Mercurial > repos > other > Puppet
view modules/apache/manifests/mod/auth_cas.pp @ 106:ef0926ee389a puppet-3.6
Lock down Apache headers for security, based on https://securityheaders.io/
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 14 May 2016 17:10:10 +0100 |
| parents | 37675581a273 |
| children | 675c1cc61eaf |
line wrap: on
line source
class apache::mod::auth_cas ( $cas_login_url, $cas_validate_url, $cas_cookie_path = $::apache::params::cas_cookie_path, $cas_version = 2, $cas_debug = 'Off', $cas_validate_depth = undef, $cas_certificate_path = undef, $cas_proxy_validate_url = undef, $cas_root_proxied_as = undef, $cas_cookie_entropy = undef, $cas_timeout = undef, $cas_idle_timeout = undef, $cas_cache_clean_interval = undef, $cas_cookie_domain = undef, $cas_cookie_http_only = undef, $cas_authoritative = undef, $suppress_warning = false, ) { validate_string($cas_login_url, $cas_validate_url, $cas_cookie_path) if $::osfamily == 'RedHat' and ! $suppress_warning { warning('RedHat distributions do not have Apache mod_auth_cas in their default package repositories.') } ::apache::mod { 'auth_cas': } file { $cas_cookie_path: ensure => directory, before => File['auth_cas.conf'], mode => '0750', owner => $apache::user, group => $apache::group, } # Template uses # - All variables beginning with cas_ file { 'auth_cas.conf': ensure => file, path => "${::apache::mod_dir}/auth_cas.conf", content => template('apache/mod/auth_cas.conf.erb'), require => [ Exec["mkdir ${::apache::mod_dir}"], ], before => File[$::apache::mod_dir], notify => Service['httpd'], } }