@@ -17,10 +17,16 @@

     <Directory %HORIZON_DIR%/>

         Options Indexes FollowSymLinks MultiViews

-        %HORIZON_REQUIRE%

         AllowOverride None

-        Order allow,deny

-        allow from all

+        # Apache 2.4 uses mod_authz_host for access control now (instead of

+        #  "Allow")

+        <IfVersion < 2.4>

+            Order allow,deny

+            Allow from all

+        </IfVersion>

+        <IfVersion >= 2.4>

+            Require all granted

+        </IfVersion>

     </Directory>

     ErrorLog /var/log/%APACHE_NAME%/horizon_error.log

@@ -6,7 +6,9 @@ Listen %ADMINPORT%

     WSGIProcessGroup keystone-public

     WSGIScriptAlias / %PUBLICWSGI%

     WSGIApplicationGroup %{GLOBAL}

-    %ERRORLOGFORMAT%

+    <IfVersion >= 2.4>

+      ErrorLogFormat "%{cu}t %M"

+    </IfVersion>

     ErrorLog /var/log/%APACHE_NAME%/keystone.log

     CustomLog /var/log/%APACHE_NAME%/keystone_access.log combined

 </VirtualHost>

@@ -16,7 +18,9 @@ Listen %ADMINPORT%

     WSGIProcessGroup keystone-admin

     WSGIScriptAlias / %ADMINWSGI%

     WSGIApplicationGroup %{GLOBAL}

-    %ERRORLOGFORMAT%

+    <IfVersion >= 2.4>

+      ErrorLogFormat "%{cu}t %M"

+    </IfVersion>

     ErrorLog /var/log/%APACHE_NAME%/keystone.log

     CustomLog /var/log/%APACHE_NAME%/keystone_access.log combined

 </VirtualHost>

@@ -21,18 +21,6 @@ function function_exists {

     declare -f -F $1 > /dev/null

 }

-# Checks if installed Apache is <= given version

-# $1 = x.y.z (version string of Apache)

-function check_apache_version {

-    local cmd="apachectl"

-    if ! [[ -x $(which apachectl 2>/dev/null) ]]; then

-        cmd="/usr/sbin/apachectl"

-    fi

-

-    local version=$($cmd -v | grep version | grep -Po 'Apache/\K[^ ]*')

-    expr "$version" '>=' $1 > /dev/null

-}

-

 # Cleanup anything from /tmp on unstack

 # clean_tmp

@@ -59,6 +59,11 @@ function install_apache_wsgi {

     else

         exit_distro_not_supported "apache installation"

     fi

+

+    # ensure mod_version enabled for <IfVersion ...>.  This is

+    # built-in statically on anything recent, but precise (2.2)

+    # doesn't have it enabled

+    sudo a2enmod version || true

 }

 # get_apache_version() - return the version of Apache installed

@@ -123,12 +123,6 @@ function init_horizon {

     # Create an empty directory that apache uses as docroot

     sudo mkdir -p $HORIZON_DIR/.blackhole

-    # Apache 2.4 uses mod_authz_host for access control now (instead of "Allow")

-    local horizon_require=''

-    if check_apache_version "2.4" ; then

-        horizon_require='Require all granted'

-    fi

-

     local horizon_conf=$(apache_site_config_for horizon)

     # Configure apache to run horizon

@@ -138,7 +132,6 @@ function init_horizon {

         s,%HORIZON_DIR%,$HORIZON_DIR,g;

         s,%APACHE_NAME%,$APACHE_NAME,g;

         s,%DEST%,$DEST,g;

-        s,%HORIZON_REQUIRE%,$horizon_require,g;

     \" $FILES/apache-horizon.template >$horizon_conf"

     if is_ubuntu; then

@@ -121,12 +121,6 @@ function _config_keystone_apache_wsgi {

     local keystone_apache_conf=$(apache_site_config_for keystone)

     local apache_version=$(get_apache_version)

-    if [[ ${apache_version#*\.} -ge 4 ]]; then

-        # Apache 2.4 supports custom error log formats

-        # this should mirror the original log formatting.

-        local errorlogformat='ErrorLogFormat "%{cu}t %M"'

-    fi

-

     # copy proxy vhost and wsgi file

     sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/main

     sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/admin

@@ -139,7 +133,6 @@ function _config_keystone_apache_wsgi {

         s|%PUBLICWSGI%|$KEYSTONE_WSGI_DIR/main|g;

         s|%ADMINWSGI%|$KEYSTONE_WSGI_DIR/admin|g;

         s|%USER%|$STACK_USER|g

-        s|%ERRORLOGFORMAT%|$errorlogformat|g;

     " -i $keystone_apache_conf

 }