* Feature (rhel7/httpd 2.4) : hardening apache and code refactoring
* remove hard returns
* Add default Listen 80 in httpd.conf
In case there no vhosts defined in pillar httpd will listen on port 80.
Without this default it will not start
* empty file autoindex.conf instead of deleting it
* explicit hardening items and references from CIS
* add #3.5 hardening rule
* explain CIS recommendations categories
* add dependencies before start service
* add recommendation #7.1 Install mod_ssl
* link in readme to hardening doc
SUSE reads additional FLAGS that are used on the server start. They are
read from the APACHE_SERVER_FLAGS key, so we use a2enflag/a2disflag to
set those as we do with modules.
New behavior properly explained in pillar.example
Warning: changes directory.default when used with non-standard documentroot.
Now uses documentroot, instead of previously "default" documentroot path.
* RedHat: Made AddDefaultCharset Directive configurable
* Added description of apache:lookup:default_charset to pillar.example, sane default equals former hardcoded UTF-8
* Add ProxyRequests directive
This allows or prevents Apache httpd from functioning as a forward proxy server.
[See](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyrequests).
The default action is off so I've set this a the default for this formula so it does not change the default behaviour.
* Add example pillar usage
By reassigning options with `blockreplace` at `/etc/apache2/conf-available/security.conf`, which is linked as conf-enabled by default on Debian packages
* Add apache version (2.2, 2.4) detection based on osfinger (defaults to 2.4).
* Version can be overridden in pillar (for Apache 2.4 on RHEL 6 for example)
Add optional templating for the register site aspect of a pillar.
User can specify keys to be included as defaults, otherwise it is
treated as a normal managed file.
- Adding confext to virtualhost names.
- Renaming the default config file for Ubuntu (000-default.conf).
- Adding ability to use "Require all granted".
The structure of this example file was quite confusing. Most of these
values are not required and should be denoted as such. Jinja notiation
to denote re-used Pillar values was also a bad and confusing choice.
Closes#8
