make $dnsapiport dynamic

OCD fix
2024-06-14 10:20:46 +02:00 · 2024-06-13 15:22:54 +02:00
3 changed files with 7 additions and 4 deletions
--- a/global/overlay/etc/puppet/cosmos-rules.yaml
+++ b/global/overlay/etc/puppet/cosmos-rules.yaml
@ -19,11 +19,12 @@ dns-rest-api1.sunet.se:
   dns:
   dns::knotdns:
   dns::apache2:
+     dnsapiport = '8443'
   sunet::certbot::acmed:
   sunet::baas2:
     nodename: 7B9DBFE1F4D1
     backup_dirs:
-       - '/etc'
+       - '/etc/'
       - '/var/'
     exclude_list:
       - '/.../dsmsched.log'
--- a/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
+++ b/global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
@ -1,4 +1,6 @@
-class dns::apache2 {
+class dns::apache2 (
+  $dnsapiport = '8443',
+){

  package { ['apache2', 'libapache2-mod-qos', 'python3-certbot-apache']:
        ensure => installed,
@ -34,6 +36,6 @@ class dns::apache2 {
    rule => "add rule inet filter input tcp dport 80 counter accept comment \"allow-apache2-http\""
  }
  sunet::nftables::rule { 'apache-https':
-    rule => "add rule inet filter input tcp dport 443 counter accept comment \"allow-apache2-https\""
+    rule => "add rule inet filter input tcp dport $dnsapiport counter accept comment \"allow-apache2-https\""
  }
 }
--- a/global/overlay/etc/puppet/modules/dns/templates/apache2/dns-rest-api.conf.erb
+++ b/global/overlay/etc/puppet/modules/dns/templates/apache2/dns-rest-api.conf.erb
@ -6,7 +6,7 @@
 	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
 </VirtualHost>
 <IfModule mod_ssl.c>
-<VirtualHost *:443>
+<VirtualHost *:<%= @dnsapiport %>>
 	ErrorLog ${APACHE_LOG_DIR}/error.log
 	CustomLog ${APACHE_LOG_DIR}/access.log combined
Author	SHA1	Message	Date
pettai	c077fa4405	make $dnsapiport dynamic	2024-06-14 10:20:46 +02:00
pettai	4605f00aa2	OCD fix	2024-06-13 15:22:54 +02:00