This commit is contained in:
pettai 2024-06-14 12:12:04 +02:00
parent b49151ca77
commit bd09f33737
No known key found for this signature in database
GPG key ID: CDF2C381E9A751BD

View file

@ -5,6 +5,11 @@ class dns::apache2 (
package { ['apache2', 'libapache2-mod-qos', 'python3-certbot-apache']: package { ['apache2', 'libapache2-mod-qos', 'python3-certbot-apache']:
ensure => installed, ensure => installed,
} }
file {'/etc/letsencrypt/options-ssl-apache.conf':
ensure => present,
source => "/usr/lib/python3/dist-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf",
}
service { 'apache2': service { 'apache2':
ensure => running, ensure => running,
enable => true, enable => true,
@ -33,11 +38,6 @@ class dns::apache2 (
notify => Service['apache2'], notify => Service['apache2'],
} }
file {'/etc/letsencrypt/options-ssl-apache.conf':
ensure => present,
source => "/usr/lib/python3/dist-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf",
}
# NFT rules # NFT rules
sunet::nftables::rule { 'apache-http': sunet::nftables::rule { 'apache-http':
rule => "add rule inet filter input tcp dport 80 counter accept comment \"allow-apache2-http\"" rule => "add rule inet filter input tcp dport 80 counter accept comment \"allow-apache2-http\""