In 4d04d95b02 (#113)
apache/vhosts/standard.sls has been modified by @genuss to include
apache.config on the basis that apache.config was now able to retrieve the
interfaces/ports from pillar data in apache:sites.
I use apache:sites to register virtual hosts with non-standard
"template_file" (they contain the desired configuration directly)
and the "interface/port" keys are thus not meaningful.
apache:
sites:
example.com:
template_file: salt://vm/example/apache-vhost.conf
DocumentRoot: False
The generated ports.conf ends up containing only "*:80" while
my virtual host configuration files need ports 80 and 443. The
situation was perfectly fine up to now because the default configuration
file handles both of those ports if you have mod_ssl installed.
People who want to use apache.config should just explicitly include
that state, we should not force its usage to all apache.vhosts.standard
users.
* Add ProxyRequests directive
This allows or prevents Apache httpd from functioning as a forward proxy server.
[See](https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyrequests).
The default action is off so I've set this a the default for this formula so it does not change the default behaviour.
* Add example pillar usage
Removing the file /etc/apache2/sites-available/000-default.conf leads to an error when Apache is restarted.
So the symlink in /etc/apache2/sites-enabled/ should be removed, the actual file can stay.
This is done by split the interface pillar value instead of using a proper
list so it behaves exactly the same as before for simple 1 interface cases
(no need to refactor one's pillar files).
The resulting is something like:
Listen 1.2.3.4:80
Listen [2001:abc:def:100::3]:80
<VirtualHost 1.2.3.4:80 [2001:abc:def:100::3]:80>
...
Apache2 docs state this is global, but vhost overrides it even when not specified.
additionally, this directive is defaulted differently across distributions (eg. CentOS is default 'On')
this change allows control of the directive.
By reassigning options with `blockreplace` at `/etc/apache2/conf-available/security.conf`, which is linked as conf-enabled by default on Debian packages