Commit Graph

563 Commits

Author SHA1 Message Date
Imran Iqbal
2a79d05945
fix(modsecurity.conf.jinja): fix salt-lint errors
```bash
Examining apache/files/RedHat/modsecurity.conf.jinja of type state
[201] Trailing whitespace
apache/files/RedHat/modsecurity.conf.jinja:26
```
2019-10-17 08:32:30 +01:00
Imran Iqbal
e2c1c2e66f
fix(apache-2.4.config.jinja): fix salt-lint errors
```bash
Examining apache/files/FreeBSD/apache-2.4.config.jinja of type state
[201] Trailing whitespace
apache/files/FreeBSD/apache-2.4.config.jinja:171
```
2019-10-17 08:32:30 +01:00
Imran Iqbal
f4045efeff
fix(apache-2.2.config.jinja): fix salt-lint errors
```bash
Examining apache/files/Debian/apache-2.2.config.jinja of type state
[201] Trailing whitespace
apache/files/Debian/apache-2.2.config.jinja:119
    MaxSpareThreads      75

[201] Trailing whitespace
apache/files/Debian/apache-2.2.config.jinja:136
    MaxSpareThreads      75
```
2019-10-17 08:32:30 +01:00
Imran Iqbal
97f6ead9f4
fix(yamllint): fix all errors
```bash
apache-formula$ yamllint -s .
./pillar.example
  2:1       warning  missing document start "---"  (document-start)
  5:26      warning  truthy value should be one of [false, true]  (truthy)
  50:18     warning  too few spaces before comment  (comments)
  51:16     warning  truthy value should be one of [false, true]  (truthy)
  52:57     warning  too few spaces before comment  (comments)
  52:89     error    line too long (104 > 88 characters)  (line-length)
  67:33     warning  truthy value should be one of [false, true]  (truthy)
  67:38     warning  too few spaces before comment  (comments)
  69:31     warning  too few spaces before comment  (comments)
  70:8      warning  missing starting space in comment  (comments)
  75:53     warning  too few spaces before comment  (comments)
  75:89     error    line too long (98 > 88 characters)  (line-length)
  76:55     warning  too few spaces before comment  (comments)
  76:89     error    line too long (101 > 88 characters)  (line-length)
  78:50     warning  too few spaces before comment  (comments)
  79:89     error    line too long (95 > 88 characters)  (line-length)
  82:47     warning  too few spaces before comment  (comments)
  83:54     warning  too few spaces before comment  (comments)
  83:89     error    line too long (100 > 88 characters)  (line-length)
  84:58     warning  too few spaces before comment  (comments)
  84:89     error    line too long (109 > 88 characters)  (line-length)
  93:32     warning  too few spaces before comment  (comments)
  100:89    error    line too long (105 > 88 characters)  (line-length)
  101:33    error    trailing spaces  (trailing-spaces)
  102:16    warning  truthy value should be one of [false, true]  (truthy)
  231:20    warning  truthy value should be one of [false, true]  (truthy)
  242:32    warning  too few spaces before comment  (comments)
  249:20    warning  truthy value should be one of [false, true]  (truthy)
  254:20    warning  truthy value should be one of [false, true]  (truthy)
  260:21    warning  truthy value should be one of [false, true]  (truthy)
  283:8     warning  missing starting space in comment  (comments)
  284:8     warning  missing starting space in comment  (comments)
  297:15    warning  too few spaces before comment  (comments)
  328:18    warning  truthy value should be one of [false, true]  (truthy)
  330:20    warning  truthy value should be one of [false, true]  (truthy)
  342:15    error    empty value in block mapping  (empty-values)
  345:18    warning  truthy value should be one of [false, true]  (truthy)
  348:18    warning  truthy value should be one of [false, true]  (truthy)
  355:18    warning  truthy value should be one of [false, true]  (truthy)
  358:89    error    line too long (91 > 88 characters)  (line-length)
  359:26    warning  truthy value should be one of [false, true]  (truthy)
  362:89    error    line too long (99 > 88 characters)  (line-length)
  365:89    error    line too long (267 > 88 characters)  (line-length)
  367:21    warning  truthy value should be one of [false, true]  (truthy)
  369:26    warning  truthy value should be one of [false, true]  (truthy)
  371:1     error    too many blank lines (1 > 0)  (empty-lines)

./apache/osfingermap.yaml
  3:1       warning  missing document start "---"  (document-start)

./apache/modsecurity.yaml
  4:1       warning  missing document start "---"  (document-start)
  6:18      warning  truthy value should be one of [false, true]  (truthy)
  7:20      warning  truthy value should be one of [false, true]  (truthy)
  14:18     warning  truthy value should be one of [false, true]  (truthy)
  15:20     warning  truthy value should be one of [false, true]  (truthy)
  22:18     warning  truthy value should be one of [false, true]  (truthy)
  23:20     warning  truthy value should be one of [false, true]  (truthy)

./apache/defaults.yaml
  4:1       warning  missing document start "---"  (document-start)
  5:26      warning  truthy value should be one of [false, true]  (truthy)
  7:19      warning  truthy value should be one of [false, true]  (truthy)
  10:18     warning  truthy value should be one of [false, true]  (truthy)
  11:20     warning  truthy value should be one of [false, true]  (truthy)

./apache/oscodenamemap.yaml
  4:1       warning  missing document start "---"  (document-start)
  4:8       error    trailing spaces  (trailing-spaces)
  9:8       error    trailing spaces  (trailing-spaces)
  14:7      error    trailing spaces  (trailing-spaces)
  19:6      error    trailing spaces  (trailing-spaces)
  24:8      error    trailing spaces  (trailing-spaces)
  29:9      error    trailing spaces  (trailing-spaces)
  34:7      error    trailing spaces  (trailing-spaces)
  39:8      error    trailing spaces  (trailing-spaces)
  44:8      error    trailing spaces  (trailing-spaces)
  50:9      error    trailing spaces  (trailing-spaces)
  61:1      error    too many blank lines (1 > 0)  (empty-lines)

./apache/osfamilymap.yaml
  4:1       warning  missing document start "---"  (document-start)
  16:89     error    line too long (104 > 88 characters)  (line-length)
  43:89     error    line too long (105 > 88 characters)  (line-length)
  56:16     warning  truthy value should be one of [false, true]  (truthy)
  114:11    error    empty value in block mapping  (empty-values)
  114:11    error    trailing spaces  (trailing-spaces)

./test/salt/pillar/default.sls
  5:26      warning  truthy value should be one of [false, true]  (truthy)
  7:18      warning  truthy value should be one of [false, true]  (truthy)
  8:20      warning  truthy value should be one of [false, true]  (truthy)
```
2019-10-17 08:32:30 +01:00
Imran Iqbal
68b971bd77
test(mod_security_spec): convert from Serverspec to InSpec 2019-10-17 08:32:29 +01:00
Imran Iqbal
34d1f7cf15
feat(semantic-release): implement for this formula
* Automated using https://github.com/myii/ssf-formula/pull/79
2019-10-17 08:18:11 +01:00
Imran Iqbal
93c8d1ffe7
docs(pr): remove PR template to use org-wide template instead [skip ci] 2019-10-17 03:55:18 +01:00
Sergio Cambra
9a1b1d9b26 Patch upload progress (#267)
* Include the mod_* states in apache.modules for Debian hosts

* upload progress module for debian
2019-09-26 17:57:24 +02:00
Sergio Cambra
d660abfe70 fix server_status state (#268) 2019-09-25 20:03:49 +02:00
Andreas Thienemann
0c1423f8f1 Fix mod_remoteip for Red Hat family OS (#260)
The source template was missing for RH based systems, only the Debian
file was packaged.

Fix this.
2019-04-20 09:32:44 +02:00
N
58d2a33898 Resolve #256 - fix Suse group value (#257) 2019-03-06 17:37:36 +01:00
Imran Iqbal
262399aea4 Merge branch 'alxwr-master' into upstream 2019-02-14 14:12:09 +00:00
Alexander Weidinger
05ff4e163c map.jinja: use grains.filter_by instead of defaults.merge
defaults.merge does not work with salt-ssh.
https://github.com/saltstack/salt/issues/51605
2019-02-13 13:41:54 +01:00
Javier Bértoli
64434daecb Fix wrong yaml parsing (#253) 2019-02-10 19:35:25 +01:00
Imran Iqbal
6852f87b7f Fix apache:lookup regression (#252) 2019-01-29 20:28:46 +01:00
Niels Abspoel
dccfdf7962
add server_status state (#250)
Add server_status state to create a default server_status handler for localhost
2018-11-27 19:53:15 +01:00
Javier Bértoli
a881f63780
Merge pull request #249 from aboe76/master
use watch module: apache-[restart|reload] consequently
2018-11-09 15:25:11 -03:00
Niels Abspoel
9490c868e0 use watch module: apache-[restart|reload] consequently 2018-11-09 00:25:52 +01:00
Javier Bértoli
17d3d84595
Merge pull request #248 from aboe76/fix_osfinger
Fix osfinger map.jinja
2018-11-08 19:33:07 -03:00
Niels Abspoel
dcce3f6129 Fix osfinger map.jinja
made a copy paste error in map.jinja

this fixes #247
2018-11-08 21:32:32 +01:00
Javier Bértoli
c4154ba404
Merge pull request #246 from aboe76/add_defaults.yaml
refactor map.jinja with defaults and import_yaml files
2018-11-07 19:39:25 -03:00
Niels Abspoel
094b149262 refactor map.jinja with defaults and import_yaml files 2018-11-07 22:46:30 +01:00
alxwr
e2462b2c3b
Merge pull request #245 from netmanagers/master
Add OCSP Stapling configuration capabilities to Debian
2018-11-07 21:20:12 +01:00
alxwr
4af4ff5970 Restart (if needed) before reload (#244)
Some configuration changes only take effect after a restart of the service.
When the module 'apache-reload' is triggered too early, it fails which results
in a false-negative result of the Salt run.
In order to fix that 'apache-restart' and the service definition itself are
put before 'apache-reload'. Reload should always succeed if restart did.
2018-11-07 20:06:30 +01:00
Javier Bértoli
06b1606f33 Add OCSP Stapling configuration capabilities to Debian
Document Stapling options in pillar.example
2018-11-04 15:39:34 -03:00
Andreas Thienemann
79673343a5 No automatic listener for port *
The formula currently adds a Listen directive for the port '*' if
any configured vhost is configured to listen on :* which does not
work and instead prevents apache from starting.

It is possible to prevent this by setting the
exclude_listen_directive pillar to True but this is a manual
workaround.

Instead, this commit excludes :* Listeners automatically.
2018-11-04 03:18:56 +01:00
Andreas Thienemann
4bba8862ab Delete Red Hat provided ssl.conf (#243)
When using the mod_ssl state on Red Hat family systems the httpd
server will currently not start.

This is due to duplicate Listen directives provided in the
ssl.conf file shipped with the mod_ssl rpm package and the directives
configured by saltstack.

The easy solution is to just ensure the rpm shipped mod_ssl is removed.
2018-10-27 23:27:27 +02:00
Andreas Thienemann
894e970549 Fix hardcoded path (#242)
The config.sls state uses a hardcoded file path for the welcome
config.
Use the confdir variable to build the path instead to allow for
overrides.
2018-10-27 22:13:49 +02:00
Andreas Thienemann
4ed6e228f5 Improve document root fix for Red Hat (#241)
The docroot fix from PR#240 worked fine for default servers.
But as soon as one uses vhosts this broke as the vhosts were
created under the docroot in /var/www/html rather than the better
/var/www.

Fix this by differentiating between docroot and wwwdir.
Further allow to override both in Red Hat-style configs.
The override allows to reuse this formula for the softwarecollections
rpms.
2018-10-27 15:21:51 +02:00
Javier Bértoli
e1ab49cce3
Merge pull request #240 from bawuenet/fix_docroot
Fix DocumentRoot on Red Hat
2018-10-10 14:13:39 -03:00
Andreas Thienemann
eca4daf767 Fix DocumentRoot on Red Hat
The current docroot ist set to /var/www. This is incorrect.
Fix with correct value /var/www/html.
2018-10-10 19:01:49 +02:00
Javier Bértoli
ff021d36aa
Merge pull request #237 from arthurlogilab/patch-3
[vhosts/standard] improve uniqueness of section id
2018-09-11 09:22:05 -03:00
Arthur Lutz
feadd58f85
[standard/vhost] unique id renamed 2018-09-11 12:52:30 +02:00
Arthur Lutz
c07e5846a4
[vhosts/standard] improve uniqueness of section id 2018-09-11 09:43:15 +02:00
Sebastian Meyer
6f3ab21d62 Allow setting APACHE_SERVER_FLAGS on Suse (#234)
SUSE reads additional FLAGS that are used on the server start. They are
read from the APACHE_SERVER_FLAGS key, so we use a2enflag/a2disflag to
set those as we do with modules.
2018-08-30 22:22:55 +02:00
ze42
1982f1ecc8 mod_remoteip: enable conf independantly (#236) 2018-08-30 22:22:28 +02:00
N
8adcad3db8
Merge pull request #231 from ze42/directory_default
vhosts/standard: Directory_default to DocumentRoot
2018-08-29 11:44:17 +01:00
Adrien "ze" Urban
49dedb64dc directory.default: update pillar.example
New behavior properly explained in pillar.example

Warning: changes directory.default when used with non-standard documentroot.
Now uses documentroot, instead of previously "default" documentroot path.
2018-08-29 12:19:43 +02:00
Adrien "ze" Urban
70ae79b991 vhosts/standard: Directory_default to DocumentRoot 2018-08-29 12:16:15 +02:00
ardin
7bac5c7c30 mod_mpm for RedHat (#160) 2018-08-17 19:42:45 +02:00
Arthur Lutz
a5debf58b3 207 configure ssl (#218)
* [ssl] [debian] manage ssl.conf with pillars
* [apache] make cyphersuite a list
* [apache/ssl] switch back to strings, lists merge is not good
2018-08-17 19:41:40 +02:00
Niels Abspoel
ac7e71bf56
Merge pull request #228 from ze42/docroot_sitename
DocumentRoot: fallback to SiteName like templates
2018-08-17 19:39:51 +02:00
Niels Abspoel
32f92e8acd
Merge pull request #227 from ze42/geoip_debian
geoip: Debian support
2018-08-17 19:39:16 +02:00
Niels Abspoel
03de980860
Merge pull request #230 from ze42/docroot_owner
vhosts/standard: allow to set docroot ownership
2018-08-17 19:38:18 +02:00
Niels Abspoel
00b437aa27
Merge pull request #232 from ze42/vhosts_cleanup
vhosts/cleanup: clean non-salted sites
2018-08-17 19:36:30 +02:00
Javier Bértoli
760cadebc3
Merge pull request #233 from alxwr/master
Create Apache's logdir if necessary
2018-08-17 10:42:55 -03:00
Alexander Weidinger
33e1302a12 Create Apache's logdir if necessary 2018-08-15 02:01:40 +02:00
Adrien "ze" Urban
fdaa62d7a9 vhosts/cleanup: clean non-salted sites
Makes it easier to clean any unwanted sites
2018-07-03 11:44:24 +02:00
Adrien "ze" Urban
37f8af4b3a vhosts/standard: rewrite, simplify code
* No more if.
* Allow lookup to set default value for all docroot
* updated pillar.example
2018-06-28 15:28:03 +02:00
Adrien "ze" Urban
2bae6fea10 vhosts/standard: fix set user/group
unless test -d on file.directory seems useless.
2018-06-28 10:20:33 +02:00