From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 2 Feb 2016 06:46:50 +0000 (+0100)
Subject: Add default SSL site
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;ds=sidebyside;h=b378f5d0e59f2a4d9d8905d4ce6873902fce8604;p=mirror%2Fdsa-puppet.git

Add default SSL site
---

diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp
index 8be585bfa..b8e76ad8e 100644
--- a/modules/apache2/manifests/init.pp
+++ b/modules/apache2/manifests/init.pp
@@ -32,6 +32,10 @@ class apache2 {
 		site     => 'default-debian.org',
 		content  => template('apache2/default-debian.org.erb'),
 	}
+	apache2::site { 'xx-default-ssl':
+		site     => 'default-debian.org-ssl',
+		content  => template('apache2/default-debian.org-ssl.erb'),
+	}
 
 	apache2::site { '000-default':
 		ensure => absent,
diff --git a/modules/apache2/templates/default-debian.org-ssl.erb b/modules/apache2/templates/default-debian.org-ssl.erb
new file mode 100644
index 000000000..a32936015
--- /dev/null
+++ b/modules/apache2/templates/default-debian.org-ssl.erb
@@ -0,0 +1,31 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+	ServerAdmin debian-admin@debian.org
+	SSLEngine on
+	SSLCertificateFile     /etc/ssl/debian/certs/thishost-server.crt
+	SSLCertificateKeyFile  /etc/ssl/debian/keys/thishost-server.key
+	SSLCertificateChainFile /etc/ssl/debian/certs/ca.crt
+
+	ErrorLog /var/log/apache2/error.log
+	CustomLog /var/log/apache2/access.log privacy
+
+	DocumentRoot /srv/www/default.debian.org/htdocs
+	<Directory /srv/www/default.debian.org/htdocs>
+		Require all granted
+	</Directory>
+
+	HostnameLookups Off
+	UseCanonicalName Off
+	ServerSignature On
+
+	<IfModule mod_userdir.c>
+		UserDir disabled
+	</IfModule>
+</VirtualHost>
+</IfModule>
+# vim:set syn=apache: