]> git.donarmstrong.com Git - dsa-puppet.git/commitdiff
projects / dsa-puppet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c5a6f5b)
apache: disable SSLv3 support
authorPeter Palfrader <peter@palfrader.org>
Tue, 14 Oct 2014 19:47:13 +0000 (21:47 +0200)
committerPeter Palfrader <peter@palfrader.org>
Tue, 14 Oct 2014 19:47:15 +0000 (21:47 +0200)
modules/apache2/files/puppet-config [new file with mode: 0644] patch | blob
modules/apache2/manifests/init.pp patch | blob | history

diff --git a/modules/apache2/files/puppet-config b/modules/apache2/files/puppet-config
new file mode 100644 (file)
index 0000000..40d6d70
--- /dev/null
+++ b/modules/apache2/files/puppet-config
@@ -0,0 +1,3 @@
+<IfModule mod_ssl.c>
+  SSLProtocol all -SSLv2 -SSLv3
+</IfModule>
diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp
index b1f20a23920249a3371c224ba6b7ea14e0e7d646..3d49ce84b29b7336ceee6d77328c6abddf023460 100644 (file)
--- a/modules/apache2/manifests/init.pp
+++ b/modules/apache2/manifests/init.pp
@@ -79,6 +79,10 @@ class apache2 {
                source => 'puppet:///modules/apache2/puppet-ssl-macros',
        }
 
+       apache2::config { 'puppet-config':
+               source => 'puppet:///modules/apache2/puppet-config',
+       }
+
        file { '/etc/apache2/sites-available/common-ssl.inc':
                ensure => absent,
        }
Unnamed repository; edit this file 'description' to name the repository.