Skip to content

camptocamp/puppet-apache_c2c

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

720 Commits

files

files

 
 

manifests

manifests

 
 

spec

spec

 
 

templates

templates

 
 

.fixtures.yml

.fixtures.yml

 
 

.gitignore

.gitignore

 
 

.puppet-lint.rc

.puppet-lint.rc

 
 

.travis.yml

.travis.yml

 
 

Gemfile

Gemfile

 
 

README

README

 
 

Rakefile

Rakefile

 
 

metadata.json

metadata.json

 
 

Repository files navigation

This module requires stdlib for validate_re support.

Types
#####

# Authentication, Authorization and Access Control

Definitions related to the apache authentication should always be in the form :

apache::auth::type::provider::authorization

To be consistent with the three types of Apache modules involved in the 
authentication and authorization process :
http://httpd.apache.org/docs/2.2/howto/auth.html

The main advantages of this new way to manage authentication are the possibility 
of sharing resources between virtual hosts and access restrictions

######################################
## Simple Basic File Authentication ##
######################################

Example:

1. create one or more users :

   apache::auth::htpasswd {"user1 in /a/path/htpasswd":
    ensure => present,
    user_file_location => "/srv/a/path",
    user_file_name => "htpasswd",
    username => "user1",
    clearPassword => "user1", # use encryption in definition
  }

  apache::auth::htpasswd {"user2 in /var/www/camptocamp.com/private/htpasswd":
    ensure => present,
    vhost => "camptocamp.com"
    username => "user2",
    crypt_password => 'kdrY191UyPY3E', # (htpasswd -ndb user2 user2)
  }
 
2. create one or more groups :

  apache::auth::htgroup {"group1 in /var/www/camptocamp.com/private/htgroup":
    ensure => present,
    groupname => "group1",
    members => "user1 user2",
  }

3. restrict access to a location with these users our groups

  apache::auth::basic::file::group {"group1-webdav1":
    vhost => "camptocamp.com",
    location => "/webdav1",
    groups => "group1",
  }

  apache::auth::basic::file::user {"user1-on-webdav2":
    vhost => "camptocamp.com",
    location => "/webdav2",
    auth_user_file => "/srv/dav0/htpasswd",
    users => "user1", # it not defined -> 'valid-user'
  }

###############################
## Basic LDAP Authentication ##
###############################

Example:

apache::auth::basic::ldap {"collectd":
  vhost => $fqdn,
  location => "/collection3",
  auth_ldap_url => 'ldap://ldap.foobar.ch/c=ch?uid??',
  auth_ldap_group_attribute => "memberUid",
  auth_ldap_group_attribute_is_dn => "off",
  authz_require => "ldap-group ou=foo,ou=bar,o=entreprises,c=ch",
}

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

68 stars

Watchers

16 watching

Forks

53 forks
Report repository

Releases

11 tags

Packages

No packages published

Contributors 18

+ 4 contributors

Languages