saltstack-formulas/apache-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
apache-formula/apache/modules.sls
karim Hamza ba2368907d remove ng stuff (#255) 
* remove -ng stuff

* remove ng from template

* remove -ng from readme

* manage listen directive with disabled vhosts

* add json filter

* remove hardcoded path
2019-04-20 09:38:32 +02:00

87 lines
2.4 KiB
Plaintext
Raw Blame History

{%- import_yaml "apache/hardening-values.yaml" as hardening_values %}
{% if grains['os_family']=="Debian" %}
include:
- apache
{% for module in salt['pillar.get']('apache:modules:enabled', []) %}
a2enmod {{ module }}:
cmd.run:
- unless: ls /etc/apache2/mods-enabled/{{ module }}.load
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% for module in salt['pillar.get']('apache:modules:disabled', []) %}
a2dismod -f {{ module }}:
cmd.run:
- onlyif: ls /etc/apache2/mods-enabled/{{ module }}.load
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% elif grains['os_family']=="RedHat" %}
include:
- apache
{% for module in salt['pillar.get']('apache:modules:enabled', default=hardening_values.modules.enforce_enabled, merge=True) if module not in hardening_values.modules.enforce_disabled %}
find /etc/httpd/ -name '*.conf' -type f -exec sed -i -e 's/\(^#\)\(\s*LoadModule.{{ module }}_module\)/\2/g' {} \;:
cmd.run:
- unless: httpd -M 2> /dev/null | grep "[[:space:]]{{ module }}_module"
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% for module in salt['pillar.get']('apache:modules:disabled', default=hardening_values.modules.enforce_disabled, merge=True) if module not in hardening_values.modules.enforce_enabled %}
find /etc/httpd/ -name '*.conf' -type f -exec sed -i -e 's/\(^\s*LoadModule.{{ module }}_module\)/#\1/g' {} \;:
cmd.run:
- onlyif: httpd -M 2> /dev/null | grep "[[:space:]]{{ module }}_module"
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% elif salt['grains.get']('os_family') == 'Suse' or salt['grains.get']('os') == 'SUSE' %}
include:
- apache
{% for module in salt['pillar.get']('apache:modules:enabled', []) %}
a2enmod {{ module }}:
cmd.run:
- unless: egrep "^APACHE_MODULES=" /etc/sysconfig/apache2 | grep {{ module }}
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% for module in salt['pillar.get']('apache:modules:disabled', []) %}
a2dismod -f {{ module }}:
cmd.run:
- onlyif: egrep "^APACHE_MODULES=" /etc/sysconfig/apache2 | grep {{ module }}
- order: 225
- require:
- pkg: apache
- watch_in:
- module: apache-restart
{% endfor %}
{% endif %}
Reference in New Issue View Git Blame Copy Permalink