diff options
author | mh <mh@immerda.ch> | 2008-12-05 17:21:54 +0000 |
---|---|---|
committer | mh <mh@immerda.ch> | 2008-12-05 17:21:54 +0000 |
commit | 5f0206aaeb5f8be87f6ee39448e7f36a3c7dd6ee (patch) | |
tree | 17f031e4fdbcc7aef98012066ceba3c13be54cb8 | |
parent | b690f927b3cb8d24c0ef514a989e47ee112eb0b9 (diff) |
- add index.shtml to default index if we do includ
es, as well add +Includes to the directory options
if not yet done
- removed the security rewrite as it is already in the
defaults.inc!
- removed the enforcement of mod_security
-rw-r--r-- | files/conf.d/do_includes.conf | 5 | ||||
-rw-r--r-- | manifests/defines/vhost_files.pp | 19 | ||||
-rw-r--r-- | manifests/defines/vhost_varieties.pp | 19 | ||||
-rw-r--r-- | manifests/includes.pp | 5 | ||||
-rw-r--r-- | templates/vhosts/perl/CentOS.erb | 5 | ||||
-rw-r--r-- | templates/vhosts/php/CentOS.erb | 5 | ||||
-rw-r--r-- | templates/vhosts/static/CentOS.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/static/OpenBSD.erb | 10 |
8 files changed, 41 insertions, 31 deletions
diff --git a/files/conf.d/do_includes.conf b/files/conf.d/do_includes.conf new file mode 100644 index 0000000..f44d9d4 --- /dev/null +++ b/files/conf.d/do_includes.conf @@ -0,0 +1,5 @@ +# +# Add index.shtml to the list of files that will be served as directory +# indexes. +# +DirectoryIndex index.shtml diff --git a/manifests/defines/vhost_files.pp b/manifests/defines/vhost_files.pp index 099e4e1..421c9f5 100644 --- a/manifests/defines/vhost_files.pp +++ b/manifests/defines/vhost_files.pp @@ -24,16 +24,17 @@ define apache::vhost( $php_upload_tmp_dir = 'absent', $php_session_save_path = 'absent', $cgi_binpath = 'absent', + $do_includes = false, $options = 'absent', $additional_options = 'absent', $run_mode = 'normal', $run_uid = 'absent', $run_gid = 'absent', $template_mode = 'static', - $ssl_mode = 'false', + $ssl_mode = false $htpasswd_file = 'absent', $htpasswd_path = 'absent', - $mod_security = 'true' + $mod_security = true, ) { # file or template mode? case $vhost_mode { @@ -41,6 +42,7 @@ define apache::vhost( apache::vhost::file{$name: vhost_source => $vhost_source, vhost_destination => $vhost_destination, + do_inlcudes => $do_includes, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, } @@ -54,6 +56,7 @@ define apache::vhost( php_session_save_path => $php_session_save_path, cgi_binpath => $cgi_binpath, allow_override => $allow_override, + do_inlcudes => $do_includes, options => $options, additional_options => $additional_options, run_mode => $run_mode, @@ -63,7 +66,7 @@ define apache::vhost( ssl_mode => $ssl_mode, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, - mod_security => 'false', + mod_security => $mod_security, } } default: { fail("no such vhost_mode: $vhost_mode defined for $name.") } @@ -84,6 +87,7 @@ define apache::vhost::file( $vhost_source = 'absent', $vhost_destination = 'absent', $content = 'absent', + $do_includes = false, $htpasswd_file = 'absent', $htpasswd_path = 'absent' ){ @@ -105,6 +109,9 @@ define apache::vhost::file( notify => Service[apache], owner => root, group => 0, mode => 0644; } + if $do_includes { + include apache::includes + } case $content { 'absent': { $real_vhost_source = $vhost_source ? { @@ -171,14 +178,15 @@ define apache::vhost::template( $php_upload_tmp_dir = 'absent', $php_session_save_path = 'absent', $cgi_binpath = 'absent', + $do_includes = false, $options = 'absent', $additional_options = 'absent', $run_mode = 'normal', $run_uid = 'absent', $run_gid = 'absent', $template_mode = 'static', - $ssl_mode = 'false', - $mod_security = 'true', + $ssl_mode = false, + $mod_security = true, $htpasswd_file = 'absent', $htpasswd_path = 'absent' ){ @@ -225,6 +233,7 @@ define apache::vhost::template( } apache::vhost::file{$name: content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), + do_inlcudes => $do_includes, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, } diff --git a/manifests/defines/vhost_varieties.pp b/manifests/defines/vhost_varieties.pp index fbf58d7..f84e537 100644 --- a/manifests/defines/vhost_varieties.pp +++ b/manifests/defines/vhost_varieties.pp @@ -23,9 +23,10 @@ define apache::vhost::static( $documentroot_group = 0, $documentroot_mode = 0750, $allow_override = 'None', + $do_includes = false, $options = 'absent', $additional_options = 'absent', - $ssl_mode = 'false', + $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', $vhost_destination = 'absent', @@ -52,12 +53,13 @@ define apache::vhost::static( domain => $domain, domainalias => $domainalias, allow_override => $allow_override, + do_includes => $do_includes, options => $options, additional_options => $additional_options, ssl_mode => $ssl_mode, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, - mod_security => 'false', + mod_security => false, } } @@ -73,10 +75,11 @@ define apache::vhost::php::standard( $allow_override = 'None', $upload_tmp_dir = 'absent', $session_save_path = 'absent', + $do_includes = false, $options = 'absent', $additional_options = 'absent', - $mod_security = 'true', - $ssl_mode = 'false', + $mod_security = true, + $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', $vhost_destination = 'absent', @@ -133,6 +136,7 @@ define apache::vhost::php::standard( domain => $domain, domainalias => $domainalias, allow_override => $allow_override, + do_includes => $do_includes, options => $options, additional_options => $additional_options, php_upload_tmp_dir => $real_upload_tmp_dir, @@ -164,10 +168,11 @@ define apache::vhost::modperl( $run_gid = 'absent', $allow_override = 'None', $cgi_binpath = 'absent', + $do_includes = false, $options = 'absent', $additional_options = 'absent', - $mod_security = 'true', - $ssl_mode = 'false', + $mod_security = true, + $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', $vhost_destination = 'absent', @@ -218,6 +223,7 @@ define apache::vhost::modperl( run_uid => $run_uid, run_gid => $run_gid, allow_override => $allow_override, + do_includes => $do_includes, options => $options, additional_options => $additional_options, cgi_binpath => $real_cgi_binpath, @@ -226,5 +232,4 @@ define apache::vhost::modperl( htpasswd_path => $htpasswd_path, mod_security => $mod_security, } - } diff --git a/manifests/includes.pp b/manifests/includes.pp new file mode 100644 index 0000000..fa31e59 --- /dev/null +++ b/manifests/includes.pp @@ -0,0 +1,5 @@ +# manifests/includes.pp + +class apache::includes { + apache::config::file{'do_includes.conf':} +} diff --git a/templates/vhosts/perl/CentOS.erb b/templates/vhosts/perl/CentOS.erb index 2dce115..92e703c 100644 --- a/templates/vhosts/perl/CentOS.erb +++ b/templates/vhosts/perl/CentOS.erb @@ -18,7 +18,7 @@ <Directory "<%= documentroot %>/"> AllowOverride <%= allow_override %> <%- unless options.to_s == 'absent' then -%> - Options <%= options %> + Options <%= options %> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic @@ -45,7 +45,4 @@ <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) - RewriteRule .* - [F] </VirtualHost> diff --git a/templates/vhosts/php/CentOS.erb b/templates/vhosts/php/CentOS.erb index 26cbe23..cee935e 100644 --- a/templates/vhosts/php/CentOS.erb +++ b/templates/vhosts/php/CentOS.erb @@ -13,7 +13,7 @@ <Directory "<%= documentroot %>/"> AllowOverride <%= allow_override %> <%- unless options.to_s == 'absent' then -%> - Options <%= options %> + Options <%= options %> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic @@ -34,7 +34,4 @@ <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) - RewriteRule .* - [F] </VirtualHost> diff --git a/templates/vhosts/static/CentOS.erb b/templates/vhosts/static/CentOS.erb index 1e93756..e990f5e 100644 --- a/templates/vhosts/static/CentOS.erb +++ b/templates/vhosts/static/CentOS.erb @@ -12,6 +12,7 @@ <Directory "<%= documentroot %>"> AllowOverride <%= allow_override %> + Options <%= options %> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%> </Directory> <IfModule mod_security2.c> @@ -21,7 +22,4 @@ <%- unless additional_options == 'absent' then -%> <%= additional_options %> <%- end -%> - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) - RewriteRule .* - [F </VirtualHost> diff --git a/templates/vhosts/static/OpenBSD.erb b/templates/vhosts/static/OpenBSD.erb index c04f372..5dd02ef 100644 --- a/templates/vhosts/static/OpenBSD.erb +++ b/templates/vhosts/static/OpenBSD.erb @@ -17,7 +17,7 @@ <%- if (options.to_s != 'absent' or htpasswd_file.to_s != 'absent') and not ssl_mode.to_s == 'force' then -%> <Directory "<%= documentroot %>/"> <%- unless options.to_s == 'absent' then -%> - Options <%= options %> + Options <%= options %> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> @@ -32,9 +32,6 @@ <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) - RewriteRule .* - [F] </VirtualHost> <%- unless ssl_mode.to_s == 'false' then -%> @@ -52,7 +49,7 @@ <%- if options.to_s != 'absent' or htpasswd_file.to_s != 'absent' then -%> <Directory "<%= documentroot %>/"> <%- unless options.to_s == 'absent' then -%> - Options <%= options %> + Options <%= options %> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> @@ -67,8 +64,5 @@ <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) - RewriteRule .* - [F] </VirtualHost> <%- end -%> |