Here is a scenario. I have two web applications (lets call them webapp1 and webapp2) that needs apache, php (with some modules), and the web app's code it self. This is how I set this I set this up (using the roles-profiles pattern):
modules/
apache/
php/
webapp1/ # responsible for cloning the repo and setting up config files
webapp2/ # responsible for cloning the repo and setting up config files
profiles/
manifests/
webapp1.pp # responsible for putting the stack together
webapp2.pp # responsible for putting the stack together
profiles/manifests/webapp1.pp looks something like this:
class profiles::webapp1 {
include ::apache
include ::php
include ::webapp1
}
and profiles/manifests/webapp1.pp looks something like this:
class profiles::webapp2 {
include ::apache
include ::php
include ::webapp2
}
Now both the applications also have to be served over HTTPS and need the same set of SSL certificates (imagine webapp1 and webapp2 are served from different subdomains of a domain and we have a wildcard certificate so both the applications can use the same certificate). Now, I can't decide the manifest to do the SSL setup in (i.e. setting up keys and certs using file type. The reason is that at least right now, I am going to have both webapp1 and webapp2 in the same role manifest but would like to be flexible so that I can move webapp1 and webapp2 in different roles without worrying about doing SSL setup differently.
