projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
dbmaster: enable puppet-restricted-acl.conf apache snippet
[mirror/dsa-puppet.git] / modules / roles / manifests / dbmaster.pp
diff --git a/modules/roles/manifests/dbmaster.pp b/modules/roles/manifests/dbmaster.pp
index e78167a..2b9bf7f 100644 (file)
--- a/modules/roles/manifests/dbmaster.pp
+++ b/modules/roles/manifests/dbmaster.pp
@@ -60,4 +60,30 @@ class roles::dbmaster {
   ferm::rule::simple { 'ldap':
     port => ['ldap', 'ldaps'],
   }
+
+  concat { '/etc/apache2/conf-available/puppet-restricted-acl.conf':
+    mode           => '0444',
+    ensure_newline => true,
+    warn           => '# This file is maintained with puppet',
+  }
+  Concat::Fragment <<| tag == 'debian_org::apt_restricted::apache-acl' |>>
+  concat::fragment { 'debian_org::apt_restricted::apache-acl-head':
+    target  => '/etc/apache2/conf-available/puppet-restricted-acl.conf',
+    order   => '01',
+    content => @(EOF)
+      <Macro dsa-apt-restricted-acl>
+      | EOF
+  }
+  concat::fragment { 'debian_org::apt_restricted::apache-acl-tail':
+    target  => '/etc/apache2/conf-available/puppet-restricted-acl.conf',
+    order   => '99',
+    content => @(EOF)
+      </Macro>
+      | EOF
+  }
+  file { '/etc/apache2/conf-enabled/puppet-restricted-acl.conf':
+    ensure => symlink,
+    target => '../conf-available/puppet-restricted-acl.conf',
+    notify => Exec['service apache2 reload'],
+  }
 }
Unnamed repository; edit this file 'description' to name the repository.