71fe2002e5
The builder ssl vhost template looks up vars as if they are local. Problem is with futureparser and puppet4 these vars don't make it into the global scope so they aren't valid here. Instead we do explicit lookup of the values in the correct scope. Change-Id: I92a6533d47075d8dac404999a6e3b5c4ccea84ed
63 lines
2.2 KiB
Plaintext
63 lines
2.2 KiB
Plaintext
<VirtualHost *:80>
|
|
ServerName <%= scope.lookupvar("nodepool::builder::vhost_name") %>
|
|
|
|
ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_error.log
|
|
LogLevel warn
|
|
CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_access.log combined
|
|
ServerSignature Off
|
|
|
|
Redirect / https://<%= scope.lookupvar("nodepool::builder::vhost_name") %>/
|
|
|
|
</VirtualHost>
|
|
|
|
|
|
<VirtualHost *:443>
|
|
ServerName <%= scope.lookupvar("nodepool::builder::vhost_name") %>
|
|
|
|
SSLEngine on
|
|
|
|
SSLCertificateFile <%= scope.lookupvar("nodepool::builder::ssl_cert_file") %>
|
|
SSLCertificateKeyFile <%= scope.lookupvar("nodepool::builder::ssl_key_file") %>
|
|
<%# The original default was '' -%>
|
|
<%# scope.lookupvar returns nil for an undefined variable in puppet 4 -%>
|
|
<%# scope.lookupvar returns :undef for an undefined variable in puppet 3 -%>
|
|
<% unless ['', nil, :undef].include? scope.lookupvar("nodepool::builder::ssl_chain_file") %>
|
|
SSLCertificateChainFile <%= scope.lookupvar("nodepool::builder::ssl_chain_file") %>
|
|
<% end %>
|
|
|
|
DocumentRoot <%= scope.lookupvar("nodepool::builder::build_log_document_root") %>
|
|
<Directory <%= scope.lookupvar("nodepool::builder::build_log_document_root") %>>
|
|
Options <%= scope.lookupvar("httpd::params::options") %>
|
|
AllowOverride None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
# Allow access to image files
|
|
Alias /images /opt/nodepool_dib
|
|
<Directory /opt/nodepool_dib>
|
|
Options <%= scope.lookupvar("httpd::params::options") %>
|
|
AllowOverride None
|
|
Require all granted
|
|
# Only allow access to the qcow2 files as they are smallest
|
|
<FilesMatch ".+\.(vhd|raw)(\.(md5|sha256))?$">
|
|
Require all denied
|
|
</FilesMatch>
|
|
</Directory>
|
|
# Exclude the dib build dir as well.
|
|
<Directory /opt/nodepool_dib/*.d/>
|
|
Require all denied
|
|
</Directory>
|
|
|
|
ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_error.log
|
|
LogLevel warn
|
|
CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/nodepool_access.log combined
|
|
ServerSignature Off
|
|
|
|
AddType text/plain .log
|
|
|
|
<IfModule mod_deflate.c>
|
|
SetOutputFilter DEFLATE
|
|
</IfModule>
|
|
|
|
</VirtualHost>
|