ExternalMirrors
/
apache-formula
mirror of https://github.com/saltstack-formulas/apache-formula.git
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 31 Wiki Activity
Saltstack Official Apache Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
696 Commits
5 Branches
Tree: fe82ccc2be
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fe82ccc2be'
${ noResults }
apache-formula/apache/config/modules/mod_security/init.sls

90 lines
2.8KB
Raw Blame History 

  1. # -*- coding: utf-8 -*-

  2. # vim: ft=sls

  3. 

  4. {%- set tplroot = tpldir.split('/')[0] %}

  5. {%- set sls_service_running = tplroot ~ '.service.running' %}

  6. {%- set sls_package_install = tplroot ~ '.package.install' %}

  7. {%- from tplroot ~ "/map.jinja" import apache with context %}

  8. 

  9. include:

  10.   - {{ sls_service_running }}

  11.   - {{ sls_package_install }}

  12. 

  13.     {%- if grains.os_family not in ('Arch',) %}

  14. 

  15. apache-config-modules-security-pkg:

  16.   pkg.installed:

  17.     - name: {{ apache.mod_security.package }}

  18.     - order: 180

  19.     - require:

  20.       - pkg: apache-package-install-pkg-installed

  21.     - watch_in:

  22.       - module: apache-service-running-restart

  23.     - require_in:

  24.       - module: apache-service-running-restart

  25.       - module: apache-service-running-reload

  26.       - service: apache-service-running

  27. 

  28.         {%- if apache.mod_security.crs_install and 'crs_package' in apache.mod_security %}

  29. 

  30. apache-config-modules-security-crs-pkg:

  31.   pkg.installed:

  32.     - name: {{ apache.mod_security.crs_package }}

  33.     - order: 180

  34.     - require:

  35.       - pkg: apache-config-modules-security-pkg

  36.     - watch_in:

  37.       - module: apache-service-running-restart

  38.     - require_in:

  39.       - module: apache-service-running-restart

  40.       - module: apache-service-running-reload

  41.       - service: apache-service-running

  42. 

  43.         {%- endif %}

  44.         {%- if apache.mod_security.manage_config and 'config_file' in apache.mod_security %}

  45. 

  46. apache-config-modules-security-main-config-file-managed:

  47.   file.managed:

  48.     - name: {{ apache.mod_security.config_file }}

  49.     - order: 220

  50.     - makedirs: True

  51.     - template: {{ apache.get('template_engine', 'jinja') }}

  52.     - context:

  53.       apache: {{ apache|json }}

  54.     - source:

  55.       - {{ 'salt://apache/files/' ~ salt['grains.get']('os_family') ~ '/modsecurity.conf.jinja' }}

  56.     - context: {{ apache.mod_security|json }}

  57.     - require:

  58.       - pkg: apache-config-modules-security-pkg

  59.     - watch_in:

  60.       - module: apache-service-running-reload

  61.     - require_in:

  62.       - module: apache-service-running-restart

  63.       - module: apache-service-running-reload

  64.       - service: apache-service-running

  65. 

  66.         {%- endif %}

  67.         {%- if grains['os_family'] in ('Suse', 'Debian',) %}

  68. 

  69. apache-config-modules-security-cmd-run-a2en-security2:

  70.   cmd.run:

  71.     - name: a2enmod security2

  72.     - unless: ls {{ apache.moddir }}/security2.load && ls {{ apache.moddir }}/security2.conf

  73.     - order: 225

  74. 

  75.         {%- elif grains.os_family in ('Redhat',) %}

  76. apache-config-modules-security-file-directory-modsecurity:

  77.   file.directory:

  78.     - name: /etc/httpd/modsecurity.d

  79.         {%- endif %}

  80. 

  81.     - require:

  82.       - pkg: apache-config-modules-security-pkg

  83.     - watch_in:

  84.       - module: apache-service-running-restart

  85.     - require_in:

  86.       - module: apache-service-running-restart

  87.       - module: apache-service-running-reload

  88.       - service: apache-service-running

  89.     {%- endif %}