tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

apache: Add support for port based SSL virtual hosts

Browse source
This commit is contained in:
Ossi Salmi 2013-09-24 15:11:12 +03:00
parent 379ca62a5f
commit 53a0422843
4 changed files with 22 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apache/manifests/debian.pp
View file

@ -184,7 +184,7 @@ class apache::debian::sslserver inherits apache::debian::common {
} }
define apache::debian::sslsite($first, $hsts, $ipaddr, $root, define apache::debian::sslsite($first, $hsts, $ipaddr, $port, $root,
$ssl_cert, $ssl_key, $ssl_chain, $proxy) { $ssl_cert, $ssl_key, $ssl_chain, $proxy) {
if $name == "default" { if $name == "default" {

14
apache/manifests/init.pp
View file

@ -305,6 +305,18 @@ define apache::sslsite($first=false, $hsts=false, $ipaddr="_default_", $root="",
include apache::mod::headers include apache::mod::headers
} }
if $name =~ /:([0-9]+)$/ {
$port = $1
if ! defined(Apache::Configfile["listen_${port}.conf"]) {
apache::configfile { "listen_${port}.conf":
http => false,
content => "Listen ${port}\n",
}
}
} else {
$port = "443"
}
case $::operatingsystem { case $::operatingsystem {
"debian","ubuntu": { "debian","ubuntu": {
$apache_ssldir = "/etc/ssl" $apache_ssldir = "/etc/ssl"
@ -312,6 +324,7 @@ define apache::sslsite($first=false, $hsts=false, $ipaddr="_default_", $root="",
first => $first, first => $first,
hsts => $hsts, hsts => $hsts,
ipaddr => $ipaddr, ipaddr => $ipaddr,
port => $port,
root => $root, root => $root,
ssl_cert => $ssl_cert, ssl_cert => $ssl_cert,
ssl_key => $ssl_key, ssl_key => $ssl_key,
@ -326,6 +339,7 @@ define apache::sslsite($first=false, $hsts=false, $ipaddr="_default_", $root="",
first => $first, first => $first,
hsts => $hsts, hsts => $hsts,
ipaddr => $ipaddr, ipaddr => $ipaddr,
port => $port,
root => $root, root => $root,
ssl_cert => $ssl_cert, ssl_cert => $ssl_cert,
ssl_key => $ssl_key, ssl_key => $ssl_key,

2
apache/manifests/redhat.pp
View file

@ -223,7 +223,7 @@ class apache::redhat::sslserver {
} }
define apache::redhat::sslsite($first, $hsts, $ipaddr, $root, define apache::redhat::sslsite($first, $hsts, $ipaddr, $port, $root,
$ssl_cert, $ssl_key, $ssl_chain, $proxy) { $ssl_cert, $ssl_key, $ssl_chain, $proxy) {
if $name == "default" { if $name == "default" {

12
apache/templates/site.https.conf.erb
View file

@ -1,7 +1,7 @@
<VirtualHost <%= @ipaddr %>:443> <VirtualHost <%= @ipaddr %>:<%= @port %>>
# General setup for the virtual host, inherited from global configuration # General setup for the virtual host, inherited from global configuration
ServerName <%= @site_fqdn %>:443 ServerName <%= @site_fqdn %>
# Use separate log files for the SSL virtual host; note that LogLevel # Use separate log files for the SSL virtual host; note that LogLevel
# is not inherited from httpd.conf. # is not inherited from httpd.conf.
@ -156,11 +156,11 @@ BrowserMatch "MSIE [2-5]" \
<% end -%> <% end -%>
<% if @proxy != "" -%> <% if @proxy != "" -%>
ProxyPass / <%= @proxy %>/ ProxyPass / <%= @proxy %>/
ProxyPassReverse / <%= @proxy %>/ ProxyPassReverse / <%= @proxy %>/
<% else -%> <% else -%>
DocumentRoot /srv/www/https/<%= @site_fqdn %> DocumentRoot /srv/www/https/<%= @site_fqdn %>
Include <%= @site_confdir %>/*.conf Include <%= @site_confdir %>/*.conf
<% end -%> <% end -%>
</VirtualHost> </VirtualHost>