put mod_security stuff in its own partial

2 files changed, 20 insertions, 18 deletions

diff --git a/templates/vhosts/default.erb b/templates/vhosts/default.erb
index 41879c8..4acb6b4 100644
--- a/templates/vhosts/default.erb
+++ b/templates/vhosts/default.erb
@@ -22,26 +22,11 @@ vhost_parts.each do |vhost_part|
   <% else -%>
 <%= scope.function_template(template_partial) %>
   <% end -%>
-  <IfModule mod_security2.c>
-    <%- if mod_security.to_s == 'true' then -%>
-    SecRuleEngine On
-    <%- if mod_security_relevantonly.to_s == 'true' then -%>
-    SecAuditEngine RelevantOnly
-    <%- else -%>
-    SecAuditEngine On
-    <%- end -%>
-    <%- else -%>
-    SecRuleEngine Off
-    SecAuditEngine Off
-    <%- end -%>
-    SecAuditLogType Concurrent
-    SecAuditLogStorageDir <%= logdir %>/
-    SecAuditLog <%= logdir %>/mod_security_audit.log
-    SecDebugLog <%= logdir %>/mod_security_debug.log
-  </IfModule>
+
+<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
 
   <%- unless additional_options.to_s == 'absent' then -%>
   <%= additional_options %>
   <%- end -%>
 </VirtualHost>
-<% end -%>
\ No newline at end of file
+<% end -%>
diff --git a/templates/vhosts/partials/mod_security.erb b/templates/vhosts/partials/mod_security.erb
new file mode 100644
index 0000000..0e0f803
--- /dev/null
+++ b/templates/vhosts/partials/mod_security.erb
@@ -0,0 +1,17 @@
+  <IfModule mod_security2.c>
+    <%- if mod_security.to_s == 'true' then -%>
+    SecRuleEngine On
+    <%- if mod_security_relevantonly.to_s == 'true' then -%>
+    SecAuditEngine RelevantOnly
+    <%- else -%>
+    SecAuditEngine On
+    <%- end -%>
+    <%- else -%>
+    SecRuleEngine Off
+    SecAuditEngine Off
+    <%- end -%>
+    SecAuditLogType Concurrent
+    SecAuditLogStorageDir <%= logdir %>/
+    SecAuditLog <%= logdir %>/mod_security_audit.log
+    SecDebugLog <%= logdir %>/mod_security_debug.log
+  </IfModule>