add cache headers to security

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/apache2/manifests/cache.pp b/modules/apache2/manifests/cache.pp
new file mode 100644 (file)
index 0000000..5a0df05
--- /dev/null
+++ b/modules/apache2/manifests/cache.pp
@@ -0,0 +1,4 @@
+class apache2::cache {
+       apache2::module { 'expires': }
+       apache2::module { 'headers': }
+}

diff --git a/modules/roles/files/security_mirror/security.debian.org b/modules/roles/files/security_mirror/security.debian.org
index d3d3f14f1e8ff9ea94a7ccd48f53eb429e09b67c..70cc44f2e846652edf308188a78bbca4972c11e3 100644 (file)
--- a/modules/roles/files/security_mirror/security.debian.org
+++ b/modules/roles/files/security_mirror/security.debian.org
@@ -23,8 +23,18 @@
    ServerAlias security-nagios.debian.org
    ServerAlias security-fastly.debian.org
 
+   ExpiresActive On
+   ExpiresDefault "access plus 2 minutes"
+
    Alias /debian-security /org/security.debian.org/ftp
 
+   <Directory /org/security.debian.org/ftp/pool>
+       <FilesMatch "\.(bz2|gz|deb|dsc|xz)$">
+           ExpiresDefault "access plus 1 month"
+           Header append Cache-Control "public"
+       </FilesMatch>
+   </Directory>
+
    RewriteEngine on
    RewriteRule ^/$      http://www.debian.org/security/
 

diff --git a/modules/roles/manifests/security_mirror.pp b/modules/roles/manifests/security_mirror.pp
index 9b85cb5f6c54d26f51ca7cd1e3140eb6b3e35916..0bad766f5c08ac85fbdc5a947396df8864a89342 100644 (file)
--- a/modules/roles/manifests/security_mirror.pp
+++ b/modules/roles/manifests/security_mirror.pp
@@ -1,5 +1,6 @@
 class roles::security_mirror {
 
+       include apache2::cache
        apache2::site { '010-security.debian.org':
                site   => 'security.debian.org',
                source => 'puppet:///modules/roles/security_mirror/security.debian.org'

diff --git a/modules/roles/manifests/static_mirror.pp b/modules/roles/manifests/static_mirror.pp
index 240a6bf0d2f0af9b86d9926de505f3e729a243de..7d0cfb32c3be31f0e0df15b01aa0305925a5f9a2 100644 (file)
--- a/modules/roles/manifests/static_mirror.pp
+++ b/modules/roles/manifests/static_mirror.pp
@@ -1,6 +1,7 @@
 class roles::static_mirror {
 
        include roles::static_source
+       include apache2::cache
 
        package { 'libapache2-mod-macro': ensure => installed, }
        package { 'libapache2-mod-geoip': ensure => installed, }
@@ -8,7 +9,6 @@ class roles::static_mirror {
 
        apache2::module { 'macro': require => Package['libapache2-mod-macro']; }
        apache2::module { 'rewrite': }
-       apache2::module { 'expires': }
        apache2::module { 'geoip': require => [Package['libapache2-mod-geoip'], Package['geoip-database']]; }
 
        file { '/usr/local/bin/static-mirror-run':
@@ -32,7 +32,7 @@ class roles::static_mirror {
                default => '*:80',
        }
 
-       apache2::config { "local-static-vhost.conf":
+       apache2::config { 'local-static-vhost.conf':
                content => template('roles/static-mirroring/static-vhost.conf.erb'),
        }
 
@@ -42,7 +42,7 @@ class roles::static_mirror {
        }
 
        apache2::site { '010-static-vhosts-simple':
-               site => "static-vhosts-simple",
+               site => 'static-vhosts-simple',
                content => template('roles/static-mirroring/vhost/static-vhosts-simple.erb'),
        }