Ensure no directory listing is active

By default, puppetlabs-apache module enables Indexes option, which can
lead in data/structure leak.

The following patch disable that option on a global base, since we
shouldn't need such a feature.

Closes-Bug: #1854442
Change-Id: Icba53f4e32237556608f4cb6dcd9da1a71705c19
(cherry picked from commit ad48860b75)
(cherry picked from commit 6357ffa748)
(cherry picked from commit 81c4ebddee)
(cherry picked from commit 728eb7f6ef)

manifests/wsgi/apache.pp

@@ -272,6 +272,7 @@ define openstacklib::wsgi::apache (
     access_log_file             => $access_log_file,
     access_log_format           => $access_log_format,
     error_log_file              => $error_log_file,
+    options                     => ['-Indexes', '+FollowSymLinks','+MultiViews'],
   }
 
   Package<| title == 'httpd' |>

releasenotes/notes/no-directory-listing-8e6270ed0e1eb1d0.yaml

@@ -0,0 +1,6 @@
+---
+security:
+  - Do not authorize directory listing
+fixes:
+  - rhbz#1778052
+  - LP#1854442

spec/defines/openstacklib_wsgi_apache_spec.rb

@@ -89,6 +89,7 @@ describe 'openstacklib::wsgi::apache' do
         'setenvif'                    => ['X-Forwarded-Proto https HTTPS=1'],
         'access_log_file'             => false,
         'access_log_format'           => false,
+        'options'                     => ['-Indexes', '+FollowSymLinks','+MultiViews'],
       )}
       it { is_expected.to contain_concat("#{platform_params[:httpd_ports_file]}") }
     end