Mercurial > repos > other > Puppet

view modules/apache/templates/vhost/_ssl.erb @ 442:2879e2d4148e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Configure test machine
author IBBoard <dev@ibboard.co.uk>
date Mon, 03 Apr 2023 19:41:02 +0100
parents b8d6ada284dd
children adf6fe9bbc17
line wrap: on
line source

<% if @ssl -%>

  ## SSL directives
  SSLEngine on
  <%- unless @mdomain -%>
  SSLCertificateFile      "<%= @ssl_cert %>"
  SSLCertificateKeyFile   "<%= @ssl_key %>"
  <%- end -%>
  <%- if @ssl_chain -%>
  SSLCertificateChainFile "<%= @ssl_chain %>"
  <%- end -%>
  <%- if @ssl_protocol -%>
  SSLProtocol             <%= [@ssl_protocol].flatten.compact.join(' ') %>
  <%- end -%>
  <%- if @ssl_cipher -%>
  SSLCipherSuite          <%= @ssl_cipher %>
  <%- end -%>
  <%- if not @ssl_honorcipherorder.nil? -%>
  SSLHonorCipherOrder     <%= scope.call_function('apache::bool2httpd', [@_ssl_honorcipherorder]) %>
  <%- end -%>
  <%- if @ssl_verify_client -%>
  SSLVerifyClient         <%= @ssl_verify_client %>
  <%- if @ssl_verify_depth -%>
  SSLVerifyDepth          <%= @ssl_verify_depth %>
  <%- end -%>
  <%- end -%>
  <%- if @ssl_certs_dir && @ssl_certs_dir != '' -%>
  SSLCACertificatePath    "<%= @ssl_certs_dir %>"
  <%- end -%>
  <%- if @ssl_ca -%>
  SSLCACertificateFile    "<%= @ssl_ca %>"
  <%- end -%>
  <%- if @ssl_crl_path -%>
  SSLCARevocationPath     "<%= @ssl_crl_path %>"
  <%- end -%>
  <%- if @ssl_crl -%>
  SSLCARevocationFile     "<%= @ssl_crl %>"
  <%- end -%>
  <%- if @ssl_crl_check && scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%>
  SSLCARevocationCheck    <%= @ssl_crl_check %>
  <%- end -%>
  <%- if @ssl_options -%>
  SSLOptions <%= Array(@ssl_options).join(' ') %>
  <%- end -%>
  <%- if @ssl_openssl_conf_cmd -%>
  SSLOpenSSLConfCmd       <%= @ssl_openssl_conf_cmd %>
  <%- end -%>
  <%- if (not @ssl_stapling.nil?) && (scope.function_versioncmp([@apache_version, '2.4']) >= 0) -%>
  SSLUseStapling <%= scope.call_function('apache::bool2httpd', [@ssl_stapling]) %>
  <%- end -%>
  <%- if @ssl_stapling_timeout && scope.function_versioncmp([@apache_version, '2.4']) >= 0 -%>
  SSLStaplingResponderTimeout <%= @ssl_stapling_timeout %>
  <%- end -%>
  <%- if (not @ssl_stapling_return_errors.nil?) && (scope.function_versioncmp([@apache_version, '2.4']) >= 0) -%>
  SSLStaplingReturnResponderErrors <%= scope.call_function('apache::bool2httpd', [@ssl_stapling_return_errors]) %>
  <%- end -%>
  <%- if @ssl_user_name -%>
  SSLUserName             <%= @ssl_user_name %>
  <%- end -%>
<% end -%>