nagios master: apache vhost

author Peter Palfrader <peter@palfrader.org>

Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)

committer Peter Palfrader <peter@palfrader.org>

Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)
author Peter Palfrader <peter@palfrader.org>
Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)
committer Peter Palfrader <peter@palfrader.org>
Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)
diff --git a/modules/nagios/manifests/server.pp b/modules/nagios/manifests/server.pp

index ab58405..cc28ff4 100644 (file)
--- a/modules/nagios/manifests/server.pp
+++ b/modules/nagios/manifests/server.pp
@@ -1,8 +1,18 @@
  class nagios::server {
+       include apache2
+       include apache2::ssl
+       include apache2::auth_digest
+       include apache2::authn_anon
+       include apache2::proxy_http
+
         ssl::service { 'nagios.debian.org':
                 notify  => Exec['service apache2 reload'],
                 key => true,
         }
+       apache2::site { "10-nagios.debian.org":
+               site => "nagios.debian.org",
+               content => template('nagios/nagios.debian.org.conf.erb'),
+       }
  
         concat::fragment { 'dsa-puppet-stuff--nagios--restart-stale-icinga':
                 target => '/etc/cron.d/dsa-puppet-stuff',
diff --git a/modules/nagios/templates/nagios.debian.org.conf.erb b/modules/nagios/templates/nagios.debian.org.conf.erb

new file mode 100644 (file)

index 0000000..bc57894
--- /dev/null
+++ b/modules/nagios/templates/nagios.debian.org.conf.erb
@@ -0,0 +1,40 @@
+Use common-debian-service-https-redirect * nagios.debian.org
+
+<VirtualHost *:443>
+        ServerAdmin webmaster@debian.org
+        ServerName icinga.debian.org
+        ServerAlias nagios
+
+        Use common-debian-service-ssl nagios.debian.org
+        Use common-ssl-HSTS
+        Use http-pkp-nagios.debian.org
+
+        ErrorLog /var/log/apache2/nagios.debian.org-error.log
+        LogLevel warn
+        CustomLog /var/log/apache2/nagios.debian.org-access.log combined
+        ServerSignature On
+        <IfModule mod_userdir.c>
+                UserDir disabled
+        </IfModule>
+        DocumentRoot /srv/nagios.debian.org/htdocs
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride None
+        </Directory>
+        <Directory /srv/nagios.debian.org/htdocs/>
+                Options -Indexes +FollowSymLinks +MultiViews
+                AllowOverride None
+        </Directory>
+
+        AddOutputFilterByType DEFLATE text/json
+        Include "/etc/icinga/apache2.conf"
+
+        RedirectMatch ^/$ /icinga/
+        RedirectMatch ^/nagios$ /icinga
+        RedirectMatch ^/nagios/$ /icinga/
+        RedirectMatch ^/nagios3$ /icinga/
+        RedirectMatch ^/nagios3/$ /icinga/
+
+        Header always set Referrer-Policy "same-origin"
+</VirtualHost>
+# vim:set syntax=apache:
author	Peter Palfrader <peter@palfrader.org>
	Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 1 Jun 2018 08:58:43 +0000 (10:58 +0200)
modules/nagios/manifests/server.pp		patch \| blob \| history
modules/nagios/templates/nagios.debian.org.conf.erb	[new file with mode: 0644]	patch \| blob