浏览代码

Added ability to configure mod_remoteip

master
Alexander Kozlov 9 年前
父节点
当前提交
8f2308b985
共有 4 个文件被更改,包括 41 次插入0 次删除
  1. +5
    -0
      README.rst
  2. +4
    -0
      apache/files/Debian/conf-available/remoteip.conf.jinja
  3. +25
    -0
      apache/mod_remoteip.sls
  4. +7
    -0
      pillar.example

+ 5
- 0
README.rst 查看文件

@@ -85,6 +85,11 @@ Installs and enables the mod_fcgid module

Enables the Apache module vhost_alias (Debian Only)

``apache.mod_remoteip``
----------------------

Enables and configures the Apache module mod_remoteip using data from Pillar. (Debian Only)

``apache.vhosts.standard``
--------------------------


+ 4
- 0
apache/files/Debian/conf-available/remoteip.conf.jinja 查看文件

@@ -0,0 +1,4 @@
RemoteIPHeader {{ salt['pillar.get']('apache:mod_remoteip:RemoteIPHeader', 'X-Forwarded-For') }}
{%- for trusted_proxy in salt['pillar.get']('apache:mod_remoteip:RemoteIPTrustedProxy', []) %}
RemoteIPTrustedProxy {{ trusted_proxy }}
{%- endfor %}

+ 25
- 0
apache/mod_remoteip.sls 查看文件

@@ -0,0 +1,25 @@
{% if grains['os_family']=="Debian" %}

include:
- apache

a2enmod remoteip:
cmd.run:
- unless: ls /etc/apache2/mods-enabled/remoteip.load
- order: 255
- require:
- pkg: apache
- watch_in:
- module: apache-restart

/etc/apache2/conf-available/remoteip.conf:
file.managed:
- template: jinja
- source:
- salt://apache/files/{{ salt['grains.get']('os_family') }}/conf-available/remoteip.conf.jinja
- require:
- pkg: apache
- watch_in:
- service: apache

{% endif %}

+ 7
- 0
pillar.example 查看文件

@@ -18,6 +18,13 @@ apache:
# ``apache.mod_wsgi`` formula additional configuration:
mod_wsgi: mod_wsgi

# ``apache.mod_remoteip`` formula additional configuration:
mod_remoteip:
RemoteIPHeader: X-Forwarded-For
RemoteIPTrustedProxy:
- 10.0.8.0/24
- 127.0.0.1

# ``apache.vhosts`` formula additional configuration:
sites:
example.net:

正在加载...
取消
保存