| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-12-28 | add a workaround for | o | |
| http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh to all wordpress vhosts mend | |||
| 2012-12-15 | newer mod_security versions need a rule id & linting | mh | |
| 2012-06-18 | this should enforced as apache | mh | |
| 2012-06-08 | fix dynamic scope variables, function access | mh | |
| 2012-06-05 | new style for 2.7 | mh | |
| 2012-05-31 | fix various puppet language things | mh | |
| 2011-11-29 | additional folder | mh | |
| 2011-11-29 | fix a few things that should be writable | mh | |
| 2011-10-18 | fix variable naming | mh | |
| 2011-10-17 | fix gallery template partial passing | mh | |
| 2011-10-13 | if we run as fcgid, we need to tell safe_mode that gid is fine | mh | |
| 2011-10-09 | remove old param | mh | |
| 2011-10-09 | we need these rewrite rules, otherwise it won't work with cgi | mh | |
| 2011-10-09 | do the same for fcgid | mh | |
| 2011-10-09 | fix typo | mh | |
| 2011-10-09 | this options should be set globally | mh | |
| 2011-10-09 | include php::itk on itk setups | mh | |
| 2011-10-08 | log php errors to a per vhost logfile | mh | |
| 2011-10-08 | pass php_settings to fcgid-starter and only set them in vhost, if we don't ↵ | mh | |
| run as fgcid | |||
| 2011-10-08 | type is a metaparam | mh | |
| 2011-10-08 | migrate over to new stdlib function | mh | |
| 2011-10-08 | also include mod_fcgid for php stuff | mh | |
| 2011-10-08 | add mod_fcgid stuff | mh | |
| 2011-10-08 | by default safe_mode is off for mediawikis | mh | |
| 2011-10-08 | the key will always be here | mh | |
| 2011-10-08 | fix name | mh | |
| 2011-10-08 | remove old template mode option | mh | |
| 2011-10-08 | merge functions to new stdlibs, fix has_key hash problem | mh | |
| 2011-10-08 | fix include | mh | |
| 2011-10-08 | introduce a new template style, less duplicated things, more handy options | mh | |
| 2011-10-08 | first work on php_settings via hash | mh | |
| 2011-07-15 | it is not anymore necessary to add an empty source to purge directories | mh | |
| 2011-05-17 | improve mod_security rules | mh | |
| * handled now by a partial * possibility to add rules that should be removed * possibility to add custom mod_sec options" * use new infrastructure for existing mod_sec tweaks | |||
| 2011-05-12 | we need also to allow limit on mediawiki dir htaccess | mh | |
| 2011-02-24 | use a better subsitution | mh | |
| 2011-02-24 | try a more unique placeholder, because the old one failed with binaries ↵ | mh | |
| which contained _ in the name | |||
| 2011-02-24 | allow setting of a specific bin_dir | mh | |
| 2011-02-23 | add a directory for global exec bins | mh | |
| 2011-02-22 | add missing param | mh | |
| 2011-02-22 | add missing param | mh | |
| 2011-02-22 | first way to a unified partial based vhost template | mh | |
| 2010-08-17 | set correct domain, if domain is absent, what it is most of the time | mh | |
| 2010-08-17 | fix cronjob domain | mh | |
| 2010-08-17 | remove includes in defines that are called a lot, it looks like compile time ↵ | mh | |
| goes up with such includes | |||
| 2010-08-16 | automatically include php for php vhosts | mh | |
| 2010-08-16 | impelement itk plus mode | mh | |
| itk plus mode is an additional mode to deploy itk based hostings which should be a bit more performant. The idea is that we have two apache-instances running: A) prefork based, listening on the external interface B) itk based, listening on the loopback interface A) will serve all static webpages, as well as possibly serve all static content of dynamic websites. All requests to dynamic content will be redirected to B). The idea is that A) doesn't load any modules to server dynamic content at all. B) will serve all the dynamic scripts of a vhost. This will mean that for vhosts (static ones) as well as static content (all none dynamic scripts) we can benefit from the fast prefork model, while we can use itk's security model for all the dynamic scripts. There are two new additional run_modes: - proxy-itk: this just passes all requests to apache instance B). This one is similar to plain itk based mode and should be used for vhosts that shouldn't (yet) changed to the mixed mode. - static-itk: this passes only requests to dynamic scripts to B) while all static content is served by A). Beware that the user with which A) is running should be member of the run group of B) and all static files need to readable by the group. This reduces the security model you have with plain itk, as the prefork apache user will be able to read php (config-) files of any vhost that runs in static-itk mode. If you want to keep the level of security for a certain vhost, you need to run the specific vhost in proxy-itk mode. Note 1: you cannot run vhosts in itk mode and others in proxy or static itk mode. There is a duplicate file resource definition that blocks that possibility. Note 2: This mode works currently only on CentOS based systems, as no work have been done so far to implement an init.d script that's able to run 2 apache instances. | |||
| 2010-08-11 | introduce logmode feature | mh | |
| We are now able to select how apache should log accesses. These modes are: * default: as you would use it * semianonym: no ips are logged for CustomLog, ErrorLog still logs ips * anonym: no ips are logged for CustomLog, ErrorLog is sent to /dev/null * nologs: all logs are sent to /dev/null | |||
| 2010-08-07 | remove unnecessary fileserver variable (#2460) | mh | |
| 2010-06-12 | disable mod_security for galleries | mh | |
| 2010-06-12 | get the decision branch right | mh | |
 |
index : puppet_apache.git | |
| [puppet_apache] | git repository hosting |
| summaryrefslogtreecommitdiff |