Fuel Library
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

apache.pp 2.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. # == Class: cobbler::apache
  2. #
  3. # Configure apache and listen ports.
  4. #
  5. class cobbler::apache {
  6. file { ['/etc/httpd/', '/etc/httpd/conf.ports.d/']: ensure => directory }
  7. ->
  8. class { '::apache':
  9. server_signature => 'Off',
  10. trace_enable => 'Off',
  11. purge_configs => false,
  12. purge_vhost_dir => false,
  13. default_vhost => false,
  14. ports_file => '/etc/httpd/conf.ports.d/cobbler.conf',
  15. conf_template => 'fuel/httpd.conf.erb',
  16. }
  17. apache::vhost { 'cobbler non-ssl':
  18. servername => '_default_',
  19. port => 80,
  20. docroot => '/var/www/html',
  21. rewrites => [
  22. {
  23. comment => 'Redirect root path to SSL Nailgun',
  24. rewrite_cond => ['%{HTTPS} off'],
  25. rewrite_rule => ['^/$ https://%{HTTP_HOST}:8443%{REQUEST_URI} [R=301,L]']
  26. },
  27. {
  28. comment => 'Redirect other non-cobbler path to Nailgun',
  29. rewrite_cond => ['%{HTTPS} off', '%{REQUEST_URI} !^/(cblr|cobbler)'],
  30. rewrite_rule => ['(.*) http://%{HTTP_HOST}:8000%{REQUEST_URI} [R=301,L]']
  31. },
  32. ],
  33. aliases => [
  34. {
  35. alias => '/cobbler/boot',
  36. path => '/var/lib/tftpboot',
  37. },
  38. ],
  39. directories => [
  40. {
  41. path => '/var/lib/tftpboot',
  42. options => ['Indexes', 'FollowSymLinks'],
  43. },
  44. ],
  45. }
  46. apache::vhost { 'cobbler ssl':
  47. servername => '_default_',
  48. port => 443,
  49. docroot => '/var/www/html',
  50. ssl => true,
  51. ssl_cert => '/var/lib/fuel/keys/master/cobbler/cobbler.crt',
  52. ssl_key => '/var/lib/fuel/keys/master/cobbler/cobbler.key',
  53. rewrites => [
  54. {
  55. comment => 'Redirect root path to SSL Nailgun',
  56. rewrite_rule => ['^/$ https://%{HTTP_HOST}:8443%{REQUEST_URI} [R=301,L]']
  57. },
  58. ],
  59. custom_fragment => '
  60. CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"',
  61. ssl_cipher => 'ALL:!ADH:!EXPORT:!SSLv2:!MEDIUM:!LOW:+HIGH',
  62. setenvif => ['User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0'],
  63. }
  64. }