"logrotate": ensure => installed;
}
+ case $php5 {
+ "true": { package {
+ "php5-suhosin": ensure => installed;
+ }
+ file { "/etc/php5/conf.d/suhosin.ini":
+ source => [ "puppet:///apache2/per-host/$fqdn/etc/php5/conf.d/suhosin.ini",
+ "puppet:///apache2/common/etc/php5/conf.d/suhosin.ini" ],
+ require => Package["apache2", "php5-suhosin"],
+ notify => Exec["force-reload-apache2"];
+ }
+ }
+ }
+
+
define activate_apache_site($ensure=present, $site=$name) {
case $site {
"": { $base = $name }
notify => Exec["reload-apache2"];
"/etc/apache2/sites-available/default-debian.org":
- source => [ "puppet:///apache2/per-host/$fqdn/etc/apache2/sites-available/default-debian.org",
- "puppet:///apache2/common/etc/apache2/sites-available/default-debian.org" ],
+ content => template("apache2/default-debian.org.erb"),
require => Package["apache2"],
notify => Exec["reload-apache2"];
command => "/etc/init.d/apache2 force-reload",
refreshonly => true,
}
+ ferm::rule { "dsa-apache":
+ domain => "(ip ip6)",
+ description => "Allow web access",
+ rule => "proto tcp mod state state (NEW) dport (80) ACCEPT"
+ }
}