fix(server-status): enable module in Debian family

This commit is contained in:
Javier Bértoli 2020-07-18 13:26:39 -03:00
parent b25362535a
commit 632802a5a9
10 changed files with 86 additions and 40 deletions

View File

@ -1,3 +1,7 @@
########################################################################
# File managed by Salt at <{{ source }}>.
# Your changes will be overwritten.
########################################################################
<Location "/server-status">
SetHandler server-status
{%- if apache.version == '2.4' %}

View File

@ -19,16 +19,10 @@ include:
- module: apache-reload
- service: apache
{% if grains['os_family']=="Debian" %}
a2endisconf server-status:
{%- if grains['os_family'] == "Debian" %}
a2enconf server-status:
cmd.run:
{% if apache.get('server_status_require') is defined %}
- name: a2enconf server-status
- unless: test -L /etc/apache2/conf-enabled/server-status.conf
{% else %}
- name: a2disconf server-status
- onlyif: test -L /etc/apache2/conf-enabled/server-status.conf
{% endif %}
- unless: 'test -L /etc/apache2/conf-enabled/server-status.conf'
- order: 225
- require:
- pkg: apache

View File

@ -157,7 +157,7 @@ suites:
base:
'*':
- apache
- apache.mod_security
- apache.config
pillars:
top.sls:
base:
@ -168,3 +168,21 @@ suites:
verifier:
inspec_tests:
- path: test/integration/default
- name: modules
provisioner:
state_top:
base:
'*':
- apache
- apache.mod_security
- apache.server_status
pillars:
top.sls:
base:
'*':
- apache
pillars_from_files:
apache.sls: test/salt/pillar/modules.sls
verifier:
inspec_tests:
- path: test/integration/modules

View File

@ -3,7 +3,19 @@
control 'apache configuration' do
title 'should match desired lines'
describe file('/etc/apache2/apache2.conf') do
config_file =
case platform[:family]
when 'debian'
'/etc/apache2/apache2.conf'
when 'redhat', 'fedora'
'/etc/httpd/conf/httpd.conf'
when 'suse'
'/etc/apache2/httpd.conf'
# `linux` here is sufficient for `arch`
when 'linux'
'/etc/httpd/conf/httpd.conf'
end
describe file(config_file) do
it { should be_file }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
@ -15,3 +27,13 @@ control 'apache configuration' do
end
end
end
control 'apache configuration' do
title 'should be valid'
describe command('apachectl -t') do
its('stdout') { should eq '' }
its('stderr') { should include 'Syntax OK' }
its('exit_status') { should eq 0 }
end
end

View File

@ -1,9 +1,5 @@
# frozen_string_literal: true
# Overide by OS
package_name = 'bash'
package_name = 'cronie' if (os[:name] == 'centos') && os[:release].start_with?('6')
control 'apache package' do
title 'should be installed'
@ -13,7 +9,8 @@ control 'apache package' do
'apache2'
when 'redhat', 'fedora'
'httpd'
when 'arch'
# `linux` here is sufficient for `arch`
when 'linux'
'apache'
end

View File

@ -1,13 +1,17 @@
# frozen_string_literal: true
# Overide by OS
service_name = 'apache2'
service_name = 'httpd' if (os[:name] == 'centos')
control 'apache service' do
impact 0.5
title 'should be running and enabled'
service_name =
case platform[:family]
when 'debian', 'suse'
'apache2'
when 'redhat', 'fedora', 'linux'
'httpd'
end
describe service(service_name) do
it { should be_enabled }
it { should be_running }

View File

@ -9,6 +9,8 @@ control 'apache mod_security configuration' do
'/etc/httpd/conf.d/mod_security.conf'
when 'debian'
'/etc/modsecurity/modsecurity.conf-recommended'
when 'suse'
'/etc/apache2/conf.d/mod_security2.conf'
end
describe file(modspec_file) do

View File

@ -5,7 +5,7 @@ control 'apache mod_security package' do
package_name =
case platform[:family]
when 'debian', 'suse'
when 'debian'
'libapache2-mod-security2'
when 'redhat', 'fedora'
'mod_security'

View File

@ -3,14 +3,14 @@
control 'apache server_status configuration' do
title 'should match desired lines'
server_status_stanza = <<-SS_STANZA
<Location "/server-status">
server_status_stanza = <<~SS_STANZA
<Location "/server-status">
SetHandler server-status
Require local
Require host foo.example.com
Require ip 10.8.8.0/24
</Location>
SS_STANZA
</Location>
SS_STANZA
confdir =
case platform[:family]
@ -20,7 +20,8 @@ SS_STANZA
'/etc/httpd/conf.d'
when 'suse'
'/etc/apache2/conf.d'
when 'arch'
# `linux` here is sufficient for `arch`
when 'linux'
'/etc/httpd/conf/extra'
end

View File

@ -1,13 +1,17 @@
# frozen_string_literal: true
# Overide by OS
service_name = 'apache2'
service_name = 'httpd' if (os[:name] == 'centos')
control 'apache service' do
impact 0.5
title 'should be running and enabled'
service_name =
case platform[:family]
when 'debian', 'suse'
'apache2'
when 'redhat', 'fedora', 'linux'
'httpd'
end
describe service(service_name) do
it { should be_enabled }
it { should_not be_running }