swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make service dependent on ssl and apparmor

Browse source
This commit is contained in:
Leif Johansson 2018-02-12 00:48:19 +01:00
parent 3cb9e38d5c
commit 42148f16b3
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -157,7 +157,6 @@ class md_publisher(Array $allow_clients = ['any'], $keyname = undef, String $dir
ssh_key_type => safe_hiera('publisher_ssh_key_type',"HOT SET IN HIERA") ssh_key_type => safe_hiera('publisher_ssh_key_type',"HOT SET IN HIERA")
} -> } ->
package {'lighttpd': ensure => latest } -> package {'lighttpd': ensure => latest } ->
service {'lighttpd': ensure => running } ->
exec {'enable-ssl': exec {'enable-ssl':
command => "/usr/sbin/lighttpd-enable-mod ssl", command => "/usr/sbin/lighttpd-enable-mod ssl",
onlyif => "test ! -h /etc/lighttpd/conf-enabled/*ssl*" onlyif => "test ! -h /etc/lighttpd/conf-enabled/*ssl*"
@ -167,6 +166,7 @@ class md_publisher(Array $allow_clients = ['any'], $keyname = undef, String $dir
onlyif => "test ! -f /etc/lighttpd/server.pem -a -f /etc/ssl/private/${_keyname}.key -a -f /etc/ssl/certs/${_keyname}.crt" onlyif => "test ! -f /etc/lighttpd/server.pem -a -f /etc/ssl/private/${_keyname}.key -a -f /etc/ssl/certs/${_keyname}.crt"
} -> } ->
apparmor::profile { 'usr.sbin.lighttpd': source => '/etc/apparmor-cosmos/usr.sbin.lighttpd' } -> apparmor::profile { 'usr.sbin.lighttpd': source => '/etc/apparmor-cosmos/usr.sbin.lighttpd' } ->
service {'lighttpd': ensure => running } ->
sunet::misc::ufw_allow {'allow-lighttpd': sunet::misc::ufw_allow {'allow-lighttpd':
from => $allow_clients, from => $allow_clients,
port => 443 port => 443