Mercurial > repos > other > Puppet
view modules/website/manifests/php.pp @ 106:ef0926ee389a puppet-3.6
Lock down Apache headers for security, based on https://securityheaders.io/
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 14 May 2016 17:10:10 +0100 |
parents | 89a94c61e4d6 |
children | b00eb9434938 |
line wrap: on
line source
class website::php( $suffix = '', $opcache = undef, $extras = [], ) { File { notify => Service['httpd'], tag => 'website', } Package { notify => Service['httpd'], tag => 'website', } Package <| tag == 'website' |> -> File <| tag == 'website' |> define website::php::extra_php ($pkg = $title) { package { "php${website::php::suffix}-${pkg}": ensure => latest, } } website::php::extra_php { $extras: } $packages = [ "php${suffix}", "php${suffix}-mcrypt", "php${suffix}-mbstring", "php${suffix}-xml", "php${suffix}-gd" ] package { $packages: ensure => latest, } file { '/etc/php.d/custom-lockdown.ini': ensure => present, content => 'allow_url_fopen = \'off\' expose_php = Off', } file { '/etc/php.d/custom-php.ini': ensure => present, content => 'default_charset = \'UTF-8\'', } if $opcache { package { "php${suffix}-${opcache}": ensure => latest, notify => Service['httpd'], require => Package["php${suffix}"], } file { '/etc/php.d/opcache.ini': ensure => present, content => 'zend_extension=/usr/lib64/php/modules/opcache.so opcache.memory_consumption=64', } } }