ServerName <%= scope.lookupvar("nodepool::builder::vhost_name") %> ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_error.log LogLevel warn CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_access.log combined ServerSignature Off Redirect / https://<%= scope.lookupvar("nodepool::builder::vhost_name") %>/ ServerName <%= scope.lookupvar("nodepool::builder::vhost_name") %> SSLEngine on SSLCertificateFile <%= scope.lookupvar("nodepool::builder::ssl_cert_file") %> SSLCertificateKeyFile <%= scope.lookupvar("nodepool::builder::ssl_key_file") %> <%# The original default was '' -%> <%# scope.lookupvar returns nil for an undefined variable in puppet 4 -%> <%# scope.lookupvar returns :undef for an undefined variable in puppet 3 -%> <% unless ['', nil, :undef].include? scope.lookupvar("nodepool::builder::ssl_chain_file") %> SSLCertificateChainFile <%= scope.lookupvar("nodepool::builder::ssl_chain_file") %> <% end %> DocumentRoot <%= scope.lookupvar("nodepool::builder::build_log_document_root") %> > Options <%= scope.lookupvar("httpd::params::options") %> AllowOverride None Require all granted # Allow access to image files Alias /images /opt/nodepool_dib Options <%= scope.lookupvar("httpd::params::options") %> AllowOverride None Require all granted # Only allow access to the qcow2 files as they are smallest Require all denied # Exclude the dib build dir as well. Require all denied ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_error.log LogLevel warn CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_access.log combined ServerSignature Off AddType text/plain .log SetOutputFilter DEFLATE