diff options
author | Micah <micah@leap.se> | 2016-05-24 10:19:28 -0400 |
---|---|---|
committer | Micah <micah@leap.se> | 2016-05-24 10:19:28 -0400 |
commit | 807877b736c5f56689229b31024861f19a9b0ac6 (patch) | |
tree | 95fed058eaa50765bf486ccc59e46123666acabe /manifests/ssl |
Squashed 'puppet/modules/apache/' content from commit 415e950
git-subtree-dir: puppet/modules/apache
git-subtree-split: 415e9504f99dca3ccaa4dfd389dde24ad9d0e01c
Diffstat (limited to 'manifests/ssl')
-rw-r--r-- | manifests/ssl/base.pp | 15 | ||||
-rw-r--r-- | manifests/ssl/centos.pp | 12 | ||||
-rw-r--r-- | manifests/ssl/debian.pp | 4 | ||||
-rw-r--r-- | manifests/ssl/itk.pp | 8 | ||||
-rw-r--r-- | manifests/ssl/itk/centos.pp | 6 | ||||
-rw-r--r-- | manifests/ssl/itk_plus.pp | 6 | ||||
-rw-r--r-- | manifests/ssl/itk_plus/centos.pp | 11 | ||||
-rw-r--r-- | manifests/ssl/openbsd.pp | 18 |
8 files changed, 80 insertions, 0 deletions
diff --git a/manifests/ssl/base.pp b/manifests/ssl/base.pp new file mode 100644 index 00000000..3f329136 --- /dev/null +++ b/manifests/ssl/base.pp @@ -0,0 +1,15 @@ +# basic defaults for ssl support +class apache::ssl::base ( +) { + apache::config::include { + 'ssl_defaults.inc': + content => template('apache/include.d/ssl_defaults.inc.erb'); + } + + if !$apache::no_default_site { + apache::vhost::file{ + '0-default_ssl': + content => template('apache/vhosts/0-default_ssl.conf.erb'); + } + } +} diff --git a/manifests/ssl/centos.pp b/manifests/ssl/centos.pp new file mode 100644 index 00000000..7bc8c895 --- /dev/null +++ b/manifests/ssl/centos.pp @@ -0,0 +1,12 @@ +class apache::ssl::centos inherits apache::ssl::base { + package { 'mod_ssl': + name => 'mod_ssl', + ensure => present, + require => Package[apache], + } + ::apache::config::global{ 'ssl.conf': } + + apache::config::global{'00-listen-ssl.conf': + ensure => absent, + } +} diff --git a/manifests/ssl/debian.pp b/manifests/ssl/debian.pp new file mode 100644 index 00000000..99dfe36e --- /dev/null +++ b/manifests/ssl/debian.pp @@ -0,0 +1,4 @@ +class apache::ssl::debian inherits apache::ssl::base { + apache::debian::module { 'ssl': ensure => present } + apache::config::global { 'ssl.conf': } +} diff --git a/manifests/ssl/itk.pp b/manifests/ssl/itk.pp new file mode 100644 index 00000000..5fd3aaf6 --- /dev/null +++ b/manifests/ssl/itk.pp @@ -0,0 +1,8 @@ +# manifests/ssl/itk.pp + +class apache::ssl::itk inherits apache::ssl { + case $::operatingsystem { + centos: { include apache::ssl::itk::centos } + } +} + diff --git a/manifests/ssl/itk/centos.pp b/manifests/ssl/itk/centos.pp new file mode 100644 index 00000000..fb6a4a6b --- /dev/null +++ b/manifests/ssl/itk/centos.pp @@ -0,0 +1,6 @@ +class apache::ssl::itk::centos inherits apache::ssl::centos { + Package['mod_ssl']{ + name => 'mod_ssl-itk', + } +} + diff --git a/manifests/ssl/itk_plus.pp b/manifests/ssl/itk_plus.pp new file mode 100644 index 00000000..0c8e6679 --- /dev/null +++ b/manifests/ssl/itk_plus.pp @@ -0,0 +1,6 @@ +class apache::ssl::itk_plus inherits apache::ssl::itk { + case $::operatingsystem { + centos: { include ::apache::ssl::itk_plus::centos } + default: { fail("itk plus mode is currently only implemented for CentOS") } + } +} diff --git a/manifests/ssl/itk_plus/centos.pp b/manifests/ssl/itk_plus/centos.pp new file mode 100644 index 00000000..00fb4729 --- /dev/null +++ b/manifests/ssl/itk_plus/centos.pp @@ -0,0 +1,11 @@ +class apache::ssl::itk_plus::centos inherits apache::ssl::centos { + include apache::ssl::itk::centos + Apache::Config::Global['ssl.conf']{ + source => "modules/apache/itk_plus/conf.d/${::operatingsystem}/ssl.conf", + } + + Apache::Config::Global['00-listen-ssl.conf']{ + ensure => 'present', + content => template("apache/itk_plus/${::operatingsystem}/00-listen-ssl.conf.erb"), + } +} diff --git a/manifests/ssl/openbsd.pp b/manifests/ssl/openbsd.pp new file mode 100644 index 00000000..43bc6803 --- /dev/null +++ b/manifests/ssl/openbsd.pp @@ -0,0 +1,18 @@ +class apache::ssl::openbsd inherits apache::openbsd { + include apache::ssl::base + + File_line['enable_apache_on_boot']{ + ensure => 'absent', + } + file_line{'enable_apachessl_on_boot': + path => '/etc/rc.conf.local', + line => 'httpd flags="-DSSL"', + } + + File['/opt/bin/restart_apache.sh']{ + source => "puppet:///modules/apache/scripts/OpenBSD/bin/restart_apache_ssl.sh", + } + Service['apache']{ + start => 'apachectl startssl', + } +} |