Commit Graph

22 Commits

Author SHA1 Message Date
Marius van Witzenburg
22c647eb5c
feature(trust): improved remote ip internal proxy support (#300)
* feat(trusted_proxy): Add support for RemoteIPInternalProxy

* fix(syntax): add semicolon
2021-01-08 11:33:46 +00:00
noelmcloughlin
47818fc360 refactor(formula): align to template-formula & improve ci features
FEATURE: Archlinux support
FEATURE: Windows support
FEATURE: Enhanced CI/CD
FEATURE: modular states

BREAKING CHANGE: 'apache.sls' converted to new style 'init.ssl'
BREAKING CHANGE: "logrotate.sls" became "config/logrotate.sls"
BREAKING CHANGE: "debian_full.sls" became "config/debian_full.sls"
BREAKING CHANGE: "flags.sls" became "config/flags.sls"
BREAKING CHANGE: "manage_security" became "config/manage_security.sls"
BREAKING CHANGE: "mod_*.sls" became "config/mod_*.sls"
BREAKING CHANGE: "no_default_host.sls" became "config/no_default_host.sls"
BREAKING CHANGE: "own_default_host.sls" became "config/own_default_host.sls"
BREAKING CHANGE: "register_site.sls" became "config/register_site.sls"
BREAKING CHANGE: "server_status.sls" became "config/server_status.sls"
BREAKING CHANGE: "vhosts/" became "config/vhosts/"
BREAKING CHANGE: "mod_security/" became "config/mod_security/"

NOT-BREAKING CHANGE: 'config.sls' became 'config/init.sls'
NOT-BREAKING CHANGE: 'uninstall.sls' symlinked to 'clean.sls'
2020-10-05 14:24:15 +01:00
Andreas Thienemann
648f589cc3
feat(redhat/apache-2.x.config.jinja): allow override of default_charset
The current Red Hat config allows to set DefaultCharset to a value.
In certain situations it is necessary to leave it unconfigured thouguh.

Make the content optional, if the value of apache.default_charset is None,
the item is skipped. Otherwise it defaults to UTF-8.
2020-07-16 19:43:54 +01:00
Chris Horne
36ad2b2442 fix(redhat): add user & group lookup to configs 2019-12-20 17:38:01 +00:00
Dimitry Andric
21045c7a7b fix(mod_mpm): cast to int to avoid Jinja type mismatch error
This fixes the following error when Jinja tries to process
`mpm_prefork.conf.jinja` or `00-mpm.conf.jinja`, when it processes the
`max_request_workers` comparison:

```
Unable to manage file: Jinja error: '>=' not supported between instances of 'str' and 'int'
[...]
<IfModule mpm_prefork_module>
  StartServers {{ mpm_param['start_servers'] | d('5') }}
  MaxRequestWorkers {{ mpm_param['max_request_workers'] | d('150') }}
{%- if mpm_param['max_request_workers'] | d('150') >= 256 %}    <======================
  ServerLimit {{ mpm_param['max_request_workers'] | d('150') }}
{%- endif %}
  MinSpareServers {{ mpm_param['min_spare_servers'] | d('5') }}
  MaxSpareServers {{ mpm_param['max_spare_servers'] | d('10') }}
  MaxConnectionsPerChild {{ mpm_param['max_connections_per_child'] | d('0') }}
```

Add filters that convert the values to an int first.
2019-12-20 13:24:37 +01:00
Imran Iqbal
2a79d05945
fix(modsecurity.conf.jinja): fix salt-lint errors
```bash
Examining apache/files/RedHat/modsecurity.conf.jinja of type state
[201] Trailing whitespace
apache/files/RedHat/modsecurity.conf.jinja:26
```
2019-10-17 08:32:30 +01:00
Andreas Thienemann
0c1423f8f1 Fix mod_remoteip for Red Hat family OS (#260)
The source template was missing for RH based systems, only the Debian
file was packaged.

Fix this.
2019-04-20 09:32:44 +02:00
Andreas Thienemann
79673343a5 No automatic listener for port *
The formula currently adds a Listen directive for the port '*' if
any configured vhost is configured to listen on :* which does not
work and instead prevents apache from starting.

It is possible to prevent this by setting the
exclude_listen_directive pillar to True but this is a manual
workaround.

Instead, this commit excludes :* Listeners automatically.
2018-11-04 03:18:56 +01:00
Andreas Thienemann
4ed6e228f5 Improve document root fix for Red Hat (#241)
The docroot fix from PR#240 worked fine for default servers.
But as soon as one uses vhosts this broke as the vhosts were
created under the docroot in /var/www/html rather than the better
/var/www.

Fix this by differentiating between docroot and wwwdir.
Further allow to override both in Red Hat-style configs.
The override allows to reuse this formula for the softwarecollections
rpms.
2018-10-27 15:21:51 +02:00
ardin
7bac5c7c30 mod_mpm for RedHat (#160) 2018-08-17 19:42:45 +02:00
Javier Bértoli
fcb434e248 Added "Managed by Salt..." headers in template and made them unifom across the formula 2018-02-04 10:26:40 -03:00
Louis Haddrell
7e96ce8d3e Replaced Apache 2.4 syntax in RedHat Apache 2.2 config (fixes #115) 2017-08-01 15:34:06 +01:00
Patrick Chevalley
780bf3158d Add Reverse Proxy directives, GeoIP, Certificates management, mostly for RedHat 2017-03-09 12:44:32 +01:00
Rob Ruma
d5337836b2 Adding exclude_listen_directive option (#151)
* Adding exclude_listen_directive option

* Updating Debian config
2016-07-20 19:19:39 -07:00
abehling
9aca4c35b7 RedHat: Made AddDefaultCharset Directive configurable (#147)
* RedHat: Made AddDefaultCharset Directive configurable

* Added description of apache:lookup:default_charset to pillar.example, sane default equals former hardcoded UTF-8
2016-06-29 09:18:30 -07:00
Tibor Gemes
c7e23edf52 Add custom port to RedHat config 2016-05-17 18:59:01 +02:00
Javier Bértoli
2be52db8b8 Add mod_security management
Add gitignore, kitchen-ci files
Add some tests and documentation
2016-05-11 15:41:07 -03:00
Alexander Behling
3232866cc2 Added configurable variables, Fixed bug if vhostdir is something different than default value 2016-05-10 11:49:41 +02:00
Rowcliffe Browne
2557d3d1c8 Allow global directives to be added to apache config 2016-01-19 17:02:31 +08:00
root
dc7970955a Added support for different templates for the config file based on version 2015-12-10 06:54:50 +10:00
Krzysztof Pawłowski
b6fe515ed8 RedHat fixes: change default vhostdir to redhat official default /etc/httpd/vhosts.d, add state for ensuring that vhostdir exists, include vhosts.d/*.conf in httpd.conf 2015-07-22 14:36:25 +02:00
Niels Abspoel
53b995a680 Improved apache-formula
- Added more modules and configuration options
 - Renamed sls files to reflect what they do.
 - added mpm options for Debian
2015-06-19 20:44:53 +02:00