Merge pull request #101 from michaelforge/feature-mod_remoteip
Added ability to configure mod_remoteip
This commit is contained in:
commit
7860992728
@ -85,6 +85,11 @@ Installs and enables the mod_fcgid module
|
|||||||
|
|
||||||
Enables the Apache module vhost_alias (Debian Only)
|
Enables the Apache module vhost_alias (Debian Only)
|
||||||
|
|
||||||
|
``apache.mod_remoteip``
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
Enables and configures the Apache module mod_remoteip using data from Pillar. (Debian Only)
|
||||||
|
|
||||||
``apache.vhosts.standard``
|
``apache.vhosts.standard``
|
||||||
--------------------------
|
--------------------------
|
||||||
|
|
||||||
|
4
apache/files/Debian/conf-available/remoteip.conf.jinja
Normal file
4
apache/files/Debian/conf-available/remoteip.conf.jinja
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
RemoteIPHeader {{ salt['pillar.get']('apache:mod_remoteip:RemoteIPHeader', 'X-Forwarded-For') }}
|
||||||
|
{%- for trusted_proxy in salt['pillar.get']('apache:mod_remoteip:RemoteIPTrustedProxy', []) %}
|
||||||
|
RemoteIPTrustedProxy {{ trusted_proxy }}
|
||||||
|
{%- endfor %}
|
25
apache/mod_remoteip.sls
Normal file
25
apache/mod_remoteip.sls
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{% if grains['os_family']=="Debian" %}
|
||||||
|
|
||||||
|
include:
|
||||||
|
- apache
|
||||||
|
|
||||||
|
a2enmod remoteip:
|
||||||
|
cmd.run:
|
||||||
|
- unless: ls /etc/apache2/mods-enabled/remoteip.load
|
||||||
|
- order: 255
|
||||||
|
- require:
|
||||||
|
- pkg: apache
|
||||||
|
- watch_in:
|
||||||
|
- module: apache-restart
|
||||||
|
|
||||||
|
/etc/apache2/conf-available/remoteip.conf:
|
||||||
|
file.managed:
|
||||||
|
- template: jinja
|
||||||
|
- source:
|
||||||
|
- salt://apache/files/{{ salt['grains.get']('os_family') }}/conf-available/remoteip.conf.jinja
|
||||||
|
- require:
|
||||||
|
- pkg: apache
|
||||||
|
- watch_in:
|
||||||
|
- service: apache
|
||||||
|
|
||||||
|
{% endif %}
|
@ -120,3 +120,10 @@ apache:
|
|||||||
# can be Full | OS | Minimal | Minor | Major | Prod
|
# can be Full | OS | Minimal | Minor | Major | Prod
|
||||||
# where Full conveys the most information, and Prod the least.
|
# where Full conveys the most information, and Prod the least.
|
||||||
ServerTokens: Prod
|
ServerTokens: Prod
|
||||||
|
|
||||||
|
# ``apache.mod_remoteip`` formula additional configuration:
|
||||||
|
mod_remoteip:
|
||||||
|
RemoteIPHeader: X-Forwarded-For
|
||||||
|
RemoteIPTrustedProxy:
|
||||||
|
- 10.0.8.0/24
|
||||||
|
- 127.0.0.1
|
Loading…
Reference in New Issue
Block a user