Puppet Class: apache::ssl
- Defined in:
- manifests/ssl.pp
Overview
Class apache::ssl
Apache resources specific for SSL
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'manifests/ssl.pp', line 5
class apache::ssl {
include apache
case $::operatingsystem {
ubuntu,debian,mint: {
exec { 'enable-ssl':
command => '/usr/sbin/a2enmod ssl',
creates => '/etc/apache2/mods-enabled/ssl.load',
notify => Service['apache'],
require => Package['apache'],
}
}
default: {
package { 'mod_ssl':
ensure => present,
require => Package['apache'],
notify => Service['apache'],
}
file { "${apache::config_dir}/ssl.conf":
mode => '0644',
owner => 'root',
group => 'root',
notify => Service['apache'],
}
file {['/var/cache/mod_ssl', '/var/cache/mod_ssl/scache']:
ensure => directory,
owner => 'apache',
group => 'root',
mode => '0700',
require => Package['mod_ssl'],
notify => Service['apache'],
}
}
}
### Port monitoring, if enabled ( monitor => true )
if $apache::bool_monitor == true {
monitor::port { "apache_${apache::protocol}_${apache::ssl_port}":
protocol => $apache::protocol,
port => $apache::ssl_port,
target => $apache::monitor_target,
tool => $apache::monitor_tool,
enable => $apache::manage_monitor,
}
}
### Firewall management, if enabled ( firewall => true )
if $apache::bool_firewall == true {
firewall { "apache_${apache::protocol}_${apache::ssl_port}":
source => $apache::firewall_src,
destination => $apache::firewall_dst,
protocol => $apache::protocol,
port => $apache::ssl_port,
action => 'allow',
direction => 'input',
tool => $apache::firewall_tool,
enable => $apache::manage_firewall,
}
}
}
|