added mod_security-class, and a placeholder for mod_extract_forwarded_for

3 files changed, 91 insertions, 0 deletions

diff --git a/manifests/modules/mod_extract_forwarded2.pp b/manifests/modules/mod_extract_forwarded2.pp
new file mode 100644
index 0000000..f904477
--- /dev/null
+++ b/manifests/modules/mod_extract_forwarded2.pp
@@ -0,0 +1,7 @@
+# modules/apache/manifests/modules/mod_extract_forwarded2.pp
+# 2008 - admin(at)immerda.ch
+# License: GPLv3
+
+class mod_extract_forwarded2 {
+
+}
diff --git a/manifests/modules/mod_security.pp b/manifests/modules/mod_security.pp
new file mode 100644
index 0000000..b99702d
--- /dev/null
+++ b/manifests/modules/mod_security.pp
@@ -0,0 +1,70 @@
+# modules/apache/manifests/modules/mod_security.pp
+# 2008 - admin(at)immerda.ch
+# License: GPLv3
+
+class apache::mod_security {
+    case $operatingsystem {
+        gentoo: { include apache::mod_security::gentoo }
+        default: { include apache::mod_security::base }
+    }
+}
+
+class apache::mod_security::base {
+    #mod_unique_id is needed for mod_security
+    include mod_unique_id
+
+    package{mod_security:
+        ensure => installed,
+        notify => Service[apache],
+        require => Class[apache],
+    }
+    file{custom_rule_dir:
+        path => "/etc/apache2/modules.d/mod_security/Zcustom_rules",
+        ensure => directory,
+        owner => root,
+        group => 0,
+        mode => 755,
+        require => Package[mod_security],
+        notify => Service[apache],
+    }
+
+    file{custom_rules:
+        path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/",
+        source => "puppet://$server/apache/mod_security/custom_rules/",
+        recurse => true,
+        owner => root,
+        group => 0,
+        mode => 644,
+        require => File[custom_rule_dir],
+        notify => Service[apache],
+    }
+
+    file{custom_host_rules:
+        path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/",
+        source => [ "puppet://$server/dist/apache/mod_security/custom_rules/${fqdn}",
+                    "puppet://$server/apache/mod_security/custom_rules.Default_keep_it_empty/" ],
+        recurse => true,
+        owner => root,
+        group => 0,
+        mode => 644,
+        require => File[custom_rule_dir],
+        notify => Service[apache],
+    }
+}
+
+class apache::mod_security::gentoo inherits apache::mod_security::base {
+    Package[mod_security]{
+        category => 'www-apache',
+    }
+
+    file{"/etc/apache2/modules.d/99_mod_security.conf":
+        source => "puppet://$server/apache/mod_security/configs/gentoo/99_mod_security.conf",
+        owner => root,
+        group => 0,
+        mode => 644,
+        require => Package[mod_security],
+        notify => Service[apache],
+    }
+}
+
+
diff --git a/manifests/modules/mod_unique_id.pp b/manifests/modules/mod_unique_id.pp
new file mode 100644
index 0000000..87069af
--- /dev/null
+++ b/manifests/modules/mod_unique_id.pp
@@ -0,0 +1,14 @@
+# modules/apache/manifests/modules/mod_unique_id.pp
+# 2008 - admin(at)immerda.ch
+# License: GPLv3
+
+class apache::mod_unique_id {
+    case $operatingsystem {
+        default: { include apache::mod_unique_id::base }
+    }
+}
+
+class apache::mod_security::base {
+    #noting todo yet
+}
+