Skip to content

Commit

Permalink
Merge pull request puppetlabs#1881 from k2patel/master
Browse files Browse the repository at this point in the history 
MODULES-8541 : Allow HostnameLookups to be modified
  • Loading branch information
@david22swan
david22swan committed Apr 1, 2019
2 parents d6ce657 + e3fa01a commit b926fcd
Show file tree
Hide file tree
Showing 7 changed files with 155 additions and 72 deletions.
7 changes: 7 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1128,6 +1128,13 @@ Limits the number of requests allowed per connection when the [`keepalive` param

Default: '100'.

##### `hostname_lookups`

This directive enables DNS lookups so that host names can be logged (and passed to CGIs/SSIs in REMOTE_HOST). Values:'On','Off','Double'.

Default: 'Off'.
> **Note**: If enabled, it impacts performance significantly.
##### `lib_path`

Specifies the location where [Apache module][Apache modules] files are stored.
Expand Down
141 changes: 71 additions & 70 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,76 +13,77 @@
# Sample Usage:
#
class apache (
$apache_name = $::apache::params::apache_name,
$service_name = $::apache::params::service_name,
$default_mods = true,
Boolean $default_vhost = true,
$default_charset = undef,
Boolean $default_confd_files = true,
Boolean $default_ssl_vhost = false,
$default_ssl_cert = $::apache::params::default_ssl_cert,
$default_ssl_key = $::apache::params::default_ssl_key,
$default_ssl_chain = undef,
$default_ssl_ca = undef,
$default_ssl_crl_path = undef,
$default_ssl_crl = undef,
$default_ssl_crl_check = undef,
$default_type = 'none',
$dev_packages = $::apache::params::dev_packages,
$ip = undef,
Boolean $service_enable = true,
Boolean $service_manage = true,
$service_ensure = 'running',
$service_restart = undef,
$purge_configs = true,
$purge_vhost_dir = undef,
$purge_vdir = false,
$serveradmin = 'root@localhost',
Enum['On', 'Off', 'on', 'off'] $sendfile = 'On',
$error_documents = false,
$timeout = '60',
$httpd_dir = $::apache::params::httpd_dir,
$server_root = $::apache::params::server_root,
$conf_dir = $::apache::params::conf_dir,
$confd_dir = $::apache::params::confd_dir,
$conf_enabled = $::apache::params::conf_enabled,
$vhost_dir = $::apache::params::vhost_dir,
$vhost_enable_dir = $::apache::params::vhost_enable_dir,
$mod_libs = $::apache::params::mod_libs,
$mod_packages = $::apache::params::mod_packages,
$vhost_include_pattern = $::apache::params::vhost_include_pattern,
$mod_dir = $::apache::params::mod_dir,
$mod_enable_dir = $::apache::params::mod_enable_dir,
$mpm_module = $::apache::params::mpm_module,
$lib_path = $::apache::params::lib_path,
$conf_template = $::apache::params::conf_template,
$servername = $::apache::params::servername,
$pidfile = $::apache::params::pidfile,
Optional[Stdlib::Absolutepath] $rewrite_lock = undef,
Boolean $manage_user = true,
Boolean $manage_group = true,
$user = $::apache::params::user,
$group = $::apache::params::group,
$http_protocol_options = $::apache::params::http_protocol_options,
$supplementary_groups = [],
$keepalive = $::apache::params::keepalive,
$keepalive_timeout = $::apache::params::keepalive_timeout,
$max_keepalive_requests = $::apache::params::max_keepalive_requests,
$limitreqfieldsize = '8190',
$limitreqfields = '100',
$logroot = $::apache::params::logroot,
$logroot_mode = $::apache::params::logroot_mode,
$log_level = $::apache::params::log_level,
$log_formats = {},
$ssl_file = undef,
$ports_file = $::apache::params::ports_file,
$docroot = $::apache::params::docroot,
$apache_version = $::apache::version::default,
$server_tokens = 'Prod',
$server_signature = 'On',
$trace_enable = 'On',
Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes = undef,
$file_e_tag = undef,
$apache_name = $::apache::params::apache_name,
$service_name = $::apache::params::service_name,
$default_mods = true,
Boolean $default_vhost = true,
$default_charset = undef,
Boolean $default_confd_files = true,
Boolean $default_ssl_vhost = false,
$default_ssl_cert = $::apache::params::default_ssl_cert,
$default_ssl_key = $::apache::params::default_ssl_key,
$default_ssl_chain = undef,
$default_ssl_ca = undef,
$default_ssl_crl_path = undef,
$default_ssl_crl = undef,
$default_ssl_crl_check = undef,
$default_type = 'none',
$dev_packages = $::apache::params::dev_packages,
$ip = undef,
Boolean $service_enable = true,
Boolean $service_manage = true,
$service_ensure = 'running',
$service_restart = undef,
$purge_configs = true,
$purge_vhost_dir = undef,
$purge_vdir = false,
$serveradmin = 'root@localhost',
Enum['On', 'Off', 'on', 'off'] $sendfile = 'On',
$error_documents = false,
$timeout = '60',
$httpd_dir = $::apache::params::httpd_dir,
$server_root = $::apache::params::server_root,
$conf_dir = $::apache::params::conf_dir,
$confd_dir = $::apache::params::confd_dir,
Enum['Off', 'On', 'Double', 'off', 'on', 'double'] $hostname_lookups = $::apache::params::hostname_lookups,
$conf_enabled = $::apache::params::conf_enabled,
$vhost_dir = $::apache::params::vhost_dir,
$vhost_enable_dir = $::apache::params::vhost_enable_dir,
$mod_libs = $::apache::params::mod_libs,
$mod_packages = $::apache::params::mod_packages,
$vhost_include_pattern = $::apache::params::vhost_include_pattern,
$mod_dir = $::apache::params::mod_dir,
$mod_enable_dir = $::apache::params::mod_enable_dir,
$mpm_module = $::apache::params::mpm_module,
$lib_path = $::apache::params::lib_path,
$conf_template = $::apache::params::conf_template,
$servername = $::apache::params::servername,
$pidfile = $::apache::params::pidfile,
Optional[Stdlib::Absolutepath] $rewrite_lock = undef,
Boolean $manage_user = true,
Boolean $manage_group = true,
$user = $::apache::params::user,
$group = $::apache::params::group,
$http_protocol_options = $::apache::params::http_protocol_options,
$supplementary_groups = [],
$keepalive = $::apache::params::keepalive,
$keepalive_timeout = $::apache::params::keepalive_timeout,
$max_keepalive_requests = $::apache::params::max_keepalive_requests,
$limitreqfieldsize = '8190',
$limitreqfields = '100',
$logroot = $::apache::params::logroot,
$logroot_mode = $::apache::params::logroot_mode,
$log_level = $::apache::params::log_level,
$log_formats = {},
$ssl_file = undef,
$ports_file = $::apache::params::ports_file,
$docroot = $::apache::params::docroot,
$apache_version = $::apache::version::default,
$server_tokens = 'Prod',
$server_signature = 'On',
$trace_enable = 'On',
Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes = undef,
$file_e_tag = undef,
Optional[Enum['On', 'on', 'Off', 'off', 'DNS', 'dns']]
$use_canonical_name = undef,
$package_ensure = 'installed',
Expand Down
3 changes: 3 additions & 0 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,9 @@
# Default mode for files
$file_mode = '0644'

# The default value for host hame lookup
$hostname_lookups = 'Off'

# Default options for / directory
$root_directory_options = ['FollowSymLinks']

Expand Down
38 changes: 38 additions & 0 deletions spec/acceptance/apache_parameters_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -529,6 +529,44 @@ class { 'apache':
end
end

describe 'hostname_lookups' do
describe 'setup' do
it 'applies cleanly' do
pp = "class { 'apache': hostname_lookups => 'On' }"
apply_manifest(pp, catch_failures: true)
end
end

describe file($conf_file) do
it { is_expected.to be_file }
it { is_expected.to contain 'HostnameLookups On' }
end

describe 'setup' do
it 'applies cleanly' do
pp = "class { 'apache': hostname_lookups => 'Off' }"
apply_manifest(pp, catch_failures: true)
end
end

describe file($conf_file) do
it { is_expected.to be_file }
it { is_expected.to contain 'HostnameLookups Off' }
end

describe 'setup' do
it 'applies cleanly' do
pp = "class { 'apache': hostname_lookups => 'Double' }"
apply_manifest(pp, catch_failures: true)
end
end

describe file($conf_file) do
it { is_expected.to be_file }
it { is_expected.to contain 'HostnameLookups Double' }
end
end

describe 'trace_enable' do
pp = <<-MANIFEST
class { 'apache':
Expand Down
35 changes: 35 additions & 0 deletions spec/classes/apache_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,7 @@

it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^AllowEncodedSlashes nodecode$} }
end

describe 'Alternate confd/mod/vhosts directory when specifying default character set' do
let :params do
{
Expand Down Expand Up @@ -628,6 +629,40 @@
it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^EnableSendfile Off\n} }
end

describe 'hostname lookup with invalid value' do
let :params do
{ hostname_lookups: 'foo' }
end

it 'fails' do
expect {
catalogue
}.to raise_error(Puppet::Error, %r{Evaluation Error})
end
end
describe 'hostname_lookups On' do
let :params do
{ hostname_lookups: 'On' }
end

it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups On\n} }
end
describe 'hostname_lookups Off' do
let :params do
{ hostname_lookups: 'Off' }
end

it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups Off\n} }
end

describe 'hostname_lookups Double' do
let :params do
{ hostname_lookups: 'Double' }
end

it { is_expected.to contain_file('/etc/httpd/conf/httpd.conf').with_content %r{^HostnameLookups Double\n} }
end

context 'on Fedora 21' do
let :facts do
super().merge(operatingsystem: 'Fedora',
Expand Down
1 change: 0 additions & 1 deletion spec/defines/vhost_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@
'ssl_proxyengine' => true,
'ssl_proxy_cipher_suite' => 'HIGH',
'ssl_proxy_protocol' => 'TLSv1.2',

'priority' => '30',
'default_vhost' => true,
'servername' => 'example.com',
Expand Down
2 changes: 1 addition & 1 deletion templates/httpd.conf.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ AddDefaultCharset <%= @default_charset %>
<%- if scope.function_versioncmp([@apache_version, '2.4']) < 0 -%>
DefaultType <%= @default_type %>
<%- end -%>
HostnameLookups Off
HostnameLookups <%= @hostname_lookups %>
<%- if /^[|\/]/.match(@error_log) || /^syslog:/.match(@error_log) -%>
ErrorLog "<%= @error_log %>"
<%- else -%>
Expand Down

0 comments on commit b926fcd

Please sign in to comment.