From 321ff4c05a4f50f4ec188eb49ea3ac9b38f4df74 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 21 Mar 2008 15:02:18 +0000 Subject: added mod_security-class, and a placeholder for mod_extract_forwarded_for --- manifests/modules/mod_extract_forwarded2.pp | 7 +++ manifests/modules/mod_security.pp | 70 +++++++++++++++++++++++++++++ manifests/modules/mod_unique_id.pp | 14 ++++++ 3 files changed, 91 insertions(+) create mode 100644 manifests/modules/mod_extract_forwarded2.pp create mode 100644 manifests/modules/mod_security.pp create mode 100644 manifests/modules/mod_unique_id.pp (limited to 'manifests/modules') diff --git a/manifests/modules/mod_extract_forwarded2.pp b/manifests/modules/mod_extract_forwarded2.pp new file mode 100644 index 0000000..f904477 --- /dev/null +++ b/manifests/modules/mod_extract_forwarded2.pp @@ -0,0 +1,7 @@ +# modules/apache/manifests/modules/mod_extract_forwarded2.pp +# 2008 - admin(at)immerda.ch +# License: GPLv3 + +class mod_extract_forwarded2 { + +} diff --git a/manifests/modules/mod_security.pp b/manifests/modules/mod_security.pp new file mode 100644 index 0000000..b99702d --- /dev/null +++ b/manifests/modules/mod_security.pp @@ -0,0 +1,70 @@ +# modules/apache/manifests/modules/mod_security.pp +# 2008 - admin(at)immerda.ch +# License: GPLv3 + +class apache::mod_security { + case $operatingsystem { + gentoo: { include apache::mod_security::gentoo } + default: { include apache::mod_security::base } + } +} + +class apache::mod_security::base { + #mod_unique_id is needed for mod_security + include mod_unique_id + + package{mod_security: + ensure => installed, + notify => Service[apache], + require => Class[apache], + } + file{custom_rule_dir: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules", + ensure => directory, + owner => root, + group => 0, + mode => 755, + require => Package[mod_security], + notify => Service[apache], + } + + file{custom_rules: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/", + source => "puppet://$server/apache/mod_security/custom_rules/", + recurse => true, + owner => root, + group => 0, + mode => 644, + require => File[custom_rule_dir], + notify => Service[apache], + } + + file{custom_host_rules: + path => "/etc/apache2/modules.d/mod_security/Zcustom_rules/", + source => [ "puppet://$server/dist/apache/mod_security/custom_rules/${fqdn}", + "puppet://$server/apache/mod_security/custom_rules.Default_keep_it_empty/" ], + recurse => true, + owner => root, + group => 0, + mode => 644, + require => File[custom_rule_dir], + notify => Service[apache], + } +} + +class apache::mod_security::gentoo inherits apache::mod_security::base { + Package[mod_security]{ + category => 'www-apache', + } + + file{"/etc/apache2/modules.d/99_mod_security.conf": + source => "puppet://$server/apache/mod_security/configs/gentoo/99_mod_security.conf", + owner => root, + group => 0, + mode => 644, + require => Package[mod_security], + notify => Service[apache], + } +} + + diff --git a/manifests/modules/mod_unique_id.pp b/manifests/modules/mod_unique_id.pp new file mode 100644 index 0000000..87069af --- /dev/null +++ b/manifests/modules/mod_unique_id.pp @@ -0,0 +1,14 @@ +# modules/apache/manifests/modules/mod_unique_id.pp +# 2008 - admin(at)immerda.ch +# License: GPLv3 + +class apache::mod_unique_id { + case $operatingsystem { + default: { include apache::mod_unique_id::base } + } +} + +class apache::mod_security::base { + #noting todo yet +} + -- cgit v1.2.3