X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;ds=sidebyside;f=3rdparty%2Fmodules%2Fapache%2Fmanifests%2Fmod%2Fssl.pp;fp=3rdparty%2Fmodules%2Fapache%2Fmanifests%2Fmod%2Fssl.pp;h=4a6b8233478b6d8010ce5493716f9163daad6295;hb=4631045ebb77ee8622f6fa09277a50c372bcc02e;hp=0000000000000000000000000000000000000000;hpb=3d4dc4fd9e59bd0e07646c99f6b356c7d9d859aa;p=dsa-puppet.git

diff --git a/3rdparty/modules/apache/manifests/mod/ssl.pp b/3rdparty/modules/apache/manifests/mod/ssl.pp
new file mode 100644
index 00000000..4a6b8233
--- /dev/null
+++ b/3rdparty/modules/apache/manifests/mod/ssl.pp
@@ -0,0 +1,74 @@
+class apache::mod::ssl (
+  $ssl_compression         = false,
+  $ssl_cryptodevice        = 'builtin',
+  $ssl_options             = [ 'StdEnvVars' ],
+  $ssl_cipher              = 'HIGH:MEDIUM:!aNULL:!MD5',
+  $ssl_honorcipherorder    = 'On',
+  $ssl_protocol            = [ 'all', '-SSLv2', '-SSLv3' ],
+  $ssl_pass_phrase_dialog  = 'builtin',
+  $ssl_random_seed_bytes   = '512',
+  $ssl_sessioncachetimeout = '300',
+  $apache_version          = $::apache::apache_version,
+  $package_name            = undef,
+) {
+  $session_cache = $::osfamily ? {
+    'debian'  => "\${APACHE_RUN_DIR}/ssl_scache(512000)",
+    'redhat'  => '/var/cache/mod_ssl/scache(512000)',
+    'freebsd' => '/var/run/ssl_scache(512000)',
+    'gentoo'  => '/var/run/ssl_scache(512000)',
+  }
+
+  case $::osfamily {
+    'debian': {
+      if versioncmp($apache_version, '2.4') >= 0 {
+        $ssl_mutex = 'default'
+      } elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' {
+        $ssl_mutex = 'file:/var/run/apache2/ssl_mutex'
+      } else {
+        $ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex"
+      }
+    }
+    'redhat': {
+      $ssl_mutex = 'default'
+    }
+    'freebsd': {
+      $ssl_mutex = 'default'
+    }
+    'gentoo': {
+      $ssl_mutex = 'default'
+    }
+    default: {
+      fail("Unsupported osfamily ${::osfamily}")
+    }
+  }
+
+  ::apache::mod { 'ssl':
+    package => $package_name,
+  }
+
+  if versioncmp($apache_version, '2.4') >= 0 {
+    ::apache::mod { 'socache_shmcb': }
+  }
+
+  # Template uses
+  #
+  # $ssl_compression
+  # $ssl_cryptodevice
+  # $ssl_cipher
+  # $ssl_honorcipherorder
+  # $ssl_options
+  # $session_cache
+  # $ssl_mutex
+  # $ssl_random_seed_bytes
+  # $ssl_sessioncachetimeout
+  # $apache_version
+  #
+  file { 'ssl.conf':
+    ensure  => file,
+    path    => "${::apache::mod_dir}/ssl.conf",
+    content => template('apache/mod/ssl.conf.erb'),
+    require => Exec["mkdir ${::apache::mod_dir}"],
+    before  => File[$::apache::mod_dir],
+    notify  => Class['apache::service'],
+  }
+}