian', 'ubuntu' then "#{node['apache']['dir']}/apache2.conf"
-        when "freebsd" then "#{node['apache']['dir']}/httpd.conf"
+        when 'freebsd' then "#{node['apache']['dir']}/httpd.conf"
        else "#{node['apache']['dir']}/conf/httpd.conf"
        end
      )
    end
    def ran_recipe?(recipe)
-      if Chef::VERSION < "11.0"
+      if Chef::VERSION < '11.0'
        seen_recipes = node.run_state[:seen_recipes]
        recipes = seen_recipes.keys.each { |i| i }
      else
        recipes = run_context.loaded_recipes
      end
-      if recipes.empty? and Chef::Config[:solo]
+      if recipes.empty? && Chef::Config[:solo]
-        #If you have roles listed in your run list they are NOT expanded
+        # If you have roles listed in your run list they are NOT expanded
-        recipes = node.run_list.map {|item| item.name if item.type == :recipe }
+        recipes = node.run_list.map { |item| item.name if item.type == :recipe }
      end
      recipes.include?(recipe)
    end
  end
 end
--- a/chef/cookbooks/apache2/metadata.json
+++ b/chef/cookbooks/apache2/metadata.json
--- a/chef/cookbooks/apache2/metadata.rb
+++ b/chef/cookbooks/apache2/metadata.rb
@ -1,213 +1,264 @@
-name              "apache2"
+name              'apache2'
-maintainer        "Opscode, Inc."
+maintainer        'Opscode, Inc.'
-maintainer_email  "cookbooks@opscode.com"
+maintainer_email  'cookbooks@opscode.com'
-license           "Apache 2.0"
+license           'Apache 2.0'
-description       "Installs and configures all aspects of apache2 using Debian style symlinks with helper definitions"
+description       'Installs and configures all aspects of apache2 using Debian style symlinks with helper definitions'
 long_description  IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version           "1.7.0"
+version           '1.9.6'
-recipe            "apache2", "Main Apache configuration"
+recipe            'apache2', 'Main Apache configuration'
-recipe            "apache2::logrotate", "Rotate apache2 logs. Requires logrotate cookbook"
+recipe            'apache2::logrotate', 'Rotate apache2 logs. Requires logrotate cookbook'
-recipe            "apache2::mod_alias", "Apache module 'alias' with config file"
+recipe            'apache2::mod_alias', 'Apache module "alias" with config file'
-recipe            "apache2::mod_apreq2", "Apache module 'apreq'"
+recipe            'apache2::mod_apreq2', 'Apache module "apreq"'
-recipe            "apache2::mod_auth_basic", "Apache module 'auth_basic'"
+recipe            'apache2::mod_auth_basic', 'Apache module "auth_basic"'
-recipe            "apache2::mod_auth_digest", "Apache module 'auth_digest'"
+recipe            'apache2::mod_auth_digest', 'Apache module "auth_digest"'
-recipe            "apache2::mod_auth_openid", "Apache module 'authopenid'"
+recipe            'apache2::mod_auth_openid', 'Apache module "authopenid"'
-recipe            "apache2::mod_authn_file", "Apache module 'authn_file'"
+recipe            'apache2::mod_authn_file', 'Apache module "authn_file"'
-recipe            "apache2::mod_authnz_ldap", "Apache module 'authnz_ldap'"
+recipe            'apache2::mod_authnz_ldap', 'Apache module "authnz_ldap"'
-recipe            "apache2::mod_authz_default", "Apache module 'authz_default'"
+recipe            'apache2::mod_authz_default', 'Apache module "authz_default"'
-recipe            "apache2::mod_authz_groupfile", "Apache module 'authz_groupfile'"
+recipe            'apache2::mod_authz_groupfile', 'Apache module "authz_groupfile"'
-recipe            "apache2::mod_authz_host", "Apache module 'authz_host'"
+recipe            'apache2::mod_authz_host', 'Apache module "authz_host"'
-recipe            "apache2::mod_authz_user", "Apache module 'authz_user'"
+recipe            'apache2::mod_authz_user', 'Apache module "authz_user"'
-recipe            "apache2::mod_autoindex", "Apache module 'autoindex' with config file"
+recipe            'apache2::mod_autoindex', 'Apache module "autoindex" with config file'
-recipe            "apache2::mod_cgi", "Apache module 'cgi'"
+recipe            'apache2::mod_cgi', 'Apache module "cgi"'
-recipe            "apache2::mod_dav", "Apache module 'dav'"
+recipe            'apache2::mod_dav', 'Apache module "dav"'
-recipe            "apache2::mod_dav_svn", "Apache module 'dav_svn'"
+recipe            'apache2::mod_dav_svn', 'Apache module "dav_svn"'
-recipe            "apache2::mod_deflate", "Apache module 'deflate' with config file"
+recipe            'apache2::mod_deflate', 'Apache module "deflate" with config file'
-recipe            "apache2::mod_dir", "Apache module 'dir' with config file"
+recipe            'apache2::mod_dir', 'Apache module "dir" with config file'
-recipe            "apache2::mod_env", "Apache module 'env'"
+recipe            'apache2::mod_env', 'Apache module "env"'
-recipe            "apache2::mod_expires", "Apache module 'expires'"
+recipe            'apache2::mod_expires', 'Apache module "expires"'
-recipe            "apache2::mod_fcgid", "Apache module 'fcgid', package on ubuntu/debian, rhel/centos, compile source on suse; with config file"
+recipe            'apache2::mod_fcgid', 'Apache module "fcgid", package on ubuntu/debian, rhel/centos, compile source on suse; with config file'
-recipe            "apache2::mod_headers", "Apache module 'headers'"
+recipe            'apache2::mod_headers', 'Apache module "headers"'
-recipe            "apache2::mod_include", "Apache module 'include'"
+recipe            'apache2::mod_include', 'Apache module "include"'
-recipe            "apache2::mod_ldap", "Apache module 'ldap'"
+recipe            'apache2::mod_ldap', 'Apache module "ldap"'
-recipe            "apache2::mod_log_config", "Apache module 'log_config'"
+recipe            'apache2::mod_log_config', 'Apache module "log_config"'
-recipe            "apache2::mod_mime", "Apache module 'mime' with config file"
+recipe            'apache2::mod_mime', 'Apache module "mime" with config file'
-recipe            "apache2::mod_negotiation", "Apache module 'negotiation' with config file"
+recipe            'apache2::mod_negotiation', 'Apache module "negotiation" with config file'
-recipe            "apache2::mod_perl", "Apache module 'perl'"
+recipe            'apache2::mod_pagespeed', 'Apache module "pagespeed" with config file'
-recipe            "apache2::mod_php5", "Apache module 'php5'"
+recipe            'apache2::mod_perl', 'Apache module "perl"'
-recipe            "apache2::mod_proxy", "Apache module 'proxy' with config file"
+recipe            'apache2::mod_php5', 'Apache module "php5"'
-recipe            "apache2::mod_proxy_ajp", "Apache module 'proxy_ajp'"
+recipe            'apache2::mod_proxy', 'Apache module "proxy" with config file'
-recipe            "apache2::mod_proxy_balancer", "Apache module 'proxy_balancer'"
+recipe            'apache2::mod_proxy_ajp', 'Apache module "proxy_ajp"'
-recipe            "apache2::mod_proxy_connect", "Apache module 'proxy_connect'"
+recipe            'apache2::mod_proxy_balancer', 'Apache module "proxy_balancer"'
-recipe            "apache2::mod_proxy_http", "Apache module 'proxy_http'"
+recipe            'apache2::mod_proxy_connect', 'Apache module "proxy_connect"'
-recipe            "apache2::mod_python", "Apache module 'python'"
+recipe            'apache2::mod_proxy_http', 'Apache module "proxy_http"'
-recipe            "apache2::mod_rewrite", "Apache module 'rewrite'"
+recipe            'apache2::mod_python', 'Apache module "python"'
-recipe            "apache2::mod_setenvif", "Apache module 'setenvif' with config file"
+recipe            'apache2::mod_rewrite', 'Apache module "rewrite"'
-recipe            "apache2::mod_ssl", "Apache module 'ssl' with config file, adds port 443 to listen_ports"
+recipe            'apache2::mod_setenvif', 'Apache module "setenvif" with config file'
-recipe            "apache2::mod_status", "Apache module 'status' with config file"
+recipe            'apache2::mod_ssl', 'Apache module "ssl" with config file, adds port 443 to listen_ports'
-recipe            "apache2::mod_xsendfile", "Apache module 'xsendfile'"
+recipe            'apache2::mod_status', 'Apache module "status" with config file'
 recipe            'apache2::mod_xsendfile', 'Apache module "xsendfile"'
-%w{redhat centos scientific fedora debian ubuntu arch freebsd amazon}.each do |os|
+depends 'iptables'
  supports os
 end
-attribute "apache",
+supports 'amazon'
-  :display_name => "Apache Hash",
+supports 'arch'
-  :description => "Hash of Apache attributes",
+supports 'centos'
-  :type => "hash"
+supports 'debian'
 supports 'fedora'
 supports 'freebsd'
 supports 'redhat'
 supports 'scientific'
 supports 'ubuntu'
-attribute "apache/dir",
+depends 'logrotate'
-  :display_name => "Apache Directory",
+depends 'pacman'
  :description => "Location for Apache configuration",
  :default => "/etc/apache2"
-attribute "apache/log_dir",
+attribute 'apache',
-  :display_name => "Apache Log Directory",
+          :display_name => 'Apache Hash',
-  :description => "Location for Apache logs",
+          :description  => 'Hash of Apache attributes',
-  :default => "/etc/apache2"
+          :type         => 'hash'
-attribute "apache/user",
+attribute 'apache/dir',
-  :display_name => "Apache User",
+          :display_name => 'Apache Directory',
-  :description => "User Apache runs as",
+          :description  => 'Location for Apache configuration',
-  :default => "www-data"
+          :default      => '/etc/apache2',
          :recipes      => ['apache2::default']
-attribute "apache/binary",
+attribute 'apache/log_dir',
-  :display_name => "Apache Binary",
+          :display_name => 'Apache Log Directory',
-  :description => "Apache server daemon program",
+          :description  => 'Location for Apache logs',
-  :default => "/usr/sbin/apache2"
+          :default      => '/etc/apache2',
          :recipes      => ['apache2::default", "apache2::logrotate']
-attribute "apache/icondir",
+attribute 'apache/user',
-  :display_name => "Apache Icondir",
+          :display_name => 'Apache User',
-  :description => "Directory location for icons",
+          :description  => 'User Apache runs as',
-  :default => "/usr/share/apache2/icons"
+          :default      => 'www-data',
          :recipes      => ['apache2::default']
-attribute "apache/listen_ports",
+attribute 'apache/binary',
-  :display_name => "Apache Listen Ports",
+          :display_name => 'Apache Binary',
-  :description => "Ports that Apache should listen on",
+          :description  => 'Apache server daemon program',
-  :type => "array",
+          :default      => '/usr/sbin/apache2',
-  :default => ["80", "443"]
+          :recipes      => ['apache2::default']
-attribute "apache/contact",
+attribute 'apache/icondir',
-  :display_name => "Apache Contact",
+          :display_name => 'Apache Icondir',
-  :description => "Email address of webmaster",
+          :description  => 'Directory location for icons',
-  :default => "ops@example.com"
+          :default      => '/usr/share/apache2/icons',
          :recipes      => ['apache2::default']
-attribute "apache/timeout",
+attribute 'apache/listen_addresses',
-  :display_name => "Apache Timeout",
+          :display_name => 'Apache Listen Addresses',
-  :description => "Connection timeout value",
+          :description  => 'Addresses that Apache should listen on',
-  :default => "300"
+          :type         => 'array',
          :default      => %w[*],
          :recipes      => ['apache2::default']
-attribute "apache/keepalive",
+attribute 'apache/listen_ports',
-  :display_name => "Apache Keepalive",
+          :display_name => 'Apache Listen Ports',
-  :description => "HTTP persistent connections",
+          :description  => 'Ports that Apache should listen on',
-  :default => "On"
+          :type         => 'array',
          :default      => %w[80 443],
          :recipes      => ['apache2::default']
-attribute "apache/keepaliverequests",
+attribute 'apache/contact',
-  :display_name => "Apache Keepalive Requests",
+          :display_name => 'Apache Contact',
-  :description => "Number of requests allowed on a persistent connection",
+          :description  => 'Email address of webmaster',
-  :default => "100"
+          :default      => 'ops@example.com',
          :recipes      => ['apache2::default']
-attribute "apache/keepalivetimeout",
+attribute 'apache/timeout',
-  :display_name => "Apache Keepalive Timeout",
+          :display_name => 'Apache Timeout',
-  :description => "Time to wait for requests on persistent connection",
+          :description  => 'Connection timeout value',
-  :default => "5"
+          :default      => '300',
          :recipes      => ['apache2::default']
-attribute "apache/servertokens",
+attribute 'apache/keepalive',
-  :display_name => "Apache Server Tokens",
+          :display_name => 'Apache Keepalive',
-  :description => "Server response header",
+          :description  => 'HTTP persistent connections',
-  :default => "Prod"
+          :default      => 'On',
          :recipes      => ['apache2::default']
-attribute "apache/serversignature",
+attribute 'apache/keepaliverequests',
-  :display_name => "Apache Server Signature",
+          :display_name => 'Apache Keepalive Requests',
-  :description => "Configure footer on server-generated documents",
+          :description  => 'Number of requests allowed on a persistent connection',
-  :default => "On"
+          :default      => '100',
          :recipes      => ['apache2::default']
-attribute "apache/traceenable",
+attribute 'apache/keepalivetimeout',
-  :display_name => "Apache Trace Enable",
+          :display_name => 'Apache Keepalive Timeout',
-  :description => "Determine behavior of TRACE requests",
+          :description  => 'Time to wait for requests on persistent connection',
-  :default => "On"
+          :default      => '5',
          :recipes      => ['apache2::default']
-attribute "apache/allowed_openids",
+attribute 'apache/servertokens',
-  :display_name => "Apache Allowed OpenIDs",
+          :display_name => 'Apache Server Tokens',
-  :description => "Array of OpenIDs allowed to authenticate",
+          :description  => 'Server response header',
-  :default => ""
+          :default      => 'Prod',
          :recipes      => ['apache2::default']
-attribute "apache/prefork",
+attribute 'apache/serversignature',
-  :display_name => "Apache Prefork",
+          :display_name => 'Apache Server Signature',
-  :description => "Hash of Apache prefork tuning attributes.",
+          :description  => 'Configure footer on server-generated documents',
-  :type => "hash"
+          :default      => 'On',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/startservers",
+attribute 'apache/traceenable',
-  :display_name => "Apache Prefork MPM StartServers",
+          :display_name => 'Apache Trace Enable',
-  :description => "Number of MPM servers to start",
+          :description  => 'Determine behavior of TRACE requests',
-  :default => "16"
+          :default      => 'On',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/minspareservers",
+attribute 'apache/allowed_openids',
-  :display_name => "Apache Prefork MPM MinSpareServers",
+          :display_name => 'Apache Allowed OpenIDs',
-  :description => "Minimum number of spare server processes",
+          :description  => 'Array of OpenIDs allowed to authenticate',
-  :default => "16"
+          :default      => '',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/maxspareservers",
+attribute 'apache/prefork',
-  :display_name => "Apache Prefork MPM MaxSpareServers",
+          :display_name => 'Apache Prefork',
-  :description => "Maximum number of spare server processes",
+          :description  => 'Hash of Apache prefork tuning attributes.',
-  :default => "32"
+          :type         => 'hash',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/serverlimit",
+attribute 'apache/prefork/startservers',
-  :display_name => "Apache Prefork MPM ServerLimit",
+          :display_name => 'Apache Prefork MPM StartServers',
-  :description => "Upper limit on configurable server processes",
+          :description  => 'Number of MPM servers to start',
-  :default => "400"
+          :default      => '16',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/maxclients",
+attribute 'apache/prefork/minspareservers',
-  :display_name => "Apache Prefork MPM MaxClients",
+          :display_name => 'Apache Prefork MPM MinSpareServers',
-  :description => "Maximum number of simultaneous connections",
+          :description  => 'Minimum number of spare server processes',
-  :default => "400"
+          :default      => '16',
          :recipes      => ['apache2::default']
-attribute "apache/prefork/maxrequestsperchild",
+attribute 'apache/prefork/maxspareservers',
-  :display_name => "Apache Prefork MPM MaxRequestsPerChild",
+          :display_name => 'Apache Prefork MPM MaxSpareServers',
-  :description => "Maximum number of request a child process will handle",
+          :description  => 'Maximum number of spare server processes',
-  :default => "10000"
+          :default      => '32',
          :recipes      => ['apache2::default']
-attribute "apache/worker",
+attribute 'apache/prefork/serverlimit',
-  :display_name => "Apache Worker",
+          :display_name => 'Apache Prefork MPM ServerLimit',
-  :description => "Hash of Apache prefork tuning attributes.",
+          :description  => 'Upper limit on configurable server processes',
-  :type => "hash"
+          :default      => '400',
          :recipes      => ['apache2::default']
-attribute "apache/worker/startservers",
+attribute 'apache/prefork/maxclients',
-  :display_name => "Apache Worker MPM StartServers",
+          :display_name => 'Apache Prefork MPM MaxClients',
-  :description => "Initial number of server processes to start",
+          :description  => 'Maximum number of simultaneous connections',
-  :default => "4"
+          :default      => '400',
          :recipes      => ['apache2::default']
-attribute "apache/worker/maxclients",
+attribute 'apache/prefork/maxrequestsperchild',
-  :display_name => "Apache Worker MPM MaxClients",
+          :display_name => 'Apache Prefork MPM MaxRequestsPerChild',
-  :description => "Maximum number of simultaneous connections",
+          :description  => 'Maximum number of request a child process will handle',
-  :default => "1024"
+          :default      => '10000',
          :recipes      => ['apache2::default']
-attribute "apache/worker/minsparethreads",
+attribute 'apache/worker',
-  :display_name => "Apache Worker MPM MinSpareThreads",
+          :display_name => 'Apache Worker',
-  :description => "Minimum number of spare worker threads",
+          :description  => 'Hash of Apache prefork tuning attributes.',
-  :default => "64"
+          :type         => 'hash',
          :recipes      => ['apache2::default']
-attribute "apache/worker/maxsparethreads",
+attribute 'apache/worker/startservers',
-  :display_name => "Apache Worker MPM MaxSpareThreads",
+          :display_name => 'Apache Worker MPM StartServers',
-  :description => "Maximum number of spare worker threads",
+          :description  => 'Initial number of server processes to start',
-  :default => "192"
+          :default      => '4',
          :recipes      => ['apache2::default']
-attribute "apache/worker/threadsperchild",
+attribute 'apache/worker/maxclients',
-  :display_name => "Apache Worker MPM ThreadsPerChild",
+          :display_name => 'Apache Worker MPM MaxClients',
-  :description => "Constant number of worker threads in each server process",
+          :description  => 'Maximum number of simultaneous connections',
-  :default => "64"
+          :default      => '1024',
          :recipes      => ['apache2::default']
-attribute "apache/worker/maxrequestsperchild",
+attribute 'apache/worker/minsparethreads',
-  :display_name => "Apache Worker MPM MaxRequestsPerChild",
+          :display_name => 'Apache Worker MPM MinSpareThreads',
-  :description => "Maximum number of request a child process will handle",
+          :description  => 'Minimum number of spare worker threads',
-  :default => "0"
+          :default      => '64',
          :recipes      => ['apache2::default']
-attribute "apache/default_modules",
+attribute 'apache/worker/maxsparethreads',
-  :display_name => "Apache Default Modules",
+          :display_name => 'Apache Worker MPM MaxSpareThreads',
-  :description => "Default modules to enable via recipes",
+          :description  => 'Maximum number of spare worker threads',
-  :default => "status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex dir env mime negotiation setenvif"
+          :default      => '192',
          :recipes      => ['apache2::default']
-attribute "apache/mod_ssl/cipher_suite",
+attribute 'apache/worker/threadsperchild',
-  :display_name => "Apache mod_ssl Cipher Suite",
+          :display_name => 'Apache Worker MPM ThreadsPerChild',
-  :description => "String of SSL ciphers to use for SSLCipherSuite",
+          :description  => 'Constant number of worker threads in each server process',
-  :default => "RC4-SHA:HIGH:!ADH"
+          :default      => '64',
          :recipes      => ['apache2::default']
 attribute 'apache/worker/maxrequestsperchild',
          :display_name => 'Apache Worker MPM MaxRequestsPerChild',
          :description  => 'Maximum number of request a child process will handle',
          :default      => '0',
          :recipes      => ['apache2::default']
 attribute 'apache/default_modules',
          :display_name => 'Apache Default Modules',
          :description  => 'Default modules to enable via recipes',
          :type         => 'array',
          :default      => %w[status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex dir env mime negotiation setenvif],
          :recipes      => ['apache2::default']
 attribute 'apache/mod_ssl/cipher_suite',
          :display_name => 'Apache mod_ssl Cipher Suite',
          :description  => 'String of SSL ciphers to use for SSLCipherSuite',
          :default      => 'RC4-SHA:HIGH:!ADH',
          :recipes      => ['apache2::default']
--- a/chef/cookbooks/apache2/recipes/default.rb
+++ b/chef/cookbooks/apache2/recipes/default.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: default
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,70 +17,70 @@
 # limitations under the License.
 #
-package "apache2" do
+package 'apache2' do
  package_name node['apache']['package']
 end
-service "apache2" do
+service 'apache2' do
  case node['platform_family']
-  when "rhel", "fedora", "suse"
+  when 'rhel', 'fedora', 'suse'
-    service_name "httpd"
+    service_name 'httpd'
    # If restarted/reloaded too quickly httpd has a habit of failing.
    # This may happen with multiple recipes notifying apache to restart - like
    # during the initial bootstrap.
-    restart_command "/sbin/service httpd restart && sleep 1"
+    restart_command '/sbin/service httpd restart && sleep 1'
-    reload_command "/sbin/service httpd reload && sleep 1"
+    reload_command '/sbin/service httpd reload && sleep 1'
-  when "debian"
+  when 'debian'
-    service_name "apache2"
+    service_name 'apache2'
-    restart_command "/usr/sbin/invoke-rc.d apache2 restart && sleep 1"
+    restart_command '/usr/sbin/invoke-rc.d apache2 restart && sleep 1'
-    reload_command "/usr/sbin/invoke-rc.d apache2 reload && sleep 1"
+    reload_command '/usr/sbin/invoke-rc.d apache2 reload && sleep 1'
-  when "arch"
+  when 'arch'
-    service_name "httpd"
+    service_name 'httpd'
-  when "freebsd"
+  when 'freebsd'
-    service_name "apache22"
+    service_name 'apache22'
  end
  supports [:restart, :reload, :status]
  action :enable
 end
-if platform_family?("rhel", "fedora", "arch", "suse", "freebsd")
+if platform_family?('rhel', 'fedora', 'arch', 'suse', 'freebsd')
  directory node['apache']['log_dir'] do
-    mode 00755
+    mode '0755'
  end
-  package "perl"
+  package node['apache']['perl_pkg']
-  cookbook_file "/usr/local/bin/apache2_module_conf_generate.pl" do
+  cookbook_file '/usr/local/bin/apache2_module_conf_generate.pl' do
-    source "apache2_module_conf_generate.pl"
+    source 'apache2_module_conf_generate.pl'
-    mode 00755
+    mode   '0755'
-    owner "root"
+    owner  'root'
    group  node['apache']['root_group']
  end
-  %w{sites-available sites-enabled mods-available mods-enabled}.each do |dir|
+  %w[sites-available sites-enabled mods-available mods-enabled].each do |dir|
    directory "#{node['apache']['dir']}/#{dir}" do
-      mode 00755
+      mode  '0755'
-      owner "root"
+      owner 'root'
      group node['apache']['root_group']
    end
  end
-  execute "generate-module-list" do
+  execute 'generate-module-list' do
    command "/usr/local/bin/apache2_module_conf_generate.pl #{node['apache']['lib_dir']} #{node['apache']['dir']}/mods-available"
    action  :nothing
  end
-  %w{a2ensite a2dissite a2enmod a2dismod}.each do |modscript|
+  %w[a2ensite a2dissite a2enmod a2dismod].each do |modscript|
    template "/usr/sbin/#{modscript}" do
      source "#{modscript}.erb"
-      mode 00700
+      mode  '0700'
-      owner "root"
+      owner 'root'
      group node['apache']['root_group']
    end
  end
  # installed by default on centos/rhel, remove in favour of mods-enabled
-  %w{ proxy_ajp auth_pam authz_ldap webalizer ssl welcome }.each do |f|
+  %w[proxy_ajp auth_pam authz_ldap webalizer ssl welcome].each do |f|
    file "#{node['apache']['dir']}/conf.d/#{f}.conf" do
      action :delete
      backup false
@ -94,11 +94,10 @@ if platform_family?("rhel", "fedora", "arch", "suse", "freebsd")
  end
  # enable mod_deflate for consistency across distributions
-  include_recipe "apache2::mod_deflate"
+  include_recipe 'apache2::mod_deflate'
 end
-if platform_family?("freebsd")
+if platform_family?('freebsd')
  file "#{node['apache']['dir']}/Includes/no-accf.conf" do
    action :delete
    backup false
@ -108,105 +107,95 @@ if platform_family?("freebsd")
    action :delete
  end
-  %w{
+  %w[
      httpd-autoindex.conf httpd-dav.conf httpd-default.conf httpd-info.conf
      httpd-languages.conf httpd-manual.conf httpd-mpm.conf
      httpd-multilang-errordoc.conf httpd-ssl.conf httpd-userdir.conf
      httpd-vhosts.conf
-    }.each do |f|
+  ].each do |f|
    file "#{node['apache']['dir']}/extra/#{f}" do
      action :delete
      backup false
    end
  end
  directory "#{node['apache']['dir']}/extra" do
    action :delete
  end
 end
-directory "#{node['apache']['dir']}/ssl" do
+%W[
-  mode 00755
+  #{node['apache']['dir']}/ssl
-  owner "root"
+  #{node['apache']['dir']}/conf.d
-  group node['apache']['root_group']
+  #{node['apache']['cache_dir']}
-end
+].each do |path|
-
+  directory path do
-directory "#{node['apache']['dir']}/conf.d" do
+    mode  '0755'
-  mode 00755
+    owner 'root'
  owner "root"
  group node['apache']['root_group']
 end
 directory node['apache']['cache_dir'] do
  mode 00755
  owner "root"
    group node['apache']['root_group']
  end
 end
 # Set the preferred execution binary - prefork or worker
-template "/etc/sysconfig/httpd" do
+template '/etc/sysconfig/httpd' do
-  source "etc-sysconfig-httpd.erb"
+  source   'etc-sysconfig-httpd.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  mode 00644
+  mode     '0644'
-  notifies :restart, "service[apache2]"
+  notifies :restart, 'service[apache2]'
-  only_if { platform_family?("rhel", "fedora") }
+  only_if  { platform_family?('rhel', 'fedora') }
 end
-template "apache2.conf" do
+template 'apache2.conf' do
  case node['platform_family']
-  when "rhel", "fedora", "arch"
+  when 'rhel', 'fedora', 'arch'
    path "#{node['apache']['dir']}/conf/httpd.conf"
-  when "debian"
+  when 'debian'
    path "#{node['apache']['dir']}/apache2.conf"
-  when "freebsd"
+  when 'freebsd'
    path "#{node['apache']['dir']}/httpd.conf"
  end
-  source "apache2.conf.erb"
+  source   'apache2.conf.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  mode 00644
+  mode     '0644'
-  notifies :restart, "service[apache2]"
+  notifies :restart, 'service[apache2]'
 end
-template "apache2-conf-security" do
+template 'apache2-conf-security' do
-  path "#{node['apache']['dir']}/conf.d/security"
+  path     "#{node['apache']['dir']}/conf.d/security.conf"
-  source "security.erb"
+  source   'security.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  mode 00644
+  mode     '0644'
  backup   false
-  notifies :restart, "service[apache2]"
+  notifies :restart, 'service[apache2]'
 end
-template "apache2-conf-charset" do
+template 'apache2-conf-charset' do
-  path "#{node['apache']['dir']}/conf.d/charset"
+  path      "#{node['apache']['dir']}/conf.d/charset.conf"
-  source "charset.erb"
+  source   'charset.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  mode 00644
+  mode     '0644'
  backup   false
-  notifies :restart, "service[apache2]"
+  notifies :restart, 'service[apache2]'
 end
 template "#{node['apache']['dir']}/ports.conf" do
-  source "ports.conf.erb"
+  source   'ports.conf.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  variables :apache_listen_ports => node['apache']['listen_ports'].map { |p| p.to_i }.uniq
+  mode     '0644'
-  mode 00644
+  notifies :restart, 'service[apache2]'
  notifies :restart, "service[apache2]"
 end
 template "#{node['apache']['dir']}/sites-available/default" do
-  source "default-site.erb"
+  source   'default-site.erb'
-  owner "root"
+  owner    'root'
  group    node['apache']['root_group']
-  mode 00644
+  mode     '0644'
-  notifies :restart, "service[apache2]"
+  notifies :restart, 'service[apache2]'
 end
 node['apache']['default_modules'].each do |mod|
@ -214,10 +203,10 @@ node['apache']['default_modules'].each do |mod|
  include_recipe "apache2::#{module_recipe_name}"
 end
-apache_site "default" do
+apache_site 'default' do
  enable node['apache']['default_site_enabled']
 end
-service "apache2" do
+service 'apache2' do
  action :start
 end
--- a/chef/cookbooks/apache2/recipes/god_monitor.rb
+++ b/chef/cookbooks/apache2/recipes/god_monitor.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: god_monitor
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,7 +17,7 @@
 # limitations under the License.
 #
-apache_service = service "apache2" do
+apache_service = service 'apache2' do
  action :nothing
 end
@ -25,9 +25,9 @@ start_command = apache_service.start_command
 stop_command    = apache_service.stop_command
 restart_command = apache_service.restart_command
-god_monitor "apache2" do
+god_monitor 'apache2' do
-  config "apache2.god.erb"
+  config 'apache2.god.erb'
-  start (start_command)?start_command : "/etc/init.d/#{apache_service.service_name} start"
+  start   start_command   || "/etc/init.d/#{apache_service.service_name} start"
-  restart (restart_command)?restart_command : "/etc/init.d/#{apache_service.service_name} restart"
+  restart restart_command || "/etc/init.d/#{apache_service.service_name} restart"
-  stop (stop_command)?stop_command : "/etc/init.d/#{apache_service.service_name} stop"
+  stop    stop_command    || "/etc/init.d/#{apache_service.service_name} stop"
 end
--- a/chef/cookbooks/apache2/recipes/iptables.rb
+++ b/chef/cookbooks/apache2/recipes/iptables.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: iptables
 #
-# Copyright 2012, Opscode, Inc.
+# Copyright 2012-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-iptables_rule "port_apache"
+iptables_rule 'port_apache'
--- a/chef/cookbooks/apache2/recipes/logrotate.rb
+++ b/chef/cookbooks/apache2/recipes/logrotate.rb
@ -17,14 +17,14 @@
 # limitations under the License.
 #
-apache_service = service "apache2" do
+apache_service = service 'apache2' do
  action :nothing
 end
 begin
  include_recipe 'logrotate'
 rescue
-  Chef::Log.warn("The apache::logrotate recipe requires the logrotate cookbook. Install the cookbook with `knife cookbook site install logrotate`.")
+  Chef::Log.warn('The apache::logrotate recipe requires the logrotate cookbook. Install the cookbook with `knife cookbook site install logrotate`.')
 end
 logrotate_app apache_service.service_name do
  path node['apache']['log_dir']
--- a/chef/cookbooks/apache2/recipes/mod_actions.rb
+++ b/chef/cookbooks/apache2/recipes/mod_actions.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: actions
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "actions"
+apache_module 'actions'
--- a/chef/cookbooks/apache2/recipes/mod_alias.rb
+++ b/chef/cookbooks/apache2/recipes/mod_alias.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: alias
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "alias" do
+apache_module 'alias' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_apreq2.rb
+++ b/chef/cookbooks/apache2/recipes/mod_apreq2.rb
@ -4,7 +4,7 @@
 #
 # modified from the python recipe by Jeremy Bingham
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -19,30 +19,27 @@
 # limitations under the License.
 #
-include_recipe "apache2"
+include_recipe 'apache2::default'
 case node['platform_family']
-when "debian"
+when 'debian'
-
+  package 'libapache2-mod-apreq2'
-  package "libapache2-mod-apreq2"
+when 'rhel', 'fedora'
-
+  package 'libapreq2' do
-when "rhel", "fedora"
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "libapreq2" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
  # seems that the apreq lib is weirdly broken or something - it needs to be
-  # loaded as "apreq", but on RHEL & derivitatives the file needs a symbolic
+  # loaded as 'apreq', but on RHEL & derivitatives the file needs a symbolic
  # link to mod_apreq.so.
-  link "/usr/lib64/httpd/modules/mod_apreq.so" do
+  link '/usr/lib64/httpd/modules/mod_apreq.so' do
-    to "/usr/lib64/httpd/modules/mod_apreq2.so"
+    to      '/usr/lib64/httpd/modules/mod_apreq2.so'
-    only_if "test -f /usr/lib64/httpd/modules/mod_apreq2.so"
+    only_if 'test -f /usr/lib64/httpd/modules/mod_apreq2.so'
  end
-  link "/usr/lib/httpd/modules/mod_apreq.so" do
+  link '/usr/lib/httpd/modules/mod_apreq.so' do
-    to "/usr/lib/httpd/modules/mod_apreq2.so"
+    to      '/usr/lib/httpd/modules/mod_apreq2.so'
-    only_if "test -f /usr/lib/httpd/modules/mod_apreq2.so"
+    only_if 'test -f /usr/lib/httpd/modules/mod_apreq2.so'
  end
 end
@ -51,4 +48,4 @@ file "#{node['apache']['dir']}/conf.d/apreq.conf" do
  backup false
 end
-apache_module "apreq"
+apache_module 'apreq'
--- a/chef/cookbooks/apache2/recipes/mod_auth_basic.rb
+++ b/chef/cookbooks/apache2/recipes/mod_auth_basic.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: auth_basic
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "auth_basic"
+apache_module 'auth_basic'
--- a/chef/cookbooks/apache2/recipes/mod_auth_cas.rb
+++ b/chef/cookbooks/apache2/recipes/mod_auth_cas.rb
@ -1,11 +1,29 @@
-include_recipe "apache2"
+#
 # Cookbook Name:: apache2
 # Recipe:: auth_basic
 #
 # Copyright 2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 include_recipe 'apache2::default'
 if node['apache']['mod_auth_cas']['from_source']
-
+  package 'httpd-devel' do
  package "httpd-devel" do
    package_name value_for_platform_family(
-      ["rhel", "fedora", "suse"] => "httpd-devel",
+      %w[rhel fedora suse] => 'httpd-devel',
-      "debian" => "apache2-dev"
+      'debian' => 'apache2-dev'
    )
  end
@ -25,26 +43,22 @@ if node['apache']['mod_auth_cas']['from_source']
    source 'mods/auth_cas.load.erb'
    owner  'root'
    group  node['apache']['root_group']
-    mode 00644
+    mode   '0644'
  end
 else
  case node['platform_family']
-  when "debian"
+  when 'debian'
    package 'libapache2-mod-auth-cas'
-    package "libapache2-mod-auth-cas"
+  when 'rhel', 'fedora'
-
+    yum_package 'mod_auth_cas' do
-  when "rhel", "fedora"
+      notifies :run, 'execute[generate-module-list]', :immediately
    yum_package "mod_auth_cas" do
      notifies :run, "execute[generate-module-list]", :immediately
    end
    file "#{node['apache']['dir']}/conf.d/auth_cas.conf" do
      action :delete
      backup false
    end
  end
 end
@ -55,5 +69,5 @@ end
 directory "#{node['apache']['cache_dir']}/mod_auth_cas" do
  owner node['apache']['user']
  group node['apache']['group']
-  mode 00700
+  mode  '0700'
 end
--- a/chef/cookbooks/apache2/recipes/mod_auth_digest.rb
+++ b/chef/cookbooks/apache2/recipes/mod_auth_digest.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: auth_digest
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "auth_digest"
+apache_module 'auth_digest'
--- a/chef/cookbooks/apache2/recipes/mod_auth_openid.rb
+++ b/chef/cookbooks/apache2/recipes/mod_auth_openid.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: mod_auth_openid
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,46 +18,44 @@
 #
 openid_dev_pkgs = value_for_platform_family(
-  ["debian"] => %w{automake make g++ apache2-prefork-dev libopkele-dev libopkele3 libtool},
+  'debian'        => %w[automake make g++ apache2-prefork-dev libopkele-dev libopkele3 libtool],
-  ["rhel", "fedora"] => %w{gcc-c++ httpd-devel curl-devel libtidy libtidy-devel sqlite-devel pcre-devel openssl-devel make libtool},
+  %w[rhel fedora] => %w[gcc-c++ httpd-devel curl-devel libtidy libtidy-devel sqlite-devel pcre-devel openssl-devel make libtool],
-  "arch" => ["libopkele"],
+  'arch'          => %w[libopkele],
-  "freebsd" => %w{libopkele pcre sqlite3}
+  'freebsd'       => %w[libopkele pcre sqlite3]
 )
 make_cmd = value_for_platform_family(
-  "freebsd" => { "default" => "gmake" },
+  'freebsd' => { 'default' => 'gmake' },
-  "default" => "make"
+  'default' => 'make'
 )
 case node['platform_family']
-when "arch"
+when 'arch'
  include_recipe 'pacman::default'
  package 'tidyhtml'
  include_recipe "pacman"
  package "tidyhtml"
  pacman_aur openid_dev_pkgs.first do
    action [:build, :install]
  end
 else
  openid_dev_pkgs.each do |pkg|
    package pkg
  end
 end
 case node['platform_family']
-when "rhel", "fedora"
+when 'rhel', 'fedora'
  remote_file "#{Chef::Config['file_cache_path']}/libopkele-2.0.4.tar.gz" do
-    source "http://kin.klever.net/dist/libopkele-2.0.4.tar.gz"
+    source   'http://kin.klever.net/dist/libopkele-2.0.4.tar.gz'
-    mode 00644
+    mode     '0644'
-    checksum "57a5bc753b7e80c5ece1e5968b2051b0ce7ed9ce4329d17122c61575a9ea7648"
+    checksum '57a5bc753b7e80c5ece1e5968b2051b0ce7ed9ce4329d17122c61575a9ea7648'
  end
-  bash "install libopkele" do
+  bash 'install libopkele' do
    cwd Chef::Config['file_cache_path']
    # Ruby 1.8.6 does not have rpartition, unfortunately
-    syslibdir = node['apache']['lib_dir'][0..node['apache']['lib_dir'].rindex("/")]
+    syslibdir = node['apache']['lib_dir'][0..node['apache']['lib_dir'].rindex('/')]
    code <<-EOH
    tar zxvf libopkele-2.0.4.tar.gz
    cd libopkele-2.0.4 && ./configure --prefix=/usr --libdir=#{syslibdir}
@ -72,54 +70,54 @@ configure_flags = node['apache']['mod_auth_openid']['configure_flags']
 remote_file "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}.tar.gz" do
  source node['apache']['mod_auth_openid']['source_url']
-  mode 00644
+  mode   '0644'
  action :create_if_missing
 end
 file "mod_auth_openid_dblocation" do
  path node['apache']['mod_auth_openid']['dblocation']
  action :nothing
 end
 bash "untar mod_auth_openid" do
  cwd Chef::Config['file_cache_path']
  code <<-EOH
  tar zxvf mod_auth_openid-#{version}.tar.gz
  EOH
 end
 bash "compile mod_auth_openid" do
  cwd "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}"
  code <<-EOH
  ./autogen.sh
  ./configure #{configure_flags.join(' ')}
  perl -pi -e "s/-i -a -n 'authopenid'/-i -n 'authopenid'/g" Makefile
  #{make_cmd} && #{make_cmd} install
  EOH
  creates "#{node['apache']['libexecdir']}/mod_auth_openid.so"
  notifies :delete, "file[mod_auth_openid_dblocation]", :immediately
  notifies :restart, "service[apache2]"
 end
 directory node['apache']['mod_auth_openid']['cache_dir'] do
  owner node['apache']['user']
  group node['apache']['group']
-  mode 00700
+  mode  '0700'
 end
-file node['apache']['mod_auth_openid']['dblocation'] do
+bash 'untar mod_auth_openid' do
-  owner node['apache']['user']
+  cwd Chef::Config['file_cache_path']
-  group node['apache']['group']
+  code <<-EOH
-  mode 00644
+  tar zxvf mod_auth_openid-#{version}.tar.gz
  EOH
  creates "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}/src/types.h"
 end
 bash 'compile mod_auth_openid' do
  cwd "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}"
  code <<-EOH
  ./autogen.sh
  ./configure #{configure_flags.join(' ')}
  perl -pi -e "s/-i -a -n 'authopenid'/-i -n 'authopenid'/g" Makefile
  #{make_cmd}
  EOH
  creates "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}/src/.libs/mod_auth_openid.so"
  notifies :run, 'bash[install-mod_auth_openid]', :immediately
  not_if "test -f #{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}/src/.libs/mod_auth_openid.so"
 end
 bash 'install-mod_auth_openid' do
  cwd "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}"
  code <<-EOH
  #{make_cmd} install
  EOH
  creates "#{node['apache']['libexecdir']}/mod_auth_openid.so"
  notifies :restart, 'service[apache2]'
  not_if "test -f #{node['apache']['libexecdir']}/mod_auth_openid.so"
 end
 template "#{node['apache']['dir']}/mods-available/authopenid.load" do
-  source "mods/authopenid.load.erb"
+  source 'mods/authopenid.load.erb'
-  owner "root"
+  owner  'root'
  group  node['apache']['root_group']
-  mode 00644
+  mode   '0644'
 end
-apache_module "authopenid" do
+apache_module 'authopenid' do
-  filename "mod_auth_openid.so"
+  filename 'mod_auth_openid.so'
 end
--- a/chef/cookbooks/apache2/recipes/mod_authn_file.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authn_file.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authn_file
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "authn_file"
+apache_module 'authn_file'
--- a/chef/cookbooks/apache2/recipes/mod_authnz_ldap.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authnz_ldap.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authnz_ldap
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "authnz_ldap"
+apache_module 'authnz_ldap'
--- a/chef/cookbooks/apache2/recipes/mod_authz_default.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authz_default.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authz_default
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,9 +17,4 @@
 # limitations under the License.
 #
-unless %w{debian}.include?(node['platform_family']) && node['platform_version'].to_f >= 14 then
+apache_module 'authz_default'
  print "load authz_default module"
  apache_module "authz_default"
 else
  print "do not load authz_default module"
 end
--- a/chef/cookbooks/apache2/recipes/mod_authz_groupfile.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authz_groupfile.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authz_groupfile
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "authz_groupfile"
+apache_module 'authz_groupfile'
--- a/chef/cookbooks/apache2/recipes/mod_authz_host.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authz_host.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authz_host
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "authz_host"
+apache_module 'authz_host'
--- a/chef/cookbooks/apache2/recipes/mod_authz_user.rb
+++ b/chef/cookbooks/apache2/recipes/mod_authz_user.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: authz_user
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "authz_user"
+apache_module 'authz_user'
--- a/chef/cookbooks/apache2/recipes/mod_autoindex.rb
+++ b/chef/cookbooks/apache2/recipes/mod_autoindex.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: autoindex
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "autoindex" do
+apache_module 'autoindex' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_cgi.rb
+++ b/chef/cookbooks/apache2/recipes/mod_cgi.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: cgi
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "cgi"
+apache_module 'cgi'
--- a/chef/cookbooks/apache2/test/kitchen/cookbooks/apache2_test/recipes/mod_cgi.rb
+++ b/chef/cookbooks/apache2/test/kitchen/cookbooks/apache2_test/recipes/mod_cgi.rb
@ -1,8 +1,8 @@
 #
-# Cookbook Name:: apache2_test
+# Cookbook Name:: apache2
-# Recipe:: mod_cgi
+# Recipe:: cloudflare
 #
-# Copyright 2012, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,19 +17,14 @@
 # limitations under the License.
 #
-include_recipe "apache2::default"
+apt_repository 'cloudflare' do
-include_recipe "apache2::mod_cgi"
+  uri          'http://pkg.cloudflare.com'
-
+  distribution node['lsb']['codename']
-directory node['apache_test']['cgi_dir'] do
+  components   ['main']
-  action :create
+  key          'http://pkg.cloudflare.com/pubkey.gpg'
  action       :add
 end
-file "#{node['apache_test']['cgi_dir']}/env" do
+package 'libapache2-mod-cloudflare' do
-  content %q{
+  notifies :restart, 'service[apache2]'
 #!/bin/bash
 echo -e "Content-type: text/plain\n"
 /usr/bin/env
 }.strip
  mode "0755"
  action :create
 end
--- a/chef/cookbooks/apache2/recipes/mod_dav.rb
+++ b/chef/cookbooks/apache2/recipes/mod_dav.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: dav
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "dav"
+apache_module 'dav'
--- a/chef/cookbooks/apache2/recipes/mod_dav_fs.rb
+++ b/chef/cookbooks/apache2/recipes/mod_dav_fs.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: dav_fs
 #
-# Copyright 2011, Atriso
+# Copyright 2011-2013, Atriso
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,5 +17,5 @@
 # limitations under the License.
 #
-include_recipe "apache2::mod_dav"
+include_recipe 'apache2::mod_dav'
-apache_module "dav_fs"
+apache_module 'dav_fs'
--- a/chef/cookbooks/apache2/recipes/mod_dav_svn.rb
+++ b/chef/cookbooks/apache2/recipes/mod_dav_svn.rb
@ -17,25 +17,23 @@
 # limitations under the License.
 #
-include_recipe "apache2::mod_dav"
+include_recipe 'apache2::mod_dav'
-package "libapache2-svn" do
+package 'libapache2-svn' do
  case node['platform_family']
-  when "rhel", "fedora", "suse"
+  when 'rhel', 'fedora', 'suse'
-    package_name "mod_dav_svn"
+    package_name 'mod_dav_svn'
  else
-    package_name "libapache2-svn"
+    package_name 'libapache2-svn'
  end
 end
 case node['platform_family']
-when "rhel", "fedora", "suse"
+when 'rhel', 'fedora', 'suse'
-
+  file "#{node['apache']['dir']}/conf.d/subversion.conf" do
  file "#{node['apache']['conf']}/conf.d/subversion.conf" do
    action :delete
    backup false
  end
 end
-apache_module "dav_svn"
+apache_module 'dav_svn'
--- a/chef/cookbooks/apache2/recipes/mod_deflate.rb
+++ b/chef/cookbooks/apache2/recipes/mod_deflate.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: deflate
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "deflate" do
+apache_module 'deflate' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_dir.rb
+++ b/chef/cookbooks/apache2/recipes/mod_dir.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: dir
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "dir" do
+apache_module 'dir' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_env.rb
+++ b/chef/cookbooks/apache2/recipes/mod_env.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: env
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "env"
+apache_module 'env'
--- a/chef/cookbooks/apache2/recipes/mod_expires.rb
+++ b/chef/cookbooks/apache2/recipes/mod_expires.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: expires
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "expires"
+apache_module 'expires'
--- a/chef/cookbooks/apache2/recipes/mod_fastcgi.rb
+++ b/chef/cookbooks/apache2/recipes/mod_fastcgi.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: fastcgi
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,10 +17,36 @@
 # limitations under the License.
 #
-if platform_family?("debian")
+if platform_family?('debian')
-  package "libapache2-mod-fastcgi"
+  package 'libapache2-mod-fastcgi'
 elsif platform_family?('rhel')
  %w[gcc make libtool httpd-devel apr-devel apr].each do |package|
    yum_package package do
      action :upgrade
    end
  end
-  apache_module "fastcgi" do
+  src_filepath  = "#{Chef::Config['file_cache_path']}/fastcgi.tar.gz"
-    conf true
+  remote_file 'download fastcgi source' do
    source node['apache']['mod_fastcgi']['download_url']
    path   src_filepath
    backup false
  end
  top_dir = node['apache']['lib_dir']
  bash 'compile fastcgi source' do
    notifies :run, 'execute[generate-module-list]', :immediately
    not_if   "test -f #{node['apache']['dir']}/mods-available/fastcgi.conf"
    cwd      ::File.dirname(src_filepath)
    code <<-EOH
      tar zxf #{::File.basename(src_filepath)} &&
      cd mod_fastcgi-* &&
      cp Makefile.AP2 Makefile &&
      make top_dir=#{top_dir} && make install top_dir=#{top_dir}
    EOH
  end
 end
 apache_module 'fastcgi' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_fcgid.rb
+++ b/chef/cookbooks/apache2/recipes/mod_fcgid.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: fcgid
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,12 +17,11 @@
 # limitations under the License.
 #
-if platform_family?("debian")
+if platform_family?('debian')
-  package "libapache2-mod-fcgid"
+  package 'libapache2-mod-fcgid'
-elsif platform_family?("rhel", "fedora")
+elsif platform_family?('rhel', 'fedora')
-
+  package 'mod_fcgid' do
-  package "mod_fcgid" do
+    notifies :run, 'execute[generate-module-list]', :immediately
    notifies :run, resources(:execute => "generate-module-list"), :immediately
  end
  file "#{node['apache']['dir']}/conf.d/fcgid.conf" do
@ -30,17 +29,16 @@ elsif platform_family?("rhel", "fedora")
    backup false
  end
-  directory "/var/run/httpd/mod_fcgid" do
+  directory '/var/run/httpd/mod_fcgid' do
    recursive true
    only_if { node['platform_version'].to_i >= 6 }
  end
-
+elsif platform_family?('suse')
 elsif platform_family?("suse")
  apache_lib_path = node['apache']['lib_dir']
-  package "httpd-devel"
+  package 'httpd-devel'
-  bash "install-fcgid" do
+  bash 'install-fcgid' do
    code <<-EOH
 (cd #{Chef::Config['file_cache_path']}; wget http://superb-east.dl.sourceforge.net/sourceforge/mod-fcgid/mod_fcgid.2.2.tgz)
 (cd #{Chef::Config['file_cache_path']}; tar zxvf mod_fcgid.2.2.tgz)
@ -50,6 +48,6 @@ EOH
  end
 end
-apache_module "fcgid" do
+apache_module 'fcgid' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_filter.rb
+++ b/chef/cookbooks/apache2/recipes/mod_filter.rb
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "filter"
+apache_module 'filter'
--- a/chef/cookbooks/apache2/recipes/mod_headers.rb
+++ b/chef/cookbooks/apache2/recipes/mod_headers.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: headers
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "headers"
+apache_module 'headers'
--- a/chef/cookbooks/apache2/recipes/mod_include.rb
+++ b/chef/cookbooks/apache2/recipes/mod_include.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: include
 #
-# Copyright 2012, Opscode, Inc.
+# Copyright 2012-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "include" do
+apache_module 'include' do
  conf true
 end
--- a/chef/cookbooks/memcached/test/cookbooks/memcached_test/recipes/default.rb
+++ b/chef/cookbooks/memcached/test/cookbooks/memcached_test/recipes/default.rb
@ -1,6 +1,6 @@
 #
-# Cookbook Name:: memcached_test
+# Cookbook Name:: apache2
-# Recipe:: default
+# Recipe:: info
 #
 # Copyright 2013, Opscode, Inc.
 #
@ -17,4 +17,6 @@
 # limitations under the License.
 #
-include_recipe "memcached::default"
+apache_module 'info' do
  conf true
 end
--- a/chef/cookbooks/apt/test/cookbooks/apt_test/files/default/tests/minitest/cacher-client_test.rb
+++ b/chef/cookbooks/apt/test/cookbooks/apt_test/files/default/tests/minitest/cacher-client_test.rb
@ -1,7 +1,8 @@
 #
-# Cookbook Name:: apt_test
+# Cookbook Name:: apache2
-# Recipe:: cacher-client_test
+# Recipe:: jk
 #
 # Copyright 2013, Mike Babineau <michael.babineau@gmail.com>
 # Copyright 2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@ -17,13 +18,13 @@
 # limitations under the License.
 #
-require File.expand_path('../support/helpers', __FILE__)
+package 'libapache2-mod-jk' do
-
+  case node['platform_family']
-describe "apt_test::cacher-client" do
+  when 'rhel', 'fedora', 'suse'
-  include Helpers::AptTest
+    package_name 'mod_jk'
-
+  else
-  it 'does not create 01proxy' do
+    package_name 'libapache2-mod-jk'
    file('/etc/apt/apt.conf.d/01proxy').wont_exist
  end
 end
 apache_module 'jk'
--- a/chef/cookbooks/apache2/recipes/mod_ldap.rb
+++ b/chef/cookbooks/apache2/recipes/mod_ldap.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: ldap
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "ldap"
+apache_module 'ldap'
--- a/chef/cookbooks/apache2/recipes/mod_log_config.rb
+++ b/chef/cookbooks/apache2/recipes/mod_log_config.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: log_config
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,8 +17,8 @@
 # limitations under the License.
 #
-if platform_family?("rhel", "fedora", "suse", "arch", "freebsd")
+if platform_family?('rhel', 'fedora', 'suse', 'arch', 'freebsd')
-  apache_module "log_config"
+  apache_module 'log_config'
 else
-  include_recipe "apache2"
+  include_recipe 'apache2::default'
 end
--- a/chef/cookbooks/apache2/recipes/mod_logio.rb
+++ b/chef/cookbooks/apache2/recipes/mod_logio.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: logio
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,8 +17,8 @@
 # limitations under the License.
 #
-if platform_family?("rhel", "fedora", "suse", "arch", "freebsd")
+if platform_family?('rhel', 'fedora', 'suse', 'arch', 'freebsd')
-  apache_module "logio"
+  apache_module 'logio'
 else
-  include_recipe "apache2"
+  include_recipe 'apache2::default'
 end
--- a/chef/cookbooks/apache2/recipes/mod_mime.rb
+++ b/chef/cookbooks/apache2/recipes/mod_mime.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: mime
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "mime" do
+apache_module 'mime' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_negotiation.rb
+++ b/chef/cookbooks/apache2/recipes/mod_negotiation.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: negotiation
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "negotiation" do
+apache_module 'negotiation' do
  conf true
 end
--- a/chef/cookbooks/apache2/test/kitchen/cookbooks/apache2_test/recipes/mod_proxy_ajp.rb
+++ b/chef/cookbooks/apache2/test/kitchen/cookbooks/apache2_test/recipes/mod_proxy_ajp.rb
@ -1,8 +1,8 @@
 #
-# Cookbook Name:: apache2_test
+# Cookbook Name:: apache2
-# Recipe:: mod_ajp
+# Recipe:: default
 #
-# Copyright 2012, Opscode, Inc.
+# Copyright 2013, ZOZI
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,28 +17,21 @@
 # limitations under the License.
 #
-include_recipe "apache2::default"
+if platform_family?('debian')
-include_recipe "apache2::mod_proxy"
+  remote_file "#{Chef::Config[:file_cache_path]}/mod-pagespeed.deb" do
-include_recipe "apache2::mod_proxy_ajp"
+    source node['apache2']['mod_pagespeed']['package_link']
    mode '0644'
    action :create_if_missing
  end
-if platform_family?("rhel") && node['platform_version'].to_f < 6.0
+  package 'mod_pagespeed' do
-  include_recipe "jpackage::default"
+    source "#{Chef::Config[:file_cache_path]}/mod-pagespeed.deb"
 end
 include_recipe "tomcat::default"
 if platform?("debian","ubuntu")
  package "tomcat6-examples" do
    action :install
  end
  apache_module 'pagespeed' do
    conf true
  end
 else
-  package "tomcat6-webapps" do
+  Chef::Log.warm "apache::mod_pagespeed does not support #{node["platform_family"]} yet, and is not being installed"
    action :install
  end
 end
 web_app "java_env" do
  template "java_env.conf.erb"
  ajp_host 'localhost'
  ajp_port 8009
 end
--- a/chef/cookbooks/apache2/recipes/mod_perl.rb
+++ b/chef/cookbooks/apache2/recipes/mod_perl.rb
@ -4,7 +4,7 @@
 #
 # adapted from the mod_python recipe by Jeremy Bingham
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -20,20 +20,16 @@
 #
 case node['platform_family']
-when "debian"
+when 'debian'
-  %w{libapache2-mod-perl2 libapache2-request-perl apache2-mpm-prefork}.each do |pkg|
+  %w[libapache2-mod-perl2 libapache2-request-perl apache2-mpm-prefork].each do |pkg|
    package pkg
  end
-when "rhel", "fedora"
+when 'rhel', 'fedora'
-
+  package 'mod_perl' do
-  package "mod_perl" do
+    notifies :run, 'execute[generate-module-list]', :immediately
    notifies :run, "execute[generate-module-list]", :immediately
  end
-  package "perl-libapreq2"
+  package 'perl-libapreq2'
 end
 file "#{node['apache']['dir']}/conf.d/perl.conf" do
@ -41,4 +37,4 @@ file "#{node['apache']['dir']}/conf.d/perl.conf" do
  backup false
 end
-apache_module "perl"
+apache_module 'perl'
--- a/chef/cookbooks/apache2/recipes/mod_php5.rb
+++ b/chef/cookbooks/apache2/recipes/mod_php5.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: php5
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,50 +18,41 @@
 #
 case node['platform_family']
-when "debian"
+when 'debian'
-
+  package 'libapache2-mod-php5'
-  package "libapache2-mod-php5"
+when 'arch'
-
+  package 'php-apache' do
-when "arch"
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "php-apache" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
 when 'rhel'
  package 'which'
-when "rhel"
+  package 'php package' do
  package "which"
  package "php package" do
    if node['platform_version'].to_f < 6.0
-      package_name "php53"
+      package_name 'php53'
    else
-      package_name "php"
+      package_name 'php'
    end
-    notifies :run, "execute[generate-module-list]", :immediately
+    notifies :run, 'execute[generate-module-list]', :immediately
-    not_if "which php"
+    not_if 'which php'
  end
-
+when 'fedora'
-when "fedora"
+  package 'php package' do
-
+    package_name 'php'
-  package "php package" do
+    notifies :run, 'execute[generate-module-list]', :immediately
-    package_name "php"
+    not_if 'which php'
    notifies :run, "execute[generate-module-list]", :immediately
    not_if "which php"
  end
-
+when 'freebsd'
-when "freebsd"
+  freebsd_port_options 'php5' do
-
+    options 'APACHE' => true
  freebsd_port_options "php5" do
    options "APACHE" => true
    action :create
  end
-  package "php package" do
+  package 'php package' do
-    package_name "php5"
+    package_name 'php5'
-    source "ports"
+    source 'ports'
-    notifies :run, "execute[generate-module-list]", :immediately
+    notifies :run, 'execute[generate-module-list]', :immediately
  end
 end
 file "#{node['apache']['dir']}/conf.d/php.conf" do
@ -69,10 +60,10 @@ file "#{node['apache']['dir']}/conf.d/php.conf" do
  backup false
 end
-apache_module "php5" do
+apache_module 'php5' do
  case node['platform_family']
-  when "rhel", "fedora", "freebsd"
+  when 'rhel', 'fedora', 'freebsd'
    conf true
-    filename "libphp5.so"
+    filename 'libphp5.so'
  end
 end
--- a/chef/cookbooks/apache2/recipes/mod_proxy.rb
+++ b/chef/cookbooks/apache2/recipes/mod_proxy.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: proxy
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "proxy" do
+apache_module 'proxy' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_proxy_ajp.rb
+++ b/chef/cookbooks/apache2/recipes/mod_proxy_ajp.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: proxy
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,5 +17,5 @@
 # limitations under the License.
 #
-include_recipe "apache2::mod_proxy"
+include_recipe 'apache2::mod_proxy'
-apache_module "proxy_ajp"
+apache_module 'proxy_ajp'
--- a/chef/cookbooks/apache2/recipes/mod_proxy_balancer.rb
+++ b/chef/cookbooks/apache2/recipes/mod_proxy_balancer.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: proxy
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "proxy_balancer"
+apache_module 'proxy_balancer'
--- a/chef/cookbooks/apache2/recipes/mod_proxy_connect.rb
+++ b/chef/cookbooks/apache2/recipes/mod_proxy_connect.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: proxy
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "proxy_connect"
+apache_module 'proxy_connect'
--- a/chef/cookbooks/apache2/recipes/mod_proxy_http.rb
+++ b/chef/cookbooks/apache2/recipes/mod_proxy_http.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: proxy_http
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "proxy_http"
+apache_module 'proxy_http'
--- a/chef/cookbooks/apache2/recipes/mod_python.rb
+++ b/chef/cookbooks/apache2/recipes/mod_python.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: python
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,14 +18,11 @@
 #
 case node['platform_family']
-when "debian"
+when 'debian'
-
+  package 'libapache2-mod-python'
-  package "libapache2-mod-python"
+when 'rhel', 'fedora'
-
+  package 'mod_python' do
-when "rhel", "fedora"
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "mod_python" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
 end
@ -34,4 +31,4 @@ file "#{node['apache']['dir']}/conf.d/python.conf" do
  backup false
 end
-apache_module "python"
+apache_module 'python'
--- a/chef/cookbooks/apache2/recipes/mod_rewrite.rb
+++ b/chef/cookbooks/apache2/recipes/mod_rewrite.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: rewrite
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-apache_module "rewrite"
+apache_module 'rewrite'
--- a/chef/cookbooks/apache2/recipes/mod_setenvif.rb
+++ b/chef/cookbooks/apache2/recipes/mod_setenvif.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: setenvif
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "setenvif" do
+apache_module 'setenvif' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_ssl.rb
+++ b/chef/cookbooks/apache2/recipes/mod_ssl.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: ssl
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -16,16 +16,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-unless node['apache']['listen_ports'].include?("443")
+unless node['apache']['listen_ports'].include?('443')
-  node.set['apache']['listen_ports'] = node['apache']['listen_ports'] + ["443"]
+  node.set['apache']['listen_ports'] = node['apache']['listen_ports'] + ['443']
 end
-ports = node['apache']['listen_ports']
+if platform_family?('rhel', 'fedora', 'suse')
-
+  package 'mod_ssl' do
-if platform_family?("rhel", "fedora", "suse")
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "mod_ssl" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
  file "#{node['apache']['dir']}/conf.d/ssl.conf" do
@ -35,12 +32,11 @@ if platform_family?("rhel", "fedora", "suse")
 end
 template "#{node['apache']['dir']}/ports.conf" do
-  source "ports.conf.erb"
+  source    'ports.conf.erb'
-  variables :apache_listen_ports => ports.map { |p| p.to_i }.uniq
+  mode      '0644'
-  notifies :restart, "service[apache2]"
+  notifies  :restart, 'service[apache2]'
  mode 00644
 end
-apache_module "ssl" do
+apache_module 'ssl' do
  conf true
 end
--- a/chef/cookbooks/apache2/recipes/mod_status.rb
+++ b/chef/cookbooks/apache2/recipes/mod_status.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: status
 #
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2008-2012, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -17,6 +17,6 @@
 # limitations under the License.
 #
-apache_module "status" do
+apache_module 'status' do
  conf true
 end
--- a/chef/cookbooks/apt/test/cookbooks/apt_test/recipes/cacher-client.rb
+++ b/chef/cookbooks/apt/test/cookbooks/apt_test/recipes/cacher-client.rb
@ -1,6 +1,6 @@
 #
-# Cookbook Name:: apt_test
+# Cookbook Name:: apache2
-# Recipe:: cacher-client
+# Recipe:: mod_userdir
 #
 # Copyright 2013, Opscode, Inc.
 #
@ -17,4 +17,4 @@
 # limitations under the License.
 #
-include_recipe "apt::cacher-client"
+apache_module 'userdir'
--- a/chef/cookbooks/apache2/recipes/mod_wsgi.rb
+++ b/chef/cookbooks/apache2/recipes/mod_wsgi.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: mod_wsgi
 #
-# Copyright 2008-2012, Opscode, Inc.
+# Copyright 2008-2013, Opscode, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,16 +18,12 @@
 #
 case node['platform_family']
-when "debian"
+when 'debian'
-
+  package 'libapache2-mod-wsgi'
-  package "libapache2-mod-wsgi"
+when 'rhel', 'fedora', 'arch'
-
+  package 'mod_wsgi' do
-when "rhel", "fedora", "arch"
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "mod_wsgi" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
 end
 file "#{node['apache']['dir']}/conf.d/wsgi.conf" do
@ -35,4 +31,4 @@ file "#{node['apache']['dir']}/conf.d/wsgi.conf" do
  backup false
 end
-apache_module "wsgi"
+apache_module 'wsgi'
--- a/chef/cookbooks/apache2/recipes/mod_xsendfile.rb
+++ b/chef/cookbooks/apache2/recipes/mod_xsendfile.rb
@ -2,7 +2,7 @@
 # Cookbook Name:: apache2
 # Recipe:: mod_xsendfile
 #
-# Copyright 2011, CustomInk, LLC.
+# Copyright 2011-2013, CustomInk, LLC.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -18,16 +18,12 @@
 #
 case node['platform_family']
-when "debian"
+when 'debian'
-
+  package 'libapache2-mod-xsendfile'
-  package "libapache2-mod-xsendfile"
+when 'rhel', 'fedora'
-
+  package 'mod_xsendfile' do
-when "rhel", "fedora"
+    notifies :run, 'execute[generate-module-list]', :immediately
  package "mod_xsendfile" do
    notifies :run, "execute[generate-module-list]", :immediately
  end
 end
 file "#{node['apache']['dir']}/conf.d/xsendfile.conf" do
@ -35,4 +31,4 @@ file "#{node['apache']['dir']}/conf.d/xsendfile.conf" do
  backup false
 end
-apache_module "xsendfile"
+apache_module 'xsendfile'
--- a/chef/cookbooks/apache2/templates/default/a2enmod.erb
+++ b/chef/cookbooks/apache2/templates/default/a2enmod.erb
@ -14,8 +14,8 @@ else
 fi
 #figure out if we're on a prefork or threaded mpm
-if [ -x /usr/sbin/apache2 ]; then
+if [ -x <%= node['apache']['binary'] %> ]; then
-        PREFORK=`/usr/sbin/apache2 -l | grep prefork || true`
+    PREFORK=`<%= node['apache']['binary'] %> -l | grep prefork || true`
 fi
 if [ -e $SYSCONFDIR/mods-enabled/$MODNAME.load -a -e $SYSCONFDIR/mods-enabled/$MODNAME.conf ]; then
--- a/chef/cookbooks/apache2/templates/default/apache2.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/apache2.conf.erb
@ -8,13 +8,9 @@ ServerRoot "<%= node['apache']['dir'] %>"
 #
 # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
 #
-<% if %w{debian}.include?(node['platform_family']) -%>
+<% if %w[debian].include?(node['platform_family']) -%>
  <% if node['platform_version'].to_f >= 14 -%>
 Mutex file:/var/lock/apache2 default
  <% else %>
 LockFile /var/lock/apache2/accept.lock
-  <% end -%>
+<% elsif %w[freebsd].include?(node['platform_family']) -%>
 <% elsif %w{freebsd}.include?(node['platform_family']) -%>
 LockFile /var/log/accept.lock
 <% else %>
 LockFile logs/accept.lock
@ -24,7 +20,6 @@ LockFile logs/accept.lock
 # PidFile: The file in which the server should record its process
 # identification number when it starts.
 #
 PidFile <%= node['apache']['pid_file'] %>
 #
@ -151,7 +146,7 @@ LogLevel warn
 Include <%= node['apache']['dir'] %>/mods-enabled/*.load
 Include <%= node['apache']['dir'] %>/mods-enabled/*.conf
-<% if %w{freebsd}.include?(node['platform_family']) -%>
+<% if %w[freebsd].include?(node['platform_family']) -%>
 <IfDefine NOHTTPACCEPT>
   AcceptFilter http none
   AcceptFilter https none
@ -237,7 +232,7 @@ LogFormat "%{User-agent}i" agent
 # Include generic snippets of statements
-Include <%= node['apache']['dir'] %>/conf.d/
+Include <%= node['apache']['dir'] %>/conf.d/*.conf
 # Include the virtual host configurations:
 Include <%= node['apache']['dir'] %>/sites-enabled/
--- a/chef/cookbooks/apache2/templates/default/default-site.erb
+++ b/chef/cookbooks/apache2/templates/default/default-site.erb
@ -6,14 +6,12 @@
    Options FollowSymLinks
    AllowOverride None
  </Directory>
  <Directory <%= node['apache']['docroot_dir'] %>/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
-                allow from all
+    Allow from all
                # This directive allows us to have apache2's default start page
                # in /apache2-default/, but still have / go to the right place
                #RedirectMatch ^/$ /apache2-default/
  </Directory>
  ScriptAlias /cgi-bin/ <%= node['apache']['cgibin_dir'] %>/
@ -42,7 +40,7 @@
    Allow from 127.0.0.0/255.0.0.0 ::1/128
  </Directory>
-        <% if %w{ rhel fedora }.include?(node['platform_family']) -%>
+  <% if %w[rhel fedora].include?(node['platform_family']) -%>
  #
  # This configuration file enables the default "Welcome"
  # page if there is no default index page present for
--- a/chef/cookbooks/apache2/templates/default/etc-sysconfig-httpd.erb
+++ b/chef/cookbooks/apache2/templates/default/etc-sysconfig-httpd.erb
@ -28,4 +28,8 @@ HTTPD=<%= node['apache']['binary'] %>
 # specified in httpd.conf (via the PidFile directive), the new
 # location needs to be reported in the PIDFILE.
 #
-#PIDFILE=<%= node['apache']['pid_file'] %>
+PIDFILE=<%= node['apache']['pid_file'] %>
 <% node['apache']['sysconfig_additional_params'].each do |k,v| %>
 <%= "#{k}=#{v}" %>
 <% end %>
--- a/chef/cookbooks/apache2/templates/default/mods/alias.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/alias.conf.erb
@ -1,24 +1,23 @@
 <IfModule alias_module>
-#
+  #
-# Aliases: Add here as many aliases as you need (with no limit). The format is 
+  # Aliases: Add here as many aliases as you need (with no limit). The format is
-# Alias fakename realname
+  # Alias fakename realname
-#
+  #
-# Note that if you include a trailing / on fakename then the server will
+  # Note that if you include a trailing / on fakename then the server will
-# require it to be present in the URL.  So "/icons" isn't aliased in this
+  # require it to be present in the URL.  So "/icons" isn't aliased in this
-# example, only "/icons/".  If the fakename is slash-terminated, then the 
+  # example, only "/icons/".  If the fakename is slash-terminated, then the
-# realname must also be slash terminated, and if the fakename omits the 
+  # realname must also be slash terminated, and if the fakename omits the
-# trailing slash, the realname must also omit it.
+  # trailing slash, the realname must also omit it.
-#
+  #
-# We include the /icons/ alias for FancyIndexed directory listings.  If
+  # We include the /icons/ alias for FancyIndexed directory listings.  If
-# you do not use FancyIndexing, you may comment this out.
+  # you do not use FancyIndexing, you may comment this out.
-#
+  #
-Alias /icons/ "<%= node['apache']['icondir'] %>/"
+  Alias /icons/ "<%= node['apache']['icondir'] %>/"
-<Directory "<%= node['apache']['icondir'] %>">
+  <Directory "<%= node['apache']['icondir'] %>">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
-</Directory>
+  </Directory>
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/autoindex.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/autoindex.conf.erb
@ -1,101 +1,100 @@
 <IfModule mod_autoindex.c>
-#
+  #
-# Directives controlling the display of server-generated directory listings.
+  # Directives controlling the display of server-generated directory listings.
-#
+  #
-#
+  #
-# IndexOptions: Controls the appearance of server-generated directory
+  # IndexOptions: Controls the appearance of server-generated directory
-# listings.
+  # listings.
-# Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
+  # Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
-#
+  #
-IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
+  IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
-#
+  #
-# AddIcon* directives tell the server which icon to show for different
+  # AddIcon* directives tell the server which icon to show for different
-# files or filename extensions.  These are only displayed for
+  # files or filename extensions.  These are only displayed for
-# FancyIndexed directories.
+  # FancyIndexed directories.
-#
+  #
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
+  AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
-AddIconByType (TXT,/icons/text.gif) text/*
+  AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
+  AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
+  AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
+  AddIconByType (VID,/icons/movie.gif) video/*
-AddIcon /icons/binary.gif .bin .exe
+  AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
+  AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
+  AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+  AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+  AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
+  AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
+  AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
+  AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
+  AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
+  AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
+  AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
+  AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
+  AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+  AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
+  AddIcon /icons/tex.gif .tex
-# It's a suffix rule, so simply matching "core" matches "score" as well !
+  # It's a suffix rule, so simply matching "core" matches "score" as well !
-AddIcon /icons/bomb.gif /core
+  AddIcon /icons/bomb.gif /core
-AddIcon (SND,/icons/sound2.gif) .ogg
+  AddIcon (SND,/icons/sound2.gif) .ogg
-AddIcon (VID,/icons/movie.gif) .ogm
+  AddIcon (VID,/icons/movie.gif) .ogm
-AddIcon /icons/back.gif ..
+  AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
+  AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
+  AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
+  AddIcon /icons/blank.gif ^^BLANKICON^^
-# Default icons for OpenDocument format
+  # Default icons for OpenDocument format
-AddIcon /icons/odf6odt-20x22.png .odt
+  AddIcon /icons/odf6odt-20x22.png .odt
-AddIcon /icons/odf6ods-20x22.png .ods
+  AddIcon /icons/odf6ods-20x22.png .ods
-AddIcon /icons/odf6odp-20x22.png .odp
+  AddIcon /icons/odf6odp-20x22.png .odp
-AddIcon /icons/odf6odg-20x22.png .odg
+  AddIcon /icons/odf6odg-20x22.png .odg
-AddIcon /icons/odf6odc-20x22.png .odc
+  AddIcon /icons/odf6odc-20x22.png .odc
-AddIcon /icons/odf6odf-20x22.png .odf
+  AddIcon /icons/odf6odf-20x22.png .odf
-AddIcon /icons/odf6odb-20x22.png .odb
+  AddIcon /icons/odf6odb-20x22.png .odb
-AddIcon /icons/odf6odi-20x22.png .odi
+  AddIcon /icons/odf6odi-20x22.png .odi
-AddIcon /icons/odf6odm-20x22.png .odm
+  AddIcon /icons/odf6odm-20x22.png .odm
-AddIcon /icons/odf6ott-20x22.png .ott
+  AddIcon /icons/odf6ott-20x22.png .ott
-AddIcon /icons/odf6ots-20x22.png .ots
+  AddIcon /icons/odf6ots-20x22.png .ots
-AddIcon /icons/odf6otp-20x22.png .otp
+  AddIcon /icons/odf6otp-20x22.png .otp
-AddIcon /icons/odf6otg-20x22.png .otg
+  AddIcon /icons/odf6otg-20x22.png .otg
-AddIcon /icons/odf6otc-20x22.png .otc
+  AddIcon /icons/odf6otc-20x22.png .otc
-AddIcon /icons/odf6otf-20x22.png .otf
+  AddIcon /icons/odf6otf-20x22.png .otf
-AddIcon /icons/odf6oti-20x22.png .oti
+  AddIcon /icons/odf6oti-20x22.png .oti
-AddIcon /icons/odf6oth-20x22.png .oth
+  AddIcon /icons/odf6oth-20x22.png .oth
-#
+  #
-# DefaultIcon is which icon to show for files which do not have an icon
+  # DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
+  # explicitly set.
-#
+  #
-DefaultIcon /icons/unknown.gif
+  DefaultIcon /icons/unknown.gif
-#
+  #
-# AddDescription allows you to place a short description after a file in
+  # AddDescription allows you to place a short description after a file in
-# server-generated indexes.  These are only displayed for FancyIndexed
+  # server-generated indexes.  These are only displayed for FancyIndexed
-# directories.
+  # directories.
-# Format: AddDescription "description" filename
+  # Format: AddDescription "description" filename
-#
+  #
-#AddDescription "GZIP compressed document" .gz
+  #AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
+  #AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
+  #AddDescription "GZIP compressed tar archive" .tgz
-#
+  #
-# ReadmeName is the name of the README file the server will look for by
+  # ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
+  # default, and append to directory listings.
-#
+  #
-# HeaderName is the name of a file which should be prepended to
+  # HeaderName is the name of a file which should be prepended to
-# directory indexes. 
+  # directory indexes.
-ReadmeName README.html
+  ReadmeName README.html
-HeaderName HEADER.html
+  HeaderName HEADER.html
 #
 # IndexIgnore is a set of filenames which directory indexing should ignore
 # and not include in the listing.  Shell-style wildcarding is permitted.
 #
 IndexIgnore .??* *~ *# RCS CVS *,v *,t 
  #
  # IndexIgnore is a set of filenames which directory indexing should ignore
  # and not include in the listing.  Shell-style wildcarding is permitted.
  #
  IndexIgnore .??* *~ *# RCS CVS *,v *,t
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/dir.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/dir.conf.erb
@ -1,5 +1,3 @@
 <IfModule mod_dir.c>
  DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/fastcgi.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/fastcgi.conf.erb
@ -1,5 +1,5 @@
 <IfModule mod_fastcgi.c>
  AddHandler fastcgi-script .fcgi
  #FastCgiWrapper /usr/lib/apache2/suexec
-  FastCgiIpcDir /var/lib/apache2/fastcgi
+  FastCgiIpcDir <%= "#{node['apache']['lib_dir']}/fastcgi" %>
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/fcgid.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/fcgid.conf.erb
@ -3,7 +3,7 @@
  IPCConnectTimeout 20
 </IfModule>
-<% if %w{ rhel fedora }.include?(node['platform_family']) -%>
+<% if %w[rhel fedora].include?(node['platform_family']) -%>
 # Sane place to put sockets and shared memory file
 SocketPath run/mod_fcgid
 SharememPath run/mod_fcgid/fcgid_shm
--- a/chef/cookbooks/apache2/templates/default/mods/info.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/info.conf.erb
@ -0,0 +1,14 @@
 <IfModule mod_info.c>
  #
  # Allow server info reports generated by mod_info,
  # with the URL of http://servername/server-info
  # Uncomment and change the ".example.com" to allow
  # access from other hosts.
  #
  <Location /server-info>
    SetHandler server-info
    Order deny,allow
    Deny from all
    Allow from <%= node['apache']['info_allow_list'] %>
  </Location>
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/mime.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/mime.conf.erb
@ -1,198 +1,199 @@
 <IfModule mod_mime.c>
  #
  # TypesConfig points to the file containing the list of mappings from
  # filename extension to MIME-type.
  #
  <% case node['platform_family'] -%>
  <% when 'arch' -%>
  TypesConfig <%= node['apache']['dir'] %>/conf/mime.types
  <% when 'freebsd' -%>
  TypesConfig <%= node['apache']['dir'] %>/mime.types
  <% else -%>
  TypesConfig /etc/mime.types
  <% end -%>
-#
+  #
-# TypesConfig points to the file containing the list of mappings from
+  # AddType allows you to add to or override the MIME configuration
-# filename extension to MIME-type.
+  # file mime.types for specific file types.
-#
+  #
-<% case node['platform_family'] -%>
+  #AddType application/x-gzip .tgz
-<% when "arch" -%>
+  #
-TypesConfig <%= node['apache']['dir'] %>/conf/mime.types
+  # AddEncoding allows you to have certain browsers uncompress
-<% when "freebsd" -%>
+  # information on the fly. Note: Not all browsers support this.
-TypesConfig <%= node['apache']['dir'] %>/mime.types
+  # Despite the name similarity, the following Add* directives have
-<% else -%>
+  # nothing to do with the FancyIndexing customization directives above.
-TypesConfig /etc/mime.types
+  #
-<% end -%>
+  #AddEncoding x-compress .Z
  #AddEncoding x-gzip .gz .tgz
  #AddEncoding x-bzip2 .bz2
  #
  # If the AddEncoding directives above are commented-out, then you
  # probably should define those extensions to indicate media types:
  #
  AddType application/x-compress .Z
  AddType application/x-gzip .gz .tgz
  AddType application/x-bzip2 .bz2
-#
+  AddType image/svg+xml svg svgz
-# AddType allows you to add to or override the MIME configuration
+  AddEncoding gzip svgz
 # file mime.types for specific file types.
 #
 #AddType application/x-gzip .tgz
 #
 # AddEncoding allows you to have certain browsers uncompress
 # information on the fly. Note: Not all browsers support this.
 # Despite the name similarity, the following Add* directives have
 # nothing to do with the FancyIndexing customization directives above.
 #
 #AddEncoding x-compress .Z
 #AddEncoding x-gzip .gz .tgz
 #AddEncoding x-bzip2 .bz2
 #
 # If the AddEncoding directives above are commented-out, then you
 # probably should define those extensions to indicate media types:
 #
 AddType application/x-compress .Z
 AddType application/x-gzip .gz .tgz
 AddType application/x-bzip2 .bz2
-#
+  #
-# DefaultLanguage and AddLanguage allows you to specify the language of
+  # DefaultLanguage and AddLanguage allows you to specify the language of
-# a document. You can then use content negotiation to give a browser a
+  # a document. You can then use content negotiation to give a browser a
-# file in a language the user can understand.
+  # file in a language the user can understand.
-#
+  #
-# Specify a default language. This means that all data
+  # Specify a default language. This means that all data
-# going out without a specific language tag (see below) will
+  # going out without a specific language tag (see below) will
-# be marked with this one. You probably do NOT want to set
+  # be marked with this one. You probably do NOT want to set
-# this unless you are sure it is correct for all cases.
+  # this unless you are sure it is correct for all cases.
-#
+  #
-# * It is generally better to not mark a page as
+  # * It is generally better to not mark a page as
-# * being a certain language than marking it with the wrong
+  # * being a certain language than marking it with the wrong
-# * language!
+  # * language!
-#
+  #
-# DefaultLanguage nl
+  # DefaultLanguage nl
-#
+  #
-# Note 1: The suffix does not have to be the same as the language
+  # Note 1: The suffix does not have to be the same as the language
-# keyword --- those with documents in Polish (whose net-standard
+  # keyword --- those with documents in Polish (whose net-standard
-# language code is pl) may wish to use "AddLanguage pl .po" to
+  # language code is pl) may wish to use "AddLanguage pl .po" to
-# avoid the ambiguity with the common suffix for perl scripts.
+  # avoid the ambiguity with the common suffix for perl scripts.
-#
+  #
-# Note 2: The example entries below illustrate that in some cases
+  # Note 2: The example entries below illustrate that in some cases
-# the two character 'Language' abbreviation is not identical to
+  # the two character 'Language' abbreviation is not identical to
-# the two character 'Country' code for its country,
+  # the two character 'Country' code for its country,
-# E.g. 'Danmark/dk' versus 'Danish/da'.
+  # E.g. 'Danmark/dk' versus 'Danish/da'.
-#
+  #
-# Note 3: In the case of 'ltz' we violate the RFC by using a three char
+  # Note 3: In the case of 'ltz' we violate the RFC by using a three char
-# specifier. There is 'work in progress' to fix this and get
+  # specifier. There is 'work in progress' to fix this and get
-# the reference data for rfc1766 cleaned up.
+  # the reference data for rfc1766 cleaned up.
-#
+  #
-# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+  # Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+  # English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+  # Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+  # Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-# Norwegian (no) - Polish (pl) - Portugese (pt)
+  # Norwegian (no) - Polish (pl) - Portugese (pt)
-# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+  # Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
+  # Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
-#
+  #
-AddLanguage ca .ca
+  AddLanguage ca .ca
-AddLanguage cs .cz .cs
+  AddLanguage cs .cz .cs
-AddLanguage da .dk
+  AddLanguage da .dk
-AddLanguage de .de
+  AddLanguage de .de
-AddLanguage el .el
+  AddLanguage el .el
-AddLanguage en .en
+  AddLanguage en .en
-AddLanguage eo .eo
+  AddLanguage eo .eo
-# See README.Debian for Spanish
+  # See README.Debian for Spanish
-AddLanguage es .es
+  AddLanguage es .es
-AddLanguage et .et
+  AddLanguage et .et
-AddLanguage fr .fr
+  AddLanguage fr .fr
-AddLanguage he .he
+  AddLanguage he .he
-AddLanguage hr .hr
+  AddLanguage hr .hr
-AddLanguage it .it
+  AddLanguage it .it
-AddLanguage ja .ja
+  AddLanguage ja .ja
-AddLanguage ko .ko
+  AddLanguage ko .ko
-AddLanguage ltz .ltz
+  AddLanguage ltz .ltz
-AddLanguage nl .nl
+  AddLanguage nl .nl
-AddLanguage nn .nn
+  AddLanguage nn .nn
-AddLanguage no .no
+  AddLanguage no .no
-AddLanguage pl .po
+  AddLanguage pl .po
-AddLanguage pt .pt
+  AddLanguage pt .pt
-AddLanguage pt-BR .pt-br
+  AddLanguage pt-BR .pt-br
-AddLanguage ru .ru
+  AddLanguage ru .ru
-AddLanguage sv .sv
+  AddLanguage sv .sv
-# See README.Debian for Turkish
+  # See README.Debian for Turkish
-AddLanguage tr .tr
+  AddLanguage tr .tr
-AddLanguage zh-CN .zh-cn
+  AddLanguage zh-CN .zh-cn
-AddLanguage zh-TW .zh-tw
+  AddLanguage zh-TW .zh-tw
-#
+  #
-# Commonly used filename extensions to character sets. You probably
+  # Commonly used filename extensions to character sets. You probably
-# want to avoid clashes with the language extensions, unless you
+  # want to avoid clashes with the language extensions, unless you
-# are good at carefully testing your setup after each change.
+  # are good at carefully testing your setup after each change.
-# See http://www.iana.org/assignments/character-sets for the
+  # See http://www.iana.org/assignments/character-sets for the
-# official list of charset names and their respective RFCs.
+  # official list of charset names and their respective RFCs.
-#
+  #
-AddCharset us-ascii    .ascii .us-ascii
+  AddCharset us-ascii    .ascii .us-ascii
-AddCharset ISO-8859-1  .iso8859-1  .latin1
+  AddCharset ISO-8859-1  .iso8859-1  .latin1
-AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
+  AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
-AddCharset ISO-8859-3  .iso8859-3  .latin3
+  AddCharset ISO-8859-3  .iso8859-3  .latin3
-AddCharset ISO-8859-4  .iso8859-4  .latin4
+  AddCharset ISO-8859-4  .iso8859-4  .latin4
-AddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru
+  AddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru
-AddCharset ISO-8859-6  .iso8859-6  .arb .arabic
+  AddCharset ISO-8859-6  .iso8859-6  .arb .arabic
-AddCharset ISO-8859-7  .iso8859-7  .grk .greek
+  AddCharset ISO-8859-7  .iso8859-7  .grk .greek
-AddCharset ISO-8859-8  .iso8859-8  .heb .hebrew
+  AddCharset ISO-8859-8  .iso8859-8  .heb .hebrew
-AddCharset ISO-8859-9  .iso8859-9  .latin5 .trk
+  AddCharset ISO-8859-9  .iso8859-9  .latin5 .trk
-AddCharset ISO-8859-10  .iso8859-10  .latin6
+  AddCharset ISO-8859-10  .iso8859-10  .latin6
-AddCharset ISO-8859-13  .iso8859-13
+  AddCharset ISO-8859-13  .iso8859-13
-AddCharset ISO-8859-14  .iso8859-14  .latin8
+  AddCharset ISO-8859-14  .iso8859-14  .latin8
-AddCharset ISO-8859-15  .iso8859-15  .latin9
+  AddCharset ISO-8859-15  .iso8859-15  .latin9
-AddCharset ISO-8859-16  .iso8859-16  .latin10
+  AddCharset ISO-8859-16  .iso8859-16  .latin10
-AddCharset ISO-2022-JP .iso2022-jp .jis
+  AddCharset ISO-2022-JP .iso2022-jp .jis
-AddCharset ISO-2022-KR .iso2022-kr .kis
+  AddCharset ISO-2022-KR .iso2022-kr .kis
-AddCharset ISO-2022-CN .iso2022-cn .cis
+  AddCharset ISO-2022-CN .iso2022-cn .cis
-AddCharset Big5        .Big5       .big5 .b5
+  AddCharset Big5        .Big5       .big5 .b5
-AddCharset cn-Big5     .cn-big5
+  AddCharset cn-Big5     .cn-big5
-# For russian, more than one charset is used (depends on client, mostly):
+  # For russian, more than one charset is used (depends on client, mostly):
-AddCharset WINDOWS-1251 .cp-1251   .win-1251
+  AddCharset WINDOWS-1251 .cp-1251   .win-1251
-AddCharset CP866       .cp866
+  AddCharset CP866       .cp866
-AddCharset KOI8      .koi8
+  AddCharset KOI8      .koi8
-AddCharset KOI8-E      .koi8-e
+  AddCharset KOI8-E      .koi8-e
-AddCharset KOI8-r      .koi8-r .koi8-ru
+  AddCharset KOI8-r      .koi8-r .koi8-ru
-AddCharset KOI8-U      .koi8-u
+  AddCharset KOI8-U      .koi8-u
-AddCharset KOI8-ru     .koi8-uk .ua
+  AddCharset KOI8-ru     .koi8-uk .ua
-AddCharset ISO-10646-UCS-2 .ucs2
+  AddCharset ISO-10646-UCS-2 .ucs2
-AddCharset ISO-10646-UCS-4 .ucs4
+  AddCharset ISO-10646-UCS-4 .ucs4
-AddCharset UTF-7       .utf7
+  AddCharset UTF-7       .utf7
-AddCharset UTF-8       .utf8
+  AddCharset UTF-8       .utf8
-AddCharset UTF-16      .utf16
+  AddCharset UTF-16      .utf16
-AddCharset UTF-16BE    .utf16be
+  AddCharset UTF-16BE    .utf16be
-AddCharset UTF-16LE    .utf16le
+  AddCharset UTF-16LE    .utf16le
-AddCharset UTF-32      .utf32
+  AddCharset UTF-32      .utf32
-AddCharset UTF-32BE    .utf32be
+  AddCharset UTF-32BE    .utf32be
-AddCharset UTF-32LE    .utf32le
+  AddCharset UTF-32LE    .utf32le
-AddCharset euc-cn      .euc-cn
+  AddCharset euc-cn      .euc-cn
-AddCharset euc-gb      .euc-gb
+  AddCharset euc-gb      .euc-gb
-AddCharset euc-jp      .euc-jp
+  AddCharset euc-jp      .euc-jp
-AddCharset euc-kr      .euc-kr
+  AddCharset euc-kr      .euc-kr
-#Not sure how euc-tw got in - IANA doesn't list it???
+  #Not sure how euc-tw got in - IANA doesn't list it???
-AddCharset EUC-TW      .euc-tw
+  AddCharset EUC-TW      .euc-tw
-AddCharset gb2312      .gb2312 .gb
+  AddCharset gb2312      .gb2312 .gb
-AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+  AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
-AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+  AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
-AddCharset shift_jis   .shift_jis .sjis
+  AddCharset shift_jis   .shift_jis .sjis
-#
+  #
-# AddHandler allows you to map certain file extensions to "handlers":
+  # AddHandler allows you to map certain file extensions to "handlers":
-# actions unrelated to filetype. These can be either built into the server
+  # actions unrelated to filetype. These can be either built into the server
-# or added with the Action directive (see below)
+  # or added with the Action directive (see below)
-#
+  #
-# To use CGI scripts outside of ScriptAliased directories:
+  # To use CGI scripts outside of ScriptAliased directories:
-# (You will also need to add "ExecCGI" to the "Options" directive.)
+  # (You will also need to add "ExecCGI" to the "Options" directive.)
-#
+  #
-#AddHandler cgi-script .cgi
+  #AddHandler cgi-script .cgi
-#
+  #
-# For files that include their own HTTP headers:
+  # For files that include their own HTTP headers:
-#
+  #
-#AddHandler send-as-is asis
+  #AddHandler send-as-is asis
-#
+  #
-# For server-parsed imagemap files:
+  # For server-parsed imagemap files:
-#
+  #
-#AddHandler imap-file map
+  #AddHandler imap-file map
-#
+  #
-# For type maps (negotiated resources):
+  # For type maps (negotiated resources):
-# (This is enabled by default to allow the Apache "It Worked" page
+  # (This is enabled by default to allow the Apache "It Worked" page
-#  to be distributed in multiple languages.)
+  #  to be distributed in multiple languages.)
-#
+  #
-AddHandler type-map var
+  AddHandler type-map var
 #
 # Filters allow you to process content before it is sent to the client.
 #
 # To parse .shtml files for server-side includes (SSI):
 # (You will also need to add "Includes" to the "Options" directive.)
 #
 AddType text/html .shtml
 AddOutputFilter INCLUDES .shtml
  #
  # Filters allow you to process content before it is sent to the client.
  #
  # To parse .shtml files for server-side includes (SSI):
  # (You will also need to add "Includes" to the "Options" directive.)
  #
  AddType text/html .shtml
  AddOutputFilter INCLUDES .shtml
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/negotiation.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/negotiation.conf.erb
@ -1,18 +1,17 @@
 <IfModule mod_negotiation.c>
-#
+  #
-# LanguagePriority allows you to give precedence to some languages
+  # LanguagePriority allows you to give precedence to some languages
-# in case of a tie during content negotiation.
+  # in case of a tie during content negotiation.
-#
+  #
-# Just list the languages in decreasing order of preference. We have
+  # Just list the languages in decreasing order of preference. We have
-# more or less alphabetized them here. You probably want to change this.
+  # more or less alphabetized them here. You probably want to change this.
-#
+  #
-LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
+  LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
 #
 # ForceLanguagePriority allows you to serve a result page rather than
 # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
 # [in case no accepted languages matched the available variants]
 #
 ForceLanguagePriority Prefer Fallback
  #
  # ForceLanguagePriority allows you to serve a result page rather than
  # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
  # [in case no accepted languages matched the available variants]
  #
  ForceLanguagePriority Prefer Fallback
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/pagespeed.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/pagespeed.conf.erb
@ -0,0 +1,293 @@
 <IfModule pagespeed_module>
    # Turn on mod_pagespeed. To completely disable mod_pagespeed, you
    # can set this to "off".
    ModPagespeed on
    # We want VHosts to inherit global configuration.
    # If this is not included, they'll be independent (except for inherently
    # global options), at least for backwards compatibility.
    ModPagespeedInheritVHostConfig on
    # Direct Apache to send all HTML output to the mod_pagespeed
    # output handler.
    AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html
    # If you want mod_pagespeed process XHTML as well, please uncomment this
    # line.
    # AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER application/xhtml+xml
    # The ModPagespeedFileCachePath directory must exist and be writable
    # by the apache user (as specified by the User directive).
    ModPagespeedFileCachePath            "/var/cache/mod_pagespeed/"
    # Override the mod_pagespeed 'rewrite level'. The default level
    # "CoreFilters" uses a set of rewrite filters that are generally
    # safe for most web pages. Most sites should not need to change
    # this value and can instead fine-tune the configuration using the
    # ModPagespeedDisableFilters and ModPagespeedEnableFilters
    # directives, below. Valid values for ModPagespeedRewriteLevel are
    # PassThrough, CoreFilters and TestingCoreFilters.
    #
    # ModPagespeedRewriteLevel PassThrough
    # Explicitly disables specific filters. This is useful in
    # conjuction with ModPagespeedRewriteLevel. For instance, if one
    # of the filters in the CoreFilters needs to be disabled for a
    # site, that filter can be added to
    # ModPagespeedDisableFilters. This directive contains a
    # comma-separated list of filter names, and can be repeated.
    #
    # ModPagespeedDisableFilters rewrite_images
    # Explicitly enables specific filters. This is useful in
    # conjuction with ModPagespeedRewriteLevel. For instance, filters
    # not included in the CoreFilters may be enabled using this
    # directive. This directive contains a comma-separated list of
    # filter names, and can be repeated.
    #
    # ModPagespeedEnableFilters rewrite_javascript,rewrite_css
    # ModPagespeedEnableFilters collapse_whitespace,elide_attributes
    # ModPagespeedDomain
    # authorizes rewriting of JS, CSS, and Image files found in this
    # domain. By default only resources with the same origin as the
    # HTML file are rewritten. For example:
    #
    #   ModPagespeedDomain cdn.myhost.com
    #
    # This will allow resources found on http://cdn.myhost.com to be
    # rewritten in addition to those in the same domain as the HTML.
    #
    # Wildcards (* and ?) are allowed in the domain specification. Be
    # careful when using them as if you rewrite domains that do not
    # send you traffic, then the site receiving the traffic will not
    # know how to serve the rewritten content.
    # Other defaults (cache sizes and thresholds):
    #
    # ModPagespeedFileCacheSizeKb          102400
    # ModPagespeedFileCacheCleanIntervalMs 3600000
    # ModPagespeedLRUCacheKbPerProcess     1024
    # ModPagespeedLRUCacheByteLimit        16384
    # ModPagespeedCssFlattenMaxBytes       2048
    # ModPagespeedCssInlineMaxBytes        2048
    # ModPagespeedCssImageInlineMaxBytes   2048
    # ModPagespeedImageInlineMaxBytes      2048
    # ModPagespeedJsInlineMaxBytes         2048
    # ModPagespeedCssOutlineMinBytes       3000
    # ModPagespeedJsOutlineMinBytes        3000
    # Limit the number of inodes in the file cache. Set to 0 for no limit.
    # The default value if this paramater is not specified is 0 (no limit).
    ModPagespeedFileCacheInodeLimit        500000
    # Bound the number of images that can be rewritten at any one time; this
    # avoids overloading the CPU.  Set this to 0 to remove the bound.
    #
    # ModPagespeedImageMaxRewritesAtOnce      8
    # You can also customize the number of threads per Apache process
    # mod_pagespeed will use to do resource optimization. Plain
    # "rewrite threads" are used to do short, latency-sensitive work,
    # while "expensive rewrite threads" are used for actual optimization
    # work that's more computationally expensive. If you live these unset,
    # or use values <= 0 the defaults will be used, which is 1 for both
    # values when using non-threaded MPMs (e.g. prefork) and 4 for both
    # on threaded MPMs (e.g. worker and event). These settings can only
    # be changed globally, and not per virtual host.
    #
    # ModPagespeedNumRewriteThreads 4
    # ModPagespeedNumExpensiveRewriteThreads 4
    # Settings for image optimization:
    #
    # Jpeg recompression quality (0 to 100, -1 strips metadata):
    # ModPagespeedJpegRecompressionQuality -1
    #
    # Percent of original image size below which optimized images are retained:
    # ModPagespeedImageLimitOptimizedPercent 100
    #
    # Percent of original image area below which image resizing will be
    # attempted:
    # ModPagespeedImageLimitResizeAreaPercent 100
    # When Apache is set up as a browser proxy, mod_pagespeed can record
    # web-sites as they are requested, so that an image of the web is built up
    # in the directory of the proxy administrator's choosing.  When ReadOnly is
    # on, only files already present in the SlurpDirectory are served by the
    # proxy.
    #
    # ModPagespeedSlurpDirectory ...
    # ModPagespeedSlurpReadOnly on
    # The maximum URL size is generally limited to about 2k characters
    # due to IE: See http://support.microsoft.com/kb/208427/EN-US.
    # Apache servers by default impose a further limitation of about
    # 250 characters per URL segment (text between slashes).
    # mod_pagespeed circumvents this limitation, but if you employ
    # proxy servers in your path you may need to re-impose it by
    # overriding the setting here.  The default setting is 1024
    # characters.
    #
    # ModPagespeedMaxSegmentLength 250
    # Uncomment this if you want to prevent mod_pagespeed from combining files
    # (e.g. CSS files) across paths
    #
    # ModPagespeedCombineAcrossPaths off
    # Renaming JavaScript URLs can sometimes break them.  With this
    # option enabled, mod_pagespeed uses a simple heuristic to decide
    # not to rename JavaScript that it thinks is introspective.
    #
    # You can turn this off to let mod_pagespeed rename all JS files.
    ModPagespeedAvoidRenamingIntrospectiveJavascript on
    # Certain common JavaScript libraries are available from Google, which acts
    # as a CDN and allows you to benefit from browser caching if a new visitor
    # to your site previously visited another site that makes use of the same
    # libraries as you do.  Enable the following filter to turn on this feature.
    #
    # ModPagespeedEnableFilters canonicalize_javascript_libraries
    # The following lines configure libraries that are recognized by
    # canonicalize_javascript_libraries.  These will have no effect unless you
    # enable this filter (generally by uncommenting the last line in the
    # previous stanza).  It simply provides a sensible default configuration
    # when the filter is switched on.
    # The format is:
    #    ModPagespeedLibrary bytes md5 canonical_url
    # Where bytes and md5 are with respect to the *minified* JS; use
    # js_minify --print_size_and_hash to obtain this data.
    # Note that we can register multiple hashes for the same canonical url;
    # we do this if there are versions available that have already been minified
    # with more sophisticated tools.
    ModPagespeedLibrary 105527 ltVVzzYxo0 //ajax.googleapis.com/ajax/libs/prototype/1.6.1.0/prototype.js
    ModPagespeedLibrary 92501 J8KF47pYOq //ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
    ModPagespeedLibrary 141547 GKjMUuF4PK //ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js
    ModPagespeedLibrary 43 1o978_K0_L http://www.modpagespeed.com/rewrite_javascript.js
    # Explicitly tell mod_pagespeed to load some resources from disk.
    # This will speed up load time and update frequency.
    #
    # This should only be used for static resources which do not need
    # specific headers set or other processing by Apache.
    #
    # Both URL and filesystem path should specify directories and
    # filesystem path must be absolute (for now).
    #
    # ModPagespeedLoadFromFile "http://example.com/static/" "/var/www/static/"
    # Enables server-side instrumentation and statistics.  If this rewriter is
    # enabled, then each rewritten HTML page will have instrumentation javacript
    # added that sends latency beacons to /mod_pagespeed_beacon.  These
    # statistics can be accessed at /mod_pagespeed_statistics.  You must also
    # enable the mod_pagespeed_statistics and mod_pagespeed_beacon handlers
    # below.
    #
    # ModPagespeedEnableFilters add_instrumentation
    # The add_instrumentation filter sends a beacon after the page onload
    # handler is called. The user might navigate to a new URL before this. If
    # you enable the following directive, the beacon is sent as part of an
    # onbeforeunload handler, for pages where navigation happens before the
    # onload event.
    #
    # ModPagespeedReportUnloadTime on
    # Uncomment the following line so that ModPagespeed will not cache or
    # rewrite resources with Vary: in the header, e.g. Vary: User-Agent.
    # ModPagespeedRespectVary on
    # This handles the client-side instrumentation callbacks which are injected
    # by the add_instrumentation filter.
    # You can use a different location by adding the ModPagespeedBeaconUrl
    # directive; see the documentation on add_instrumentation.
    <Location /mod_pagespeed_beacon>
          SetHandler mod_pagespeed_beacon
    </Location>
    # Uncomment the following line if you want to disable statistics entirely.
    #
    # ModPagespeedStatistics off
    # This page lets you view statistics about the mod_pagespeed module.
    <Location /mod_pagespeed_statistics>
        Order allow,deny
        # You may insert other "Allow from" lines to add hosts you want to
        # allow to look at generated statistics.  Another possibility is
        # to comment out the "Order" and "Allow" options from the config
        # file, to allow any client that can reach your server to examine
        # statistics.  This might be appropriate in an experimental setup or
        # if the Apache server is protected by a reverse proxy that will
        # filter URLs in some fashion.
        Allow from localhost
        Allow from 127.0.0.1
        SetHandler mod_pagespeed_statistics
    </Location>
    # Uncomment the following line if you want to enable statistics logging.
    # ModPagespeedStatistics is required to be enabled.
    #
    # ModPagespeedStatisticsLogging on
    #
    # The base filename to use to store logged statistics.
    # Required if logging is enabled.
    #
    # ModPagespeedStatisticsLoggingFile "@@MOD_PAGESPEED_STATS_LOG@@"
    #
    # The interval at which statistics will be logged, in milliseconds.
    # Optional; default is 3000.
    #
    # ModPagespeedStatisticsLoggingIntervalMs 3000
    # If both of the below are set, the console will use offline copies of the
    # files needed for the Google Chart Tools API rather than connecting to the
    # Internet to obtain them. This is experimental, as the only supported
    # loading mechanism for the Chart Tools API requires an Internet connexion.
    #
    # Where to find an offline copy of the CSS file required for the Google
    # Chart Tools API. At the time of writing, the Google Chart Tools API CSS
    # file can be found at:
    # https://ajax.googleapis.com/ajax/static/modules/gviz/1.0/core/tooltip.css
    #
    # ModPagespeedStatisticsLoggingChartsCSS http://example.com/charts.css
    #
    # Where to find an offline copy of the JS file required for the Google
    # Chart Tools API. At the time of writing, the Google Chart Tools API JS
    # file can be found at:
    # https://www.google.com/uds/api/visualization/1.0/d7d36793f7a886b687850d2813583db9/format+en,default,corechart.I.js
    #
    # ModPagespeedStatisticsLoggingChartsJS http://example.com/charts.js
    # This page lets you view a graphical console displaying statistics about
    # the mod_pagespeed module.
    <Location /mod_pagespeed_console>
        Order allow,deny
        # This can be configured similarly to mod_pagespeed_statistics above.
        Allow from localhost
        Allow from 127.0.0.1
        SetHandler mod_pagespeed_console
    </Location>
    # Page /mod_pagespeed_message lets you view the latest messages from
    # mod_pagespeed, regardless of log-level in your httpd.conf
    # ModPagespeedMessageBufferSize is the maximum number of bytes you would
    # like to dump to your /mod_pagespeed_message page at one time,
    # its default value is 100k bytes.
    # Set it to 0 if you want to disable this feature.
    ModPagespeedMessageBufferSize 100000
    <Location /mod_pagespeed_message>
        Allow from localhost
        Allow from 127.0.0.1
        SetHandler mod_pagespeed_message
    </Location>
    <Location /mod_pagespeed_referer_statistics>
        Allow from localhost
        Allow from 127.0.0.1
        SetHandler mod_pagespeed_referer_statistics
    </Location>
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/proxy.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/proxy.conf.erb
@ -6,9 +6,9 @@
  <Proxy *>
    AddDefaultCharset off
-                Order deny,allow
+    Order <%= node['apache']['proxy']['order'] %>
-                Deny from all
+    Deny from <%= node['apache']['proxy']['deny_from'] %>
-                #Allow from .example.com
+    Allow from <%= node['apache']['proxy']['allow_from'] %>
  </Proxy>
  # Enable/disable the handling of HTTP/1.1 "Via:" headers.
--- a/chef/cookbooks/apache2/templates/default/mods/setenvif.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/setenvif.conf.erb
@ -1,28 +1,26 @@
 <IfModule mod_setenvif.c>
  #
  # The following directives modify normal HTTP response behavior to
  # handle known problems with browser implementations.
  #
  BrowserMatch "Mozilla/2" nokeepalive
  BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
  BrowserMatch "RealPlayer 4\.0" force-response-1.0
  BrowserMatch "Java/1\.0" force-response-1.0
  BrowserMatch "JDK/1\.0" force-response-1.0
-#
+  #
-# The following directives modify normal HTTP response behavior to
+  # The following directive disables redirects on non-GET requests for
-# handle known problems with browser implementations.
+  # a directory that does not include the trailing slash.  This fixes a
-#
+  # problem with Microsoft WebFolders which does not appropriately handle
-BrowserMatch "Mozilla/2" nokeepalive
+  # redirects for folders with DAV methods.
-BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+  # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
-BrowserMatch "RealPlayer 4\.0" force-response-1.0
+  #
-BrowserMatch "Java/1\.0" force-response-1.0
+  BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-BrowserMatch "JDK/1\.0" force-response-1.0
+  BrowserMatch "MS FrontPage" redirect-carefully
-
+  BrowserMatch "^WebDrive" redirect-carefully
-#
+  BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
-# The following directive disables redirects on non-GET requests for
+  BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-# a directory that does not include the trailing slash.  This fixes a 
+  BrowserMatch "^XML Spy" redirect-carefully
-# problem with Microsoft WebFolders which does not appropriately handle 
+  BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
 # redirects for folders with DAV methods.
 # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
 #
 BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
 BrowserMatch "MS FrontPage" redirect-carefully
 BrowserMatch "^WebDrive" redirect-carefully
 BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
 BrowserMatch "^gnome-vfs/1.0" redirect-carefully
 BrowserMatch "^XML Spy" redirect-carefully
 BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
 </IfModule>
--- a/chef/cookbooks/apache2/templates/default/mods/ssl.conf.erb
+++ b/chef/cookbooks/apache2/templates/default/mods/ssl.conf.erb
@ -1,83 +1,76 @@
 <IfModule mod_ssl.c>
-#
+  #
-# Pseudo Random Number Generator (PRNG):
+  # Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the SSL library.
+  # Configure one or more sources to seed the PRNG of the SSL library.
-# The seed data should be of good random quality.
+  # The seed data should be of good random quality.
-# WARNING! On some platforms /dev/random blocks if not enough entropy
+  # WARNING! On some platforms /dev/random blocks if not enough entropy
-# is available. This means you then cannot use the /dev/random device
+  # is available. This means you then cannot use the /dev/random device
-# because it would lead to very long connection times (as long as
+  # because it would lead to very long connection times (as long as
-# it requires to make more entropy available). But usually those
+  # it requires to make more entropy available). But usually those
-# platforms additionally provide a /dev/urandom device which doesn't
+  # platforms additionally provide a /dev/urandom device which doesn't
-# block. So, if available, use this one instead. Read the mod_ssl User
+  # block. So, if available, use this one instead. Read the mod_ssl User
-# Manual for more details.
+  # Manual for more details.
-#
+  #
-SSLRandomSeed startup builtin
+  SSLRandomSeed startup builtin
-SSLRandomSeed startup file:/dev/urandom 512
+  SSLRandomSeed startup file:/dev/urandom 512
-SSLRandomSeed connect builtin
+  SSLRandomSeed connect builtin
-SSLRandomSeed connect file:/dev/urandom 512
+  SSLRandomSeed connect file:/dev/urandom 512
-##
+  ##
-##  SSL Global Context
+  ##  SSL Global Context
-##
+  ##
-##  All SSL configuration in this context applies both to
+  ##  All SSL configuration in this context applies both to
-##  the main server and all SSL-enabled virtual hosts.
+  ##  the main server and all SSL-enabled virtual hosts.
-##
+  ##
-#
+  #
-#   Some MIME-types for downloading Certificates and CRLs
+  #   Some MIME-types for downloading Certificates and CRLs
-#
+  #
-AddType application/x-x509-ca-cert .crt
+  AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl    .crl
+  AddType application/x-pkcs7-crl    .crl
-#   Pass Phrase Dialog:
+  #   Pass Phrase Dialog:
-#   Configure the pass phrase gathering process.
+  #   Configure the pass phrase gathering process.
-#   The filtering dialog program (`builtin' is a internal
+  #   The filtering dialog program (`builtin' is a internal
-#   terminal dialog) has to provide the pass phrase on stdout.
+  #   terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog  builtin
+  SSLPassPhraseDialog  builtin
-#   Inter-Process Session Cache:
+  #   Inter-Process Session Cache:
-#   Configure the SSL Session Cache: First the mechanism
+  #   Configure the SSL Session Cache: First the mechanism
-#   to use and second the expiring timeout (in seconds).
+  #   to use and second the expiring timeout (in seconds).
-#SSLSessionCache         dbm:/var/run/apache2/ssl_scache
+  #SSLSessionCache         dbm:/var/run/apache2/ssl_scache
-<% if %w{ rhel fedora suse }.include?(node['platform_family']) -%>
+  <% if %w[rhel fedora suse].include?(node['platform_family']) -%>
-SSLSessionCache        shmcb:/var/cache/mod_ssl/scache(512000)
+  SSLSessionCache        shmcb:/var/cache/mod_ssl/scache(512000)
-<% elsif %w{ freebsd }.include?(node['platform_family']) -%>
+  <% elsif %w[freebsd].include?(node['platform_family']) -%>
-SSLSessionCache        shmcb:/var/run/ssl_scache(512000)
+  SSLSessionCache        shmcb:/var/run/ssl_scache(512000)
-<% else -%>
+  <% else -%>
-SSLSessionCache        shmcb:/var/run/apache2/ssl_scache
+  SSLSessionCache        shmcb:/var/run/apache2/ssl_scache
 <% end -%>
 SSLSessionCacheTimeout  300
 #   Semaphore:
 #   Configure the path to the mutual exclusion semaphore the
 #   SSL engine uses internally for inter-process synchronization.
 <% if %w{debian}.include?(node['platform_family']) -%>
  <% if node['platform_version'].to_f >= 14 -%>
 Mutex file:/var/run/apache2 default
  <% else %>
 SSLMutex  file:/var/run/apache2/ssl_mutex
  <% end -%>
-<% elsif %w{ rhel fedora suse }.include?(node['platform_family']) -%>
+  SSLSessionCacheTimeout  300
 SSLMutex  default
 <% elsif %w{ freebsd }.include?(node['platform_family']) -%>
 SSLMutex  file:/var/run/ssl_mutex
 <% else -%>
 SSLMutex  file:/var/run/apache2/ssl_mutex
 <% end -%>
-SSLHonorCipherOrder On
+  #   Semaphore:
-#   SSL Cipher Suite:
+  #   Configure the path to the mutual exclusion semaphore the
-#   List the ciphers that the client is permitted to negotiate.
+  #   SSL engine uses internally for inter-process synchronization.
-#   See the mod_ssl documentation for a complete list.
+  <% if %w[rhel fedora suse].include?(node['platform_family']) -%>
-#   enable only secure ciphers:
+  SSLMutex  default
-SSLCipherSuite <%= node['apache']['mod_ssl']['cipher_suite'] %>
+  <% elsif %w[freebsd].include?(node['platform_family']) -%>
-#   Use this instead if you want to allow cipher upgrades via SGC facility.
+  SSLMutex  file:/var/run/ssl_mutex
-#   In this case you also have to use something like
+  <% else -%>
-#        SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
+  SSLMutex  file:/var/run/apache2/ssl_mutex
-#   see http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html.en#upgradeenc
+  <% end -%>
 #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-# enable only secure protocols: SSLv3 and TLSv1, but not SSLv2
+  SSLHonorCipherOrder On
-SSLProtocol all -SSLv2
+  #   SSL Cipher Suite:
  #   List the ciphers that the client is permitted to negotiate.
  #   See the mod_ssl documentation for a complete list.
  #   enable only secure ciphers:
  SSLCipherSuite <%= node['apache']['mod_ssl']['cipher_suite'] %>
  #   Use this instead if you want to allow cipher upgrades via SGC facility.
  #   In this case you also have to use something like
  #        SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
  #   see http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html.en#upgradeenc
  #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  # enable only secure protocols: SSLv3 and TLSv1, but not SSLv2
  SSLProtocol all -SSLv2
 </IfModule>
--- a/Show More
+++ b/Show More