From b378f5d0e59f2a4d9d8905d4ce6873902fce8604 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Tue, 2 Feb 2016 07:46:50 +0100 Subject: [PATCH] Add default SSL site --- modules/apache2/manifests/init.pp | 4 +++ .../templates/default-debian.org-ssl.erb | 31 +++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 modules/apache2/templates/default-debian.org-ssl.erb diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp index 8be585bfa..b8e76ad8e 100644 --- a/modules/apache2/manifests/init.pp +++ b/modules/apache2/manifests/init.pp @@ -32,6 +32,10 @@ class apache2 { site => 'default-debian.org', content => template('apache2/default-debian.org.erb'), } + apache2::site { 'xx-default-ssl': + site => 'default-debian.org-ssl', + content => template('apache2/default-debian.org-ssl.erb'), + } apache2::site { '000-default': ensure => absent, diff --git a/modules/apache2/templates/default-debian.org-ssl.erb b/modules/apache2/templates/default-debian.org-ssl.erb new file mode 100644 index 000000000..a32936015 --- /dev/null +++ b/modules/apache2/templates/default-debian.org-ssl.erb @@ -0,0 +1,31 @@ +## +## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. +## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git +## + + + + ServerAdmin debian-admin@debian.org + SSLEngine on + SSLCertificateFile /etc/ssl/debian/certs/thishost-server.crt + SSLCertificateKeyFile /etc/ssl/debian/keys/thishost-server.key + SSLCertificateChainFile /etc/ssl/debian/certs/ca.crt + + ErrorLog /var/log/apache2/error.log + CustomLog /var/log/apache2/access.log privacy + + DocumentRoot /srv/www/default.debian.org/htdocs + + Require all granted + + + HostnameLookups Off + UseCanonicalName Off + ServerSignature On + + + UserDir disabled + + + +# vim:set syn=apache: -- 2.20.1