centos.pp 1.06 KB
Newer Older
1
class mod_security::centos inherits mod_security::base {
mh's avatar
mh committed
2
  apache::config::global{'mod_security.conf':
mh's avatar
mh committed
3
    source => "modules/mod_security/normal/${::operatingsystem}/mod_security.conf",
mh's avatar
mh committed
4
5
6
    require => Package['mod_security'],
    notify => Service['apache'],
  }
mh's avatar
mh committed
7
8
9
  file{'/etc/httpd/modsecurity.d/customrules/optional_rules.conf':
    content => "Include modsecurity.d/optional_rules/*.conf\n",
    ensure => $mod_security_optional_rules ? {
mh's avatar
mh committed
10
11
                true => 'present',
                default => 'absent'
mh's avatar
mh committed
12
13
14
15
16
    },
    require => Package['mod_security'],
    notify => Service['apache'],
    owner => root, group => 0, mode => 0644;
  }
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

  package{'mod_security_crs': }
  if mod_security::crs_ruleset {
    Package['mod_security_crs']{
      ensure => present,
    }
  } else {
    Package['mod_security_crs']{
      ensure => absent,
    }
  }

  package{'mod_security_crs-extras': }
  if mod_security::crs_extras_ruleset {
    Package['mod_security_crs-extras']{
      ensure => present,
    }
  } else {
    Package['mod_security_crs-extras']{
      ensure => absent,
    }
  }
39
}