source => 'puppet:///modules/apache2/apache2.logrotate',
}
- file { [ '/srv/www', '/srv/www/default.debian.org', '/srv/www/default.debian.org/htdocs' ]:
+ file { [ '/srv/www', '/srv/www/default.debian.org', '/srv/www/default.debian.org/htdocs', '/srv/www/default.debian.org/htdocs-disabled' ]:
ensure => directory,
mode => '0755',
}
content => template('apache2/default-index.html'),
}
+ file { '/srv/www/default.debian.org/htdocs-disabled/index.html':
+ content => template('apache2/disabled-index.html'),
+ }
+
file { '/var/log/apache2/.nobackup':
mode => '0644',
content => '',
script => 'ps_',
}
- if $::hostname in [beach,buxtehude,picconi,pkgmirror-1and1] {
+ if $::hostname in [beach,buxtehude,picconi,pkgmirror-1and1,pkgmirror-csail] {
include apache2::dynamic
} else {
@ferm::rule { 'dsa-http':
refreshonly => true,
require => Package['apache2'],
}
+
+ concat { '/etc/apache2/conf-available/puppet-ssl-key-pins.conf':
+ owner => root,
+ group => root,
+ mode => '0644',
+ require => Package['apache2'],
+ notify => Exec['service apache2 reload'],
+ }
+ concat::fragment { 'puppet-ssl-key-pins-header':
+ target => '/etc/apache2/conf-available/puppet-ssl-key-pins.conf',
+ content => '',
+ order => 00,
+ }
+ apache2::config { 'puppet-ssl-key-pins':
+ nocontentok => true,
+ }
}