summaryrefslogtreecommitdiff
path: root/puppet/modules/site_apache
diff options
context:
space:
mode:
authorMicah Anderson <micah@leap.se>2015-09-15 11:52:20 -0400
committerMicah <micah@leap.se>2015-09-30 12:44:27 +0200
commit35c122900c52858b25e4ff8117b8f1eff47304a5 (patch)
treeb6f227631d87e534d8238bafe6506c5192ffe014 /puppet/modules/site_apache
parent4b26c0f30980789844c747e796c12958f51c932c (diff)
Fix server-status availability to tor hidden services (#7456)
Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
Diffstat (limited to 'puppet/modules/site_apache')
-rw-r--r--puppet/modules/site_apache/manifests/common.pp21
-rw-r--r--puppet/modules/site_apache/manifests/common/tls.pp6
2 files changed, 7 insertions, 20 deletions
diff --git a/puppet/modules/site_apache/manifests/common.pp b/puppet/modules/site_apache/manifests/common.pp
index 2b83ffa5..64beb231 100644
--- a/puppet/modules/site_apache/manifests/common.pp
+++ b/puppet/modules/site_apache/manifests/common.pp
@@ -1,27 +1,8 @@
class site_apache::common {
- # installs x509 cert + key and common config
- # that both nagios + leap webapp use
-
- $web_domain = hiera('domain')
- $domain_name = $web_domain['name']
-
- include x509::variables
- include site_config::x509::commercial::cert
- include site_config::x509::commercial::key
- include site_config::x509::commercial::ca
-
- Class['Site_config::X509::Commercial::Key'] ~> Service[apache]
- Class['Site_config::X509::Commercial::Cert'] ~> Service[apache]
- Class['Site_config::X509::Commercial::Ca'] ~> Service[apache]
include site_apache::module::rewrite
class { '::apache': no_default_site => true, ssl => true }
- apache::vhost::file {
- 'common':
- content => template('site_apache/vhosts.d/common.conf.erb')
- }
-
- apache::config::include{ 'ssl_common.inc': }
+ include site_apache::common::tls
}
diff --git a/puppet/modules/site_apache/manifests/common/tls.pp b/puppet/modules/site_apache/manifests/common/tls.pp
new file mode 100644
index 00000000..040868bf
--- /dev/null
+++ b/puppet/modules/site_apache/manifests/common/tls.pp
@@ -0,0 +1,6 @@
+class site_apache::common::tls {
+ # class to setup common SSL configurations
+
+ apache::config::include{ 'ssl_common.inc': }
+
+}