diff options
author | mh <mh@immerda.ch> | 2011-05-17 22:52:47 +0200 |
---|---|---|
committer | mh <mh@immerda.ch> | 2011-05-17 22:55:50 +0200 |
commit | cbbffa1d3de5a19a72dd7bb88fb1bcb14e5384e1 (patch) | |
tree | ed24e2d85aa47f9e70ecfcc45bf20c7a2495da93 /manifests/vhost/file.pp | |
parent | 9081a3c7c3b9f956d0491712bae3ed5e94529e82 (diff) |
improve mod_security rules
* handled now by a partial
* possibility to add rules that should be removed
* possibility to add custom mod_sec options"
* use new infrastructure for existing mod_sec tweaks
Diffstat (limited to 'manifests/vhost/file.pp')
-rw-r--r-- | manifests/vhost/file.pp | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/manifests/vhost/file.pp b/manifests/vhost/file.pp index bbd2f8c..6c750c1 100644 --- a/manifests/vhost/file.pp +++ b/manifests/vhost/file.pp @@ -70,22 +70,27 @@ define apache::vhost::file( notify => Service[apache], owner => root, group => 0, mode => 0644; } - if $do_includes { + if $ensure != 'absent' { + if $do_includes { include ::apache::includes - } - if $use_mod_macro { + } + if $use_mod_macro { include ::apache::mod_macro - } - if $ensure != 'absent' { + } case $logmode { 'semianonym','anonym': { include apache::noiplog } } case $run_mode { 'itk': { include ::apache::itk::lock + if $mod_security { include mod_security::itk } } 'proxy-itk','static-itk': { include ::apache::itk_plus::lock + if $mod_security { include mod_security::itk_plus } + } + default: { + if $mod_security { include mod_security } } } |