fix(server-status): enable module in Debian family
This commit is contained in:
parent
b25362535a
commit
632802a5a9
@ -1,3 +1,7 @@
|
||||
########################################################################
|
||||
# File managed by Salt at <{{ source }}>.
|
||||
# Your changes will be overwritten.
|
||||
########################################################################
|
||||
<Location "/server-status">
|
||||
SetHandler server-status
|
||||
{%- if apache.version == '2.4' %}
|
||||
|
@ -19,16 +19,10 @@ include:
|
||||
- module: apache-reload
|
||||
- service: apache
|
||||
|
||||
{% if grains['os_family']=="Debian" %}
|
||||
a2endisconf server-status:
|
||||
{%- if grains['os_family'] == "Debian" %}
|
||||
a2enconf server-status:
|
||||
cmd.run:
|
||||
{% if apache.get('server_status_require') is defined %}
|
||||
- name: a2enconf server-status
|
||||
- unless: test -L /etc/apache2/conf-enabled/server-status.conf
|
||||
{% else %}
|
||||
- name: a2disconf server-status
|
||||
- onlyif: test -L /etc/apache2/conf-enabled/server-status.conf
|
||||
{% endif %}
|
||||
- unless: 'test -L /etc/apache2/conf-enabled/server-status.conf'
|
||||
- order: 225
|
||||
- require:
|
||||
- pkg: apache
|
||||
|
20
kitchen.yml
20
kitchen.yml
@ -157,7 +157,7 @@ suites:
|
||||
base:
|
||||
'*':
|
||||
- apache
|
||||
- apache.mod_security
|
||||
- apache.config
|
||||
pillars:
|
||||
top.sls:
|
||||
base:
|
||||
@ -168,3 +168,21 @@ suites:
|
||||
verifier:
|
||||
inspec_tests:
|
||||
- path: test/integration/default
|
||||
- name: modules
|
||||
provisioner:
|
||||
state_top:
|
||||
base:
|
||||
'*':
|
||||
- apache
|
||||
- apache.mod_security
|
||||
- apache.server_status
|
||||
pillars:
|
||||
top.sls:
|
||||
base:
|
||||
'*':
|
||||
- apache
|
||||
pillars_from_files:
|
||||
apache.sls: test/salt/pillar/modules.sls
|
||||
verifier:
|
||||
inspec_tests:
|
||||
- path: test/integration/modules
|
||||
|
@ -3,7 +3,19 @@
|
||||
control 'apache configuration' do
|
||||
title 'should match desired lines'
|
||||
|
||||
describe file('/etc/apache2/apache2.conf') do
|
||||
config_file =
|
||||
case platform[:family]
|
||||
when 'debian'
|
||||
'/etc/apache2/apache2.conf'
|
||||
when 'redhat', 'fedora'
|
||||
'/etc/httpd/conf/httpd.conf'
|
||||
when 'suse'
|
||||
'/etc/apache2/httpd.conf'
|
||||
# `linux` here is sufficient for `arch`
|
||||
when 'linux'
|
||||
'/etc/httpd/conf/httpd.conf'
|
||||
end
|
||||
describe file(config_file) do
|
||||
it { should be_file }
|
||||
it { should be_owned_by 'root' }
|
||||
it { should be_grouped_into 'root' }
|
||||
@ -15,3 +27,13 @@ control 'apache configuration' do
|
||||
end
|
||||
end
|
||||
end
|
||||
control 'apache configuration' do
|
||||
title 'should be valid'
|
||||
|
||||
describe command('apachectl -t') do
|
||||
its('stdout') { should eq '' }
|
||||
its('stderr') { should include 'Syntax OK' }
|
||||
|
||||
its('exit_status') { should eq 0 }
|
||||
end
|
||||
end
|
||||
|
@ -1,9 +1,5 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
# Overide by OS
|
||||
package_name = 'bash'
|
||||
package_name = 'cronie' if (os[:name] == 'centos') && os[:release].start_with?('6')
|
||||
|
||||
control 'apache package' do
|
||||
title 'should be installed'
|
||||
|
||||
@ -13,7 +9,8 @@ control 'apache package' do
|
||||
'apache2'
|
||||
when 'redhat', 'fedora'
|
||||
'httpd'
|
||||
when 'arch'
|
||||
# `linux` here is sufficient for `arch`
|
||||
when 'linux'
|
||||
'apache'
|
||||
end
|
||||
|
||||
|
@ -1,13 +1,17 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
# Overide by OS
|
||||
service_name = 'apache2'
|
||||
service_name = 'httpd' if (os[:name] == 'centos')
|
||||
|
||||
control 'apache service' do
|
||||
impact 0.5
|
||||
title 'should be running and enabled'
|
||||
|
||||
service_name =
|
||||
case platform[:family]
|
||||
when 'debian', 'suse'
|
||||
'apache2'
|
||||
when 'redhat', 'fedora', 'linux'
|
||||
'httpd'
|
||||
end
|
||||
|
||||
describe service(service_name) do
|
||||
it { should be_enabled }
|
||||
it { should be_running }
|
||||
|
@ -9,6 +9,8 @@ control 'apache mod_security configuration' do
|
||||
'/etc/httpd/conf.d/mod_security.conf'
|
||||
when 'debian'
|
||||
'/etc/modsecurity/modsecurity.conf-recommended'
|
||||
when 'suse'
|
||||
'/etc/apache2/conf.d/mod_security2.conf'
|
||||
end
|
||||
|
||||
describe file(modspec_file) do
|
||||
|
@ -5,7 +5,7 @@ control 'apache mod_security package' do
|
||||
|
||||
package_name =
|
||||
case platform[:family]
|
||||
when 'debian', 'suse'
|
||||
when 'debian'
|
||||
'libapache2-mod-security2'
|
||||
when 'redhat', 'fedora'
|
||||
'mod_security'
|
||||
|
@ -3,14 +3,14 @@
|
||||
control 'apache server_status configuration' do
|
||||
title 'should match desired lines'
|
||||
|
||||
server_status_stanza = <<-SS_STANZA
|
||||
<Location "/server-status">
|
||||
server_status_stanza = <<~SS_STANZA
|
||||
<Location "/server-status">
|
||||
SetHandler server-status
|
||||
Require local
|
||||
Require host foo.example.com
|
||||
Require ip 10.8.8.0/24
|
||||
</Location>
|
||||
SS_STANZA
|
||||
</Location>
|
||||
SS_STANZA
|
||||
|
||||
confdir =
|
||||
case platform[:family]
|
||||
@ -20,7 +20,8 @@ SS_STANZA
|
||||
'/etc/httpd/conf.d'
|
||||
when 'suse'
|
||||
'/etc/apache2/conf.d'
|
||||
when 'arch'
|
||||
# `linux` here is sufficient for `arch`
|
||||
when 'linux'
|
||||
'/etc/httpd/conf/extra'
|
||||
end
|
||||
|
||||
|
@ -1,13 +1,17 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
# Overide by OS
|
||||
service_name = 'apache2'
|
||||
service_name = 'httpd' if (os[:name] == 'centos')
|
||||
|
||||
control 'apache service' do
|
||||
impact 0.5
|
||||
title 'should be running and enabled'
|
||||
|
||||
service_name =
|
||||
case platform[:family]
|
||||
when 'debian', 'suse'
|
||||
'apache2'
|
||||
when 'redhat', 'fedora', 'linux'
|
||||
'httpd'
|
||||
end
|
||||
|
||||
describe service(service_name) do
|
||||
it { should be_enabled }
|
||||
it { should_not be_running }
|
||||
|
Loading…
Reference in New Issue
Block a user