FreeBSD: apache.manage_security
This commit is contained in:
parent
9f796f0b6a
commit
0590e43973
@ -519,5 +519,12 @@ SSLRandomSeed startup builtin
|
|||||||
SSLRandomSeed connect builtin
|
SSLRandomSeed connect builtin
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
|
# Default Values
|
||||||
|
ServerTokens Prod
|
||||||
|
ServerSignature Off
|
||||||
|
TraceEnable Off
|
||||||
|
# Well, IncludeOptional behaved lile Include
|
||||||
|
IncludeOptional etc/apache24/extra/security.con[f]
|
||||||
|
|
||||||
Include etc/apache24/Includes/*.conf
|
Include etc/apache24/Includes/*.conf
|
||||||
|
|
||||||
|
3
apache/files/FreeBSD/security.conf.jinja
Normal file
3
apache/files/FreeBSD/security.conf.jinja
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
{% for option, value in salt['pillar.get']('apache:security', {}).items() -%}
|
||||||
|
{{ option }} {{ value }}
|
||||||
|
{% endfor %}
|
@ -1,10 +1,10 @@
|
|||||||
{% if grains['os_family']=="Debian" %}
|
|
||||||
|
|
||||||
{% from "apache/map.jinja" import apache with context %}
|
{% from "apache/map.jinja" import apache with context %}
|
||||||
|
|
||||||
include:
|
include:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
|
{% if grains['os_family']=="Debian" %}
|
||||||
|
|
||||||
{% if salt['file.file_exists' ]('/etc/apache2/conf-available/security.conf') %}
|
{% if salt['file.file_exists' ]('/etc/apache2/conf-available/security.conf') %}
|
||||||
apache_security-block:
|
apache_security-block:
|
||||||
file.blockreplace:
|
file.blockreplace:
|
||||||
@ -30,4 +30,14 @@ apache_manage-security-{{ option }}:
|
|||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
{% elif grains['os_family']=="FreeBSD" %}
|
||||||
|
{{ apache.confdir }}/security.conf:
|
||||||
|
file.managed:
|
||||||
|
- source: salt://apache/files/{{ salt['grains.get']('os_family') }}/security.conf.jinja
|
||||||
|
- mode: 644
|
||||||
|
- template: jinja
|
||||||
|
- require:
|
||||||
|
- pkg: apache
|
||||||
|
- watch_in:
|
||||||
|
- module: apache-restart
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user