Comment out rate-limiting of https traffic on security-tracker

[mirror/dsa-puppet.git] / modules / roles / manifests / security_tracker.pp

diff --git a/modules/roles/manifests/security_tracker.pp b/modules/roles/manifests/security_tracker.pp
index d8d23a3..0e94dd8 100644 (file)
--- a/modules/roles/manifests/security_tracker.pp
+++ b/modules/roles/manifests/security_tracker.pp
@@ -3,6 +3,10 @@ class roles::security_tracker {
        include apache2::proxy_http
        include apache2::expires
 
+       apache2::module { 'cache_disk':
+               ensure => present,
+       }
+
        # security-tracker abusers
        #  66.170.99.1  20180706 excessive number of requests
        #  66.170.99.2  20180706 excessive number of requests
@@ -23,11 +27,11 @@ class roles::security_tracker {
        }
 
        # traffic shaping http traffic
-       @ferm::rule { 'dsa-security-tracker-shape':
-               table => 'mangle',
-               chain => 'OUTPUT',
-               rule  => "proto tcp sport 443 MARK set-mark 20",
-       }
+       #@ferm::rule { 'dsa-security-tracker-shape':
+       #       table => 'mangle',
+       #       chain => 'OUTPUT',
+       #       rule  => "proto tcp sport 443 MARK set-mark 20",
+       #}
 
        file { '/usr/local/sbin/traffic-shape':
                mode   => '0755',