Permalink
Browse files

Merge pull request #1528 from eputnam/MODULES-3712

(MODULES-3712) SLES 11 Support
  • Loading branch information...
2 parents 9ec2a63 + f8bc69b commit ec51878dea26432e05b5eb3728789dbcdb23e701 @hunner hunner committed on GitHub Sep 29, 2016
View
2 .gitignore
@@ -4,6 +4,8 @@ Gemfile.lock
vendor/
spec/fixtures/manifests/
spec/fixtures/modules/
+spec/acceptance/nodesets/
+tmp/
.vagrant/
.bundle/
coverage/
View
5 lib/facter/apache_version.rb
@@ -2,6 +2,11 @@
setcode do
if Facter::Util::Resolution.which('apachectl')
apache_version = Facter::Util::Resolution.exec('apachectl -v 2>&1')
+ puts "Matching apachectl '#{apache_version}'"
+ %r{^Server version: Apache\/(\d+.\d+(.\d+)?)}.match(apache_version)[1]
+ elsif Facter::Util::Resolution.which('apache2ctl')
+ apache_version = Facter::Util::Resolution.exec('apache2ctl -v 2>&1')
+ puts "Matching apache2ctl '#{apache_version}'"
%r{^Server version: Apache\/(\d+.\d+(.\d+)?)}.match(apache_version)[1]
end
end
View
9 manifests/mod/cgid.pp
@@ -17,7 +17,14 @@
'freebsd' => 'cgisock',
default => undef,
}
- ::apache::mod { 'cgid': }
+
+ if $::operatingsystem == 'SLES' and $::operatingsystemmajrelease < '12' {
+ ::apache::mod { 'cgid':
+ lib_path => '/usr/lib64/apache2-worker',
+ }
+ } else {
+ ::apache::mod { 'cgid': }
+ }
if $cgisock_path {
# Template uses $cgisock_path
file { 'cgid.conf':
View
29 manifests/mod/dav_svn.pp
@@ -4,7 +4,18 @@
Class['::apache::mod::dav'] -> Class['::apache::mod::dav_svn']
include ::apache
include ::apache::mod::dav
- ::apache::mod { 'dav_svn': }
+ if($::operatingsystem == 'SLES' and $::operatingsystemmajrelease < '12'){
+ $suse_lib_path = $::apache::params::suse_lib_path
+ package { 'subversion-server':
+ ensure => 'installed',
+ provider => 'zypper',
+ }
+ ::apache::mod {'dav_svn':
+ lib_path => $suse_lib_path
+ }
+ } else {
+ ::apache::mod { 'dav_svn': }
+ }
if $::osfamily == 'Debian' and ($::operatingsystemmajrelease != '6' and $::operatingsystemmajrelease != '10.04' and $::operatingsystemrelease != '10.04' and $::operatingsystemmajrelease != '16.04') {
$loadfile_name = undef
@@ -13,9 +24,17 @@
}
if $authz_svn_enabled {
- ::apache::mod { 'authz_svn':
- loadfile_name => $loadfile_name,
- require => Apache::Mod['dav_svn'],
- }
+ if ($::operatingsystem == 'SLES' and $::operatingsystemmajrelease < '12'){
+ ::apache::mod { 'authz_svn':
+ loadfile_name => $loadfile_name,
+ lib_path => $suse_lib_path,
+ require => Apache::Mod['dav_svn'],
+ }
+ } else {
+ ::apache::mod { 'authz_svn':
+ loadfile_name => $loadfile_name,
+ require => Apache::Mod['dav_svn'],
+ }
+ }
}
}
View
22 manifests/mod/passenger.pp
@@ -70,16 +70,18 @@
}
}
- $_id = $mod_id
- $_path = $mod_path
- ::apache::mod { 'passenger':
- package => $_package,
- package_ensure => $_package_ensure,
- lib => $_lib,
- lib_path => $_lib_path,
- id => $_id,
- path => $_path,
- loadfile_name => 'zpassenger.load',
+ unless ($::operatingsystem == 'SLES' and $::operatingsystemmajrelease < '12') {
+ $_id = $mod_id
+ $_path = $mod_path
+ ::apache::mod { 'passenger':
+ package => $_package,
+ package_ensure => $_package_ensure,
+ lib => $_lib,
+ lib_path => $_lib_path,
+ id => $_id,
+ path => $_path,
+ loadfile_name => 'zpassenger.load',
+ }
}
# Template uses:
View
27 manifests/mod/php.pp
@@ -52,13 +52,26 @@
$_lib = "libphp${php_version}.so"
$_php_major = regsubst($php_version, '^(\d+)\..*$', '\1')
- ::apache::mod { $mod:
- package => $_package_name,
- package_ensure => $package_ensure,
- lib => $_lib,
- id => "php${_php_major}_module",
- path => $path,
- }
+ if $::operatingsystem == 'SLES' {
+ $suse_lib_path = $::apache::params::suse_lib_path
+ ::apache::mod { $mod:
+ package => $_package_name,
+ package_ensure => $package_ensure,
+ lib => 'mod_php5.so',
+ id => "php${_php_major}_module",
+ path => "${suse_lib_path}/mod_php5.so",
+ }
+ } else {
+ ::apache::mod { $mod:
+ package => $_package_name,
+ package_ensure => $package_ensure,
+ lib => $_lib,
+ id => "php${_php_major}_module",
+ path => $path,
+ }
+
+ }
+
include ::apache::mod::mime
include ::apache::mod::dir
View
20 manifests/mod/security.pp
@@ -31,10 +31,20 @@
fail('FreeBSD is not currently supported')
}
- ::apache::mod { 'security':
- id => 'security2_module',
- lib => 'mod_security2.so',
- }
+ if $::operatingsystem == 'SLES' {
+ $suse_lib_path = $::apache::params::suse_lib_path
+ ::apache::mod { 'security':
+ id => 'security2_module',
+ lib_path => $suse_lib_path,
+ lib => 'mod_security2.so',
+ }
+ } else {
+ ::apache::mod { 'security':
+ id => 'security2_module',
+ lib => 'mod_security2.so',
+ }
+ }
+
::apache::mod { 'unique_id_module':
id => 'unique_id_module',
@@ -106,6 +116,6 @@
notify => Class['apache::service'],
}
- apache::security::rule_link { $activated_rules: }
+ unless $::operatingsystem == 'SLES' { apache::security::rule_link { $activated_rules: } }
}
View
24 manifests/params.pp
@@ -49,7 +49,7 @@
$modsec_audit_log_parts = 'ABIJDEFHZ'
- if $::operatingsystem == 'Ubuntu' and $::lsbdistrelease == '10.04' {
+ if ($::operatingsystem == 'Ubuntu' and $::lsbdistrelease == '10.04') or ($::operatingsystem == 'SLES') {
$verify_command = '/usr/sbin/apache2ctl -t'
} elsif $::operatingsystem == 'FreeBSD' {
$verify_command = '/usr/local/sbin/apachectl -t'
@@ -475,22 +475,25 @@
$logroot = '/var/log/apache2'
$logroot_mode = undef
$lib_path = '/usr/lib64/apache2-prefork'
+ $suse_lib_path = '/usr/lib64/apache2'
$mpm_module = 'prefork'
- $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
- $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key'
+ $default_ssl_cert = '/etc/ssl/servercerts/servercert.pem'
+ $default_ssl_key = '/etc/ssl/servercerts/serverkey.pem'
$ssl_certs_dir = '/etc/ssl/certs'
$suphp_addhandler = 'x-httpd-php'
$suphp_engine = 'off'
$suphp_configpath = '/etc/php5/apache2'
$php_version = '5'
$mod_packages = {
'auth_kerb' => 'apache2-mod_auth_kerb',
- 'fcgid' => 'apache2-mod_fcgid',
'perl' => 'apache2-mod_perl',
'php5' => 'apache2-mod_php53',
'python' => 'apache2-mod_python',
+ 'security' => 'apache2-mod_security2',
}
$mod_libs = {
+ 'security' => '/usr/lib64/apache2/mod_security2.so',
+ 'php53' => '/usr/lib64/apache2/mod_php5.so',
}
$conf_template = 'apache/httpd.conf.erb'
$keepalive = 'Off'
@@ -506,7 +509,14 @@
$mellon_post_directory = undef
$alias_icons_path = '/usr/share/apache2/icons'
$error_documents_path = '/usr/share/apache2/error'
- $dev_packages = ['libapr-util1-devel', 'libapr1-devel']
+ $dev_packages = ['libapr-util1-devel', 'libapr1-devel', 'libcurl-devel']
+ $modsec_crs_package = undef
+ $modsec_crs_path = undef
+ $modsec_default_rules = undef
+ $modsec_dir = '/etc/apache2/modsecurity'
+ $secpcrematchlimit = 1500
+ $secpcrematchlimitrecursion = 1500
+ $modsec_secruleengine = 'On'
#
# Passenger-specific settings
@@ -515,9 +525,9 @@
$passenger_conf_file = 'passenger.conf'
$passenger_conf_package_file = undef
- $passenger_root = '/usr'
+ $passenger_root = '/usr/lib64/ruby/gems/1.8/gems/passenger-5.0.30'
$passenger_ruby = '/usr/bin/ruby'
- $passenger_default_ruby = undef
+ $passenger_default_ruby = '/usr/bin/ruby'
$wsgi_socket_prefix = undef
} else {
View
22 spec/acceptance/class_spec.rb
@@ -3,14 +3,24 @@
describe 'apache class' do
context 'default parameters' do
- let(:pp) do
- <<-EOS
- class { 'apache': }
- EOS
- end
- # Run it twice and test for idempotency
+ let(:pp) { "class { 'apache': }" }
+
it_behaves_like "a idempotent resource"
+ describe 'apache_version fact' do
+ before :all do
+ apply_manifest("include apache", :catch_failures => true)
+ version_check_pp = <<-EOS
+ notice("apache_version = >${apache_version}<")
+ EOS
+ @result = apply_manifest(version_check_pp, :catch_failures => true)
+ end
+
+ it {
+ expect(@result.output).to match(/apache_version = >#{$apache_version}.*</)
+ }
+ end
+
describe package($package_name) do
it { is_expected.to be_installed }
end
View
8 spec/acceptance/default_mods_spec.rb
@@ -34,10 +34,10 @@ class { 'apache':
default_mods => false,
}
apache::vhost { 'defaults.example.com':
- docroot => '/var/www/defaults',
+ docroot => '#{$doc_root}/defaults',
aliases => {
alias => '/css',
- path => '/var/www/css',
+ path => '#{$doc_root}/css',
},
setenv => 'TEST1 one',
}
@@ -65,10 +65,10 @@ class { 'apache':
],
}
apache::vhost { 'defaults.example.com':
- docroot => '/var/www/defaults',
+ docroot => '#{$doc_root}/defaults',
aliases => {
alias => '/css',
- path => '/var/www/css',
+ path => '#{$doc_root}/css',
},
setenv => 'TEST1 one',
}
View
4 spec/acceptance/mod_dav_svn_spec.rb
@@ -9,9 +9,7 @@
else
authz_svn_load_file = 'authz_svn.load'
end
- when 'RedHat'
- authz_svn_load_file = 'dav_svn_authz_svn.load'
- when 'FreeBSD'
+ else
authz_svn_load_file = 'dav_svn_authz_svn.load'
end
View
7 spec/acceptance/mod_pagespeed_spec.rb
@@ -5,7 +5,8 @@
# updating packages and Pagespeed doesn't like old packages.
describe 'apache::mod::pagespeed class', :unless =>
((fact('operatingsystem') == 'Debian' && fact('operatingsystemmajrelease') < '8') or
- (fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemmajrelease') < '12')) do
+ (fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemmajrelease') < '12') or
+ (fact('operatingsystem') == 'SLES' && fact('operatingsystemmajrelease') < '12')) do
context "default pagespeed config" do
it 'succeeds in puppeting pagespeed' do
pp= <<-EOS
@@ -41,10 +42,10 @@ class { 'apache::mod::pagespeed':
}
apache::vhost { 'pagespeed.example.com':
port => '80',
- docroot => '/var/www/pagespeed',
+ docroot => '#{$doc_root}/pagespeed',
}
host { 'pagespeed.example.com': ip => '127.0.0.1', }
- file { '/var/www/pagespeed/index.html':
+ file { '#{$doc_root}/pagespeed/index.html':
ensure => file,
content => "<html>\n<!-- comment -->\n<body>\n<p>Hello World!</p>\n</body>\n</html>",
}
View
8 spec/acceptance/mod_php_spec.rb
@@ -11,10 +11,10 @@ class { 'apache':
class { 'apache::mod::php': }
apache::vhost { 'php.example.com':
port => '80',
- docroot => '/var/www/php',
+ docroot => '#{$doc_root}/php',
}
host { 'php.example.com': ip => '127.0.0.1', }
- file { '/var/www/php/index.php':
+ file { '#{$doc_root}/php/index.php':
ensure => file,
content => "<?php phpinfo(); ?>\\n",
}
@@ -60,14 +60,14 @@ class { 'apache::mod::php':
}
apache::vhost { 'php.example.com':
port => '80',
- docroot => '/var/www/php',
+ docroot => '#{$doc_root}/php',
php_values => { 'include_path' => '.:/usr/share/pear:/usr/bin/php', },
php_flags => { 'display_errors' => 'on', },
php_admin_values => { 'open_basedir' => '/var/www/php/:/usr/share/pear/', },
php_admin_flags => { 'engine' => 'on', },
}
host { 'php.example.com': ip => '127.0.0.1', }
- file { '/var/www/php/index.php5':
+ file { '#{$doc_root}/php/index.php5':
ensure => file,
content => "<?php phpinfo(); ?>\\n",
}
View
76 spec/acceptance/mod_security_spec.rb
@@ -29,9 +29,9 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
@@ -69,8 +69,10 @@ class { 'apache::mod::security': }
end
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
end
@@ -84,9 +86,9 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
@@ -107,8 +109,10 @@ class { 'apache::mod::security': }
it { is_expected.to contain "mod_security2.c" }
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
it 'should disable mod_security per vhost' do
@@ -117,7 +121,7 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
modsec_disable_vhost => true,
}
EOS
@@ -140,9 +144,9 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
@@ -163,8 +167,10 @@ class { 'apache::mod::security': }
it { is_expected.to contain "mod_security2.c" }
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
it 'should disable mod_security per vhost' do
@@ -173,7 +179,7 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
modsec_disable_ips => [ '127.0.0.1' ],
}
EOS
@@ -196,13 +202,13 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
- file { '/var/www/html/index2.html':
+ file { '#{$doc_root}/html/index2.html':
ensure => file,
content => 'Page 2',
}
@@ -223,8 +229,10 @@ class { 'apache::mod::security': }
it { is_expected.to contain "mod_security2.c" }
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
it 'should disable mod_security per vhost' do
@@ -233,7 +241,7 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
modsec_disable_ids => [ '950007' ],
}
EOS
@@ -257,13 +265,13 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
- file { '/var/www/html/index2.html':
+ file { '#{$doc_root}/html/index2.html':
ensure => file,
content => 'Page 2',
}
@@ -284,8 +292,10 @@ class { 'apache::mod::security': }
it { is_expected.to contain "mod_security2.c" }
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
it 'should disable mod_security per vhost' do
@@ -294,7 +304,7 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
modsec_disable_msgs => [ 'Blind SQL Injection Attack' ],
}
EOS
@@ -318,13 +328,13 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
}
- file { '/var/www/html/index.html':
+ file { '#{$doc_root}/html/index.html':
ensure => file,
content => 'Index page',
}
- file { '/var/www/html/index2.html':
+ file { '#{$doc_root}/html/index2.html':
ensure => file,
content => 'Page 2',
}
@@ -345,8 +355,10 @@ class { 'apache::mod::security': }
it { is_expected.to contain "mod_security2.c" }
end
- it 'should block query with SQL' do
- shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ unless fact('operatingsystem') == 'SLES'
+ it 'should block query with SQL' do
+ shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
+ end
end
it 'should disable mod_security per vhost' do
@@ -355,7 +367,7 @@ class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
- docroot => '/var/www/html',
+ docroot => '#{$doc_root}/html',
modsec_disable_tags => [ 'WEB_ATTACK/SQL_INJECTION' ],
}
EOS
View
25 spec/acceptance/nodesets/suse.yml
@@ -0,0 +1,25 @@
+---
+HOSTS:
+ sles-11-x86_64-agent:
+ roles:
+ - agent
+ - default
+ platform: sles-11-x86_64
+ template: sles-11-x86_64
+ hypervisor: virtualbox
+ redhat-7-x86_64-master:
+ roles:
+ - master
+ - dashboard
+ - database
+ - agent
+ platform: el-7-x86_64
+ template: redhat-7-x86_64
+ hypervisor: virtualbox
+CONFIG:
+ nfs_server: none
+ consoleport: 443
+ datastore: instance0
+ folder: Delivery/Quality Assurance/Enterprise/Dynamic
+ resourcepool: delivery/Quality Assurance/Enterprise/Dynamic
+ pooling_api: http://vcloud.delivery.puppetlabs.net/
View
22 spec/acceptance/version.rb
@@ -10,6 +10,7 @@
$vhost_dir = '/etc/httpd/conf.d'
$vhost = '/etc/httpd/conf.d/15-default.conf'
$run_dir = '/var/run/httpd'
+ $doc_root = '/var/www'
$service_name = 'httpd'
$package_name = 'httpd'
$error_log = 'error_log'
@@ -31,6 +32,7 @@
$vhost = '/etc/apache2/sites-available/15-default.conf'
$vhost_dir = '/etc/apache2/sites-enabled'
$run_dir = '/var/run/apache2'
+ $doc_root = '/var/www'
$service_name = 'apache2'
$package_name = 'apache2'
$error_log = 'error.log'
@@ -52,6 +54,7 @@
$vhost = '/usr/local/etc/apache24/Vhosts/15-default.conf'
$vhost_dir = '/usr/local/etc/apache24/Vhosts'
$run_dir = '/var/run/apache24'
+ $doc_root = '/var/www'
$service_name = 'apache24'
$package_name = 'apache24'
$error_log = 'http-error.log'
@@ -65,12 +68,29 @@
$vhost = '/etc/apache2/vhosts.d/15-default.conf'
$vhost_dir = '/etc/apache2/vhosts.d'
$run_dir = '/var/run/apache2'
+ $doc_root = '/var/www'
$service_name = 'apache2'
$package_name = 'www-servers/apache'
$error_log = 'http-error.log'
$apache_version = '2.4'
+when 'Suse'
+ $confd_dir = '/etc/apache2/conf.d'
+ $mod_dir = '/etc/apache2/mods-available'
+ $conf_file = '/etc/apache2/httpd.conf'
+ $ports_file = '/etc/apache2/ports.conf'
+ $vhost = '/etc/apache2/sites-available/15-default.conf'
+ $vhost_dir = '/etc/apache2/sites-available'
+ $run_dir = '/var/run/apache2'
+ $doc_root = '/srv/www'
+ $service_name = 'apache2'
+ $package_name = 'apache2'
+ $error_log = 'error.log'
+ if _operatingsystemrelease < 12
+ $apache_version = '2.2'
+ else
+ $apache_version = '2.4'
+ end
else
$apache_version = '0'
end
-
View
10 spec/acceptance/vhost_spec.rb
@@ -72,15 +72,15 @@ class { 'apache':
it 'should configure an apache vhost' do
pp = <<-EOS
class { 'apache': }
- file { '#{$run_dir}':
+ file { '/var/www':
ensure => 'directory',
recurse => true,
}
apache::vhost { 'first.example.com':
port => '80',
docroot => '/var/www/first',
- require => File['#{$run_dir}'],
+ require => File['/var/www'],
}
EOS
apply_manifest(pp, :catch_failures => true)
@@ -1103,7 +1103,7 @@ class { 'apache': }
action => 'php-fastcgi',
}
EOS
- pp = pp + "\nclass { 'apache::mod::actions': }" if fact('osfamily') == 'Debian'
+ pp = pp + "\nclass { 'apache::mod::actions': }" if fact('osfamily') == 'Debian' || fact('osfamily') == 'Suse'
apply_manifest(pp, :catch_failures => true)
end
@@ -1137,7 +1137,7 @@ class { 'apache': service_ensure => stopped, }
end
describe 'rack_base_uris' do
- if (fact('osfamily') != 'RedHat')
+ unless fact('osfamily') == 'RedHat' or (fact('operatingsystem') == 'SLES' && fact('operatingsystemmajrelease') < '12')
it 'applies cleanly' do
test = lambda do
pp = <<-EOS
@@ -1348,7 +1348,7 @@ class { 'apache::mod::wsgi': }
end
end
- context 'on everything but lucid', :unless => fact('lsbdistcodename') == 'lucid' do
+ context 'on everything but lucid', :unless => (fact('lsbdistcodename') == 'lucid' or (fact('operatingsystem') == 'SLES' && fact('operatingsystemmajrelease') < '12')) do
it 'import_script applies cleanly' do
pp = <<-EOS
class { 'apache': }
View
2 spec/classes/mod/dav_svn_spec.rb
@@ -16,7 +16,7 @@
:id => 'root',
:kernel => 'Linux',
:path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
- :is_pe => false,
+ :is_pe => false,
}
end
it { is_expected.to contain_class("apache::params") }
View
2 spec/spec_helper_acceptance.rb
@@ -5,6 +5,8 @@
run_puppet_install_helper
RSpec.configure do |c|
+ c.filter_run :focus => true
+ c.run_all_when_everything_filtered = true
# apache on Ubuntu 10.04 and 12.04 doesn't like IPv6 VirtualHosts, so we skip ipv6 tests on those systems
if fact('operatingsystem') == 'Ubuntu' and (fact('operatingsystemrelease') == '10.04' or fact('operatingsystemrelease') == '12.04')
c.filter_run_excluding :ipv6 => true
View
6 templates/mod/security.conf.erb
@@ -63,6 +63,12 @@
SecTmpDir /var/cache/modsecurity
SecDataDir /var/cache/modsecurity
SecUploadDir /var/cache/modsecurity
+<%- elsif scope.lookupvar('::osfamily') == 'Suse' -%>
+ SecDebugLog /var/log/apache2/modsec_debug.log
+ SecAuditLog /var/log/apache2/modsec_audit.log
+ SecTmpDir /var/lib/mod_security
+ SecDataDir /var/lib/mod_security
+ SecUploadDir /var/lib/mod_security
<% else -%>
SecDebugLog /var/log/httpd/modsec_debug.log
SecAuditLog /var/log/httpd/modsec_audit.log

0 comments on commit ec51878

Please sign in to comment.