Explorar el Código
fix(yamllint): fix all errors
```bash apache-formula$ yamllint -s . ./pillar.example 2:1 warning missing document start "---" (document-start) 5:26 warning truthy value should be one of [false, true] (truthy) 50:18 warning too few spaces before comment (comments) 51:16 warning truthy value should be one of [false, true] (truthy) 52:57 warning too few spaces before comment (comments) 52:89 error line too long (104 > 88 characters) (line-length) 67:33 warning truthy value should be one of [false, true] (truthy) 67:38 warning too few spaces before comment (comments) 69:31 warning too few spaces before comment (comments) 70:8 warning missing starting space in comment (comments) 75:53 warning too few spaces before comment (comments) 75:89 error line too long (98 > 88 characters) (line-length) 76:55 warning too few spaces before comment (comments) 76:89 error line too long (101 > 88 characters) (line-length) 78:50 warning too few spaces before comment (comments) 79:89 error line too long (95 > 88 characters) (line-length) 82:47 warning too few spaces before comment (comments) 83:54 warning too few spaces before comment (comments) 83:89 error line too long (100 > 88 characters) (line-length) 84:58 warning too few spaces before comment (comments) 84:89 error line too long (109 > 88 characters) (line-length) 93:32 warning too few spaces before comment (comments) 100:89 error line too long (105 > 88 characters) (line-length) 101:33 error trailing spaces (trailing-spaces) 102:16 warning truthy value should be one of [false, true] (truthy) 231:20 warning truthy value should be one of [false, true] (truthy) 242:32 warning too few spaces before comment (comments) 249:20 warning truthy value should be one of [false, true] (truthy) 254:20 warning truthy value should be one of [false, true] (truthy) 260:21 warning truthy value should be one of [false, true] (truthy) 283:8 warning missing starting space in comment (comments) 284:8 warning missing starting space in comment (comments) 297:15 warning too few spaces before comment (comments) 328:18 warning truthy value should be one of [false, true] (truthy) 330:20 warning truthy value should be one of [false, true] (truthy) 342:15 error empty value in block mapping (empty-values) 345:18 warning truthy value should be one of [false, true] (truthy) 348:18 warning truthy value should be one of [false, true] (truthy) 355:18 warning truthy value should be one of [false, true] (truthy) 358:89 error line too long (91 > 88 characters) (line-length) 359:26 warning truthy value should be one of [false, true] (truthy) 362:89 error line too long (99 > 88 characters) (line-length) 365:89 error line too long (267 > 88 characters) (line-length) 367:21 warning truthy value should be one of [false, true] (truthy) 369:26 warning truthy value should be one of [false, true] (truthy) 371:1 error too many blank lines (1 > 0) (empty-lines) ./apache/osfingermap.yaml 3:1 warning missing document start "---" (document-start) ./apache/modsecurity.yaml 4:1 warning missing document start "---" (document-start) 6:18 warning truthy value should be one of [false, true] (truthy) 7:20 warning truthy value should be one of [false, true] (truthy) 14:18 warning truthy value should be one of [false, true] (truthy) 15:20 warning truthy value should be one of [false, true] (truthy) 22:18 warning truthy value should be one of [false, true] (truthy) 23:20 warning truthy value should be one of [false, true] (truthy) ./apache/defaults.yaml 4:1 warning missing document start "---" (document-start) 5:26 warning truthy value should be one of [false, true] (truthy) 7:19 warning truthy value should be one of [false, true] (truthy) 10:18 warning truthy value should be one of [false, true] (truthy) 11:20 warning truthy value should be one of [false, true] (truthy) ./apache/oscodenamemap.yaml 4:1 warning missing document start "---" (document-start) 4:8 error trailing spaces (trailing-spaces) 9:8 error trailing spaces (trailing-spaces) 14:7 error trailing spaces (trailing-spaces) 19:6 error trailing spaces (trailing-spaces) 24:8 error trailing spaces (trailing-spaces) 29:9 error trailing spaces (trailing-spaces) 34:7 error trailing spaces (trailing-spaces) 39:8 error trailing spaces (trailing-spaces) 44:8 error trailing spaces (trailing-spaces) 50:9 error trailing spaces (trailing-spaces) 61:1 error too many blank lines (1 > 0) (empty-lines) ./apache/osfamilymap.yaml 4:1 warning missing document start "---" (document-start) 16:89 error line too long (104 > 88 characters) (line-length) 43:89 error line too long (105 > 88 characters) (line-length) 56:16 warning truthy value should be one of [false, true] (truthy) 114:11 error empty value in block mapping (empty-values) 114:11 error trailing spaces (trailing-spaces) ./test/salt/pillar/default.sls 5:26 warning truthy value should be one of [false, true] (truthy) 7:18 warning truthy value should be one of [false, true] (truthy) 8:20 warning truthy value should be one of [false, true] (truthy) ```tags/v0.38.0
Imran Iqbal
hace 5 años
Se han modificado 7 ficheros con 100 adiciones y 82 borrados
+ 5
- 5
apache/defaults.yaml
Ver fichero
| @@ -1,11 +1,11 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| --- | |||
| apache: | |||
| manage_service_states: True | |||
| manage_service_states: true | |||
| service_state: running | |||
| service_enable: True | |||
| service_enable: true | |||
| mod_security: | |||
| crs_install: False | |||
| manage_config: False | |||
| crs_install: false | |||
| manage_config: false | |||
+ 8
- 8
apache/modsecurity.yaml
Ver fichero
| @@ -1,25 +1,25 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yam | |||
| # vim: ft=yaml | |||
| --- | |||
| Debian: | |||
| mod_security: | |||
| crs_install: False | |||
| manage_config: False | |||
| crs_install: false | |||
| manage_config: false | |||
| package: libapache2-mod-security2 | |||
| crs_package: modsecurity-crs | |||
| config_file: /etc/modsecurity/modsecurity.conf-recommended | |||
| RedHat: | |||
| mod_security: | |||
| crs_install: False | |||
| manage_config: False | |||
| crs_install: false | |||
| manage_config: false | |||
| package: mod_security | |||
| crs_package: mod_security_crs | |||
| config_file: /etc/httpd/conf.d/mod_security.conf | |||
| Suse: | |||
| mod_security: | |||
| crs_install: False | |||
| manage_config: False | |||
| crs_install: false | |||
| manage_config: false | |||
| package: apache2-mod_security2 | |||
| config_file: /etc/apache2/conf.d/mod_security2.conf | |||
+ 11
- 12
apache/oscodenamemap.yaml
Ver fichero
| @@ -1,53 +1,53 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| trusty: | |||
| --- | |||
| trusty: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| utopic: | |||
| utopic: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| vivid: | |||
| vivid: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| wily: | |||
| wily: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| xenial: | |||
| xenial: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| yakkety: | |||
| yakkety: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| zesty: | |||
| zesty: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| artful: | |||
| artful: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| jessie: | |||
| jessie: | |||
| wwwdir: /var/www | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
| stretch: | |||
| stretch: | |||
| wwwdir: /var/www | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| @@ -58,4 +58,3 @@ buster: | |||
| confext: .conf | |||
| default_site: 000-default.conf | |||
| default_site_ssl: default-ssl.conf | |||
+ 5
- 3
apache/osfamilymap.yaml
Ver fichero
| @@ -1,6 +1,6 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| --- | |||
| Debian: | |||
| server: apache2 | |||
| service: apache2 | |||
| @@ -13,6 +13,7 @@ Debian: | |||
| mod_php5: libapache2-mod-php5 | |||
| mod_perl2: libapache2-mod-perl2 | |||
| mod_fcgid: libapache2-mod-fcgid | |||
| # yamllint disable-line rule:line-length | |||
| mod_pagespeed_source: https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb | |||
| mod_xsendfile: libapache2-mod-xsendfile | |||
| mod_fastcgi: libapache2-mod-fastcgi | |||
| @@ -40,6 +41,7 @@ RedHat: | |||
| conf_mod_wsgi: /etc/httpd/conf.d/wsgi.conf | |||
| mod_php5: php | |||
| mod_fcgid: mod_fcgid | |||
| # yamllint disable-line rule:line-length | |||
| mod_pagespeed_source: https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm | |||
| mod_geoip: mod_geoip | |||
| mod_geoip_database: GeoIP | |||
| @@ -53,7 +55,7 @@ RedHat: | |||
| logrotatedir: /etc/logrotate.d/httpd | |||
| wwwdir: /var/www | |||
| default_charset: UTF-8 | |||
| use_require: False | |||
| use_require: false | |||
| moddir: /etc/httpd/conf.modules.d | |||
| Gentoo: | |||
| @@ -111,7 +113,7 @@ FreeBSD: | |||
| modulesdir: /usr/local/etc/apache24/modules.d | |||
| global_document_root: /usr/local/www/apache24/data | |||
| confext: | |||
| confext: '' | |||
| default_site: default | |||
| default_site_ssl: default-ssl | |||
| logdir: /var/log/ | |||
+ 1
- 0
apache/osfingermap.yaml
Ver fichero
| @@ -1,5 +1,6 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| --- | |||
| default: | |||
| version: '2.4' | |||
| Ubuntu-12.04: | |||
+ 67
- 51
pillar.example
Ver fichero
| @@ -1,8 +1,11 @@ | |||
| # -*- coding: utf-8 -*- | |||
| # vim: ft=yaml | |||
| --- | |||
| # ``apache`` formula configuration: | |||
| apache: | |||
| # By default apache restart/reload states run (false skips) | |||
| manage_service_states: True | |||
| manage_service_states: true | |||
| # lookup section overrides ``map.jinja`` values | |||
| lookup: | |||
| @@ -47,9 +50,10 @@ apache: | |||
| example.net: | |||
| template_file: salt://apache/vhosts/minimal.tmpl | |||
| example.com: # must be unique; used as an ID declaration in Salt. | |||
| enabled: True | |||
| template_file: salt://apache/vhosts/standard.tmpl # or minimal.tmpl or redirect.tmpl or proxy.tmpl | |||
| example.com: # must be unique; used as an ID declaration in Salt. | |||
| enabled: true | |||
| # or minimal.tmpl or redirect.tmpl or proxy.tmpl | |||
| template_file: salt://apache/vhosts/standard.tmpl | |||
| ####################### DEFAULT VALUES BELOW ############################ | |||
| # NOTE: the values below are simply default settings that *can* be | |||
| @@ -64,42 +68,51 @@ apache: | |||
| interface: '*' | |||
| port: '80' | |||
| exclude_listen_directive: True # Do not add a Listen directive in httpd.conf | |||
| exclude_listen_directive: true # Do not add a Listen directive in httpd.conf | |||
| ServerName: example.com # uses the unique ID above unless specified | |||
| #ServerAlias: www.example.com # Do not add ServerAlias unless defined | |||
| ServerName: example.com # uses the unique ID above unless specified | |||
| # ServerAlias: www.example.com # Do not add ServerAlias unless defined | |||
| ServerAdmin: webmaster@example.com | |||
| LogLevel: warn | |||
| ErrorLog: /path/to/logs/example.com-error.log # E.g.: /var/log/apache2/example.com-error.log | |||
| CustomLog: /path/to/logs/example.com-access.log # E.g.: /var/log/apache2/example.com-access.log | |||
| DocumentRoot: /path/to/www/dir/example.com # E.g., /var/www/example.com | |||
| DocumentRootUser: null # do not enforce user, defaults to lookup:document_root_user | |||
| DocumentRootGroup: www-data # Force group, defaults to lookup:document_root_group | |||
| SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired | |||
| SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file | |||
| SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file | |||
| # E.g.: /var/log/apache2/example.com-error.log | |||
| ErrorLog: /path/to/logs/example.com-error.log | |||
| # E.g.: /var/log/apache2/example.com-access.log | |||
| CustomLog: /path/to/logs/example.com-access.log | |||
| # E.g., /var/www/example.com | |||
| DocumentRoot: /path/to/www/dir/example.com | |||
| # do not enforce user, defaults to lookup:document_root_user | |||
| DocumentRootUser: null | |||
| # Force group, defaults to lookup:document_root_group | |||
| DocumentRootGroup: www-data | |||
| # if ssl is desired | |||
| SSLCertificateFile: /etc/ssl/mycert.pem | |||
| # if key for cert is needed or in an extra file | |||
| SSLCertificateKeyFile: /etc/ssl/mycert.pem.key | |||
| # if you require a chain of server certificates file | |||
| SSLCertificateChainFile: /etc/ssl/mycert.chain.pem | |||
| Directory: | |||
| # "default" is a special case; uses DocumentRoot value | |||
| # E.g.: /var/www/example.com | |||
| default: | |||
| Options: -Indexes +FollowSymLinks | |||
| Order: allow,deny # For Apache < 2.4 | |||
| Allow: from all # For apache < 2.4 | |||
| Require: all granted # For apache > 2.4. | |||
| Order: allow,deny # For Apache < 2.4 | |||
| Allow: from all # For apache < 2.4 | |||
| Require: all granted # For apache > 2.4. | |||
| AllowOverride: None | |||
| Formula_Append: | | |||
| Additional config as a | |||
| multi-line string here | |||
| redirectmatch.com: | |||
| # Use RedirectMatch Directive https://httpd.apache.org/docs/2.4/fr/mod/mod_alias.html#redirectmatch | |||
| # Require module mod_alias | |||
| enabled: True | |||
| # Use RedirectMatch Directive | |||
| # - https://httpd.apache.org/docs/2.4/fr/mod/mod_alias.html#redirectmatch | |||
| # Require module mod_alias | |||
| enabled: true | |||
| template_file: salt://apache/vhosts/redirect.tmpl | |||
| ServerName: www.redirectmatch.com | |||
| ServerAlias: www.redirectmatch.com | |||
| @@ -228,7 +241,7 @@ apache: | |||
| Location: | |||
| /: | |||
| Require: False | |||
| Require: false | |||
| Formula_Append: | | |||
| SecRuleRemoveById 981231 | |||
| SecRuleRemoveById 981173 | |||
| @@ -237,27 +250,27 @@ apache: | |||
| Require: 'all granted' | |||
| /docs: | |||
| Order: allow,deny # For Apache < 2.4 | |||
| Allow: from all # For apache < 2.4 | |||
| Require: all granted # For apache > 2.4. | |||
| Order: allow,deny # For Apache < 2.4 | |||
| Allow: from all # For apache < 2.4 | |||
| Require: all granted # For apache > 2.4. | |||
| Formula_Append: | | |||
| Additional config as a | |||
| multi-line string here | |||
| LocationMatch: | |||
| '^[.\\/]+([Ww][Ee][Bb][Mm][Aa][Ii][Ll])[.\\/]': | |||
| Require: False | |||
| Require: false | |||
| Formula_Append: | | |||
| RequestHeader set Host mail.example.com | |||
| '^[.\\/]+([Ss][Vv][Cc])[.\\/]': | |||
| Require: False | |||
| Require: false | |||
| Formula_Append: | | |||
| Require ip 123.123.13.6 84.24.25.74 | |||
| Proxy_control: | |||
| '*': | |||
| AllowAll: False | |||
| AllowAll: false | |||
| AllowCountry: | |||
| - DE | |||
| AllowIP: | |||
| @@ -280,21 +293,21 @@ apache: | |||
| path: 'salt://path/to/sites-available/conf/file' | |||
| state: 'enabled' | |||
| # Optional - use managed file as Jinja Template | |||
| #template: true | |||
| #defaults: | |||
| # custom_var: "default value" | |||
| # template: true | |||
| # defaults: | |||
| # custom_var: "default value" | |||
| modules: | |||
| enabled: # List modules to enable | |||
| enabled: # List modules to enable | |||
| - ldap | |||
| - ssl | |||
| disabled: # List modules to disable | |||
| - rewrite | |||
| flags: | |||
| enabled: # List server flags to enable | |||
| enabled: # List server flags to enable | |||
| - SSL | |||
| disabled: # List server flags to disable | |||
| disabled: # List server flags to disable | |||
| - status | |||
| # KeepAlive: Whether or not to allow persistent connections (more than | |||
| @@ -325,9 +338,9 @@ apache: | |||
| # ``apache.mod_security`` formula additional configuration: | |||
| mod_security: | |||
| crs_install: True | |||
| crs_install: true | |||
| # If not set, default distro's configuration is installed as is | |||
| manage_config: True | |||
| manage_config: true | |||
| sec_rule_engine: 'On' | |||
| sec_request_body_access: 'On' | |||
| sec_request_body_limit: '14000000' | |||
| @@ -339,33 +352,36 @@ apache: | |||
| sec_debug_log_level: '3' | |||
| rules: | |||
| enabled: | |||
| enabled: ~ | |||
| modsecurity_crs_10_setup.conf: | |||
| rule_set: '' | |||
| enabled: True | |||
| enabled: true | |||
| modsecurity_crs_20_protocol_violations.conf: | |||
| rule_set: 'base_rules' | |||
| enabled: False | |||
| enabled: false | |||
| custom_rule_files: | |||
| # any name as an array index, and you can duplicate this section | |||
| UNIQUE_VALUE_HERE: | |||
| file: 'my name' | |||
| path: 'salt://path/to/modsecurity/custom/file' | |||
| enabled: True | |||
| enabled: true | |||
| mod_ssl: | |||
| # set this to True if you want to override your distributions default TLS configuration | |||
| manage_tls_defaults: False | |||
| # This stuff is deliberately not configured via map.jinja resp. apache:lookup. | |||
| # We're unable to know sane defaults for each release of every distribution. | |||
| # See https://github.com/saltstack-formulas/openssh-formula/issues/102 for a related discussion | |||
| # Have a look at bettercrypto.org for up-to-date settings. | |||
| # set this to true if you want to override your distributions default TLS | |||
| # configuration | |||
| manage_tls_defaults: false | |||
| # This stuff is deliberately not configured via map.jinja resp. | |||
| # apache:lookup. We're unable to know sane defaults for each release of | |||
| # every distribution. | |||
| # See https://github.com/saltstack-formulas/openssh-formula/issues/102 for | |||
| # a related discussion Have a look at bettercrypto.org for up-to-date | |||
| # settings. | |||
| # These are default values: | |||
| # yamllint disable-line rule:line-length | |||
| SSLCipherSuite: EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA | |||
| # Mitigate the CRIME attack | |||
| SSLCompression: Off | |||
| SSLCompression: 'Off' | |||
| SSLProtocol: all -SSLv2 -SSLv3 -TLSv1 | |||
| SSLHonorCipherOrder: On | |||
| SSLHonorCipherOrder: 'On' | |||
| SSLOptions: "+StrictRequire" | |||
+ 3
- 3
test/salt/pillar/default.sls
Ver fichero
| @@ -2,10 +2,10 @@ | |||
| # vim: ft=yaml | |||
| --- | |||
| apache: | |||
| manage_service_states: False | |||
| manage_service_states: false | |||
| mod_security: | |||
| crs_install: True | |||
| manage_config: True | |||
| crs_install: true | |||
| manage_config: true | |||
| sec_rule_engine: 'On' | |||
| sec_request_body_access: 'On' | |||
| sec_request_body_limit: '14000000' | |||
Cargando…