diff options
author | mh <mh@immerda.ch> | 2008-03-21 15:02:18 +0000 |
---|---|---|
committer | mh <mh@immerda.ch> | 2008-03-21 15:02:18 +0000 |
commit | 321ff4c05a4f50f4ec188eb49ea3ac9b38f4df74 (patch) | |
tree | 77c6b993afeabe9d512b47a5f03fe27803a07071 /manifests/modules/mod_security.pp | |
parent | f86a344c8eedc3e1b13ef4359ded97a978000853 (diff) |
added mod_security-class, and a placeholder for mod_extract_forwarded_for
Diffstat (limited to 'manifests/modules/mod_security.pp')
-rw-r--r-- | manifests/modules/mod_security.pp | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/manifests/modules/mod_security.pp b/manifests/modules/mod_security.pp new file mode 100644 index 0000000..b99702d --- /dev/null +++ b/manifests/modules/mod_security.pp @@ -0,0 +1,70 @@ +# modules/apache/manifests/modules/mod_security.pp +# 2008 - admin(at)immerda.ch +# License: GPLv3 + +class apache::mod_security { + case $operatingsystem { + gentoo: { include apache::mod_security::gentoo } + default: { include apache::mod_security::base } + } +} + +class apache::mod_security::base { + #mod_unique_id is needed for mod_security + include mod_unique_id + + package{mod_security: + ensure => installed, + notify => Service[apache], + require => Class[apache], + } + file{custom_rule_dir: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules", + ensure => directory, + owner => root, + group => 0, + mode => 755, + require => Package[mod_security], + notify => Service[apache], + } + + file{custom_rules: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/", + source => "puppet://$server/apache/mod_security/custom_rules/", + recurse => true, + owner => root, + group => 0, + mode => 644, + require => File[custom_rule_dir], + notify => Service[apache], + } + + file{custom_host_rules: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/", + source => [ "puppet://$server/dist/apache/mod_security/custom_rules/${fqdn}", + "puppet://$server/apache/mod_security/custom_rules.Default_keep_it_empty/" ], + recurse => true, + owner => root, + group => 0, + mode => 644, + require => File[custom_rule_dir], + notify => Service[apache], + } +} + +class apache::mod_security::gentoo inherits apache::mod_security::base { + Package[mod_security]{ + category => 'www-apache', + } + + file{"/etc/apache2/modules.d/99_mod_security.conf": + source => "puppet://$server/apache/mod_security/configs/gentoo/99_mod_security.conf", + owner => root, + group => 0, + mode => 644, + require => Package[mod_security], + notify => Service[apache], + } +} + + |