0b60cdd6a1
'apache' module is needed by 'horizon' 4.1.0 173967ab8dd21a93d6f2b47ff2641d0092f729b1 v 1.2.0 Fuel-CI: disable Partial blueprint: merge-openstack-puppet-modules Change-Id: I0f5ff2fafe058c0263c2ace4bc0ce8f7828d3be0
61 lines
1.5 KiB
Puppet
61 lines
1.5 KiB
Puppet
class apache::mod::ssl (
|
|
$ssl_compression = false,
|
|
$ssl_options = [ 'StdEnvVars' ],
|
|
$ssl_cipher = 'HIGH:MEDIUM:!aNULL:!MD5',
|
|
$ssl_protocol = [ 'all', '-SSLv2', '-SSLv3' ],
|
|
$apache_version = $::apache::apache_version,
|
|
$package_name = undef,
|
|
) {
|
|
$session_cache = $::osfamily ? {
|
|
'debian' => "\${APACHE_RUN_DIR}/ssl_scache(512000)",
|
|
'redhat' => '/var/cache/mod_ssl/scache(512000)',
|
|
'freebsd' => '/var/run/ssl_scache(512000)',
|
|
}
|
|
|
|
case $::osfamily {
|
|
'debian': {
|
|
if versioncmp($apache_version, '2.4') >= 0 {
|
|
$ssl_mutex = 'default'
|
|
} elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' {
|
|
$ssl_mutex = 'file:/var/run/apache2/ssl_mutex'
|
|
} else {
|
|
$ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex"
|
|
}
|
|
}
|
|
'redhat': {
|
|
$ssl_mutex = 'default'
|
|
}
|
|
'freebsd': {
|
|
$ssl_mutex = 'default'
|
|
}
|
|
default: {
|
|
fail("Unsupported osfamily ${::osfamily}")
|
|
}
|
|
}
|
|
|
|
::apache::mod { 'ssl':
|
|
package => $package_name,
|
|
}
|
|
|
|
if versioncmp($apache_version, '2.4') >= 0 {
|
|
::apache::mod { 'socache_shmcb': }
|
|
}
|
|
|
|
# Template uses
|
|
#
|
|
# $ssl_compression
|
|
# $ssl_options
|
|
# $session_cache,
|
|
# $ssl_mutex
|
|
# $apache_version
|
|
#
|
|
file { 'ssl.conf':
|
|
ensure => file,
|
|
path => "${::apache::mod_dir}/ssl.conf",
|
|
content => template('apache/mod/ssl.conf.erb'),
|
|
require => Exec["mkdir ${::apache::mod_dir}"],
|
|
before => File[$::apache::mod_dir],
|
|
notify => Service['httpd'],
|
|
}
|
|
}
|