Installiert Apache Webserver
Ein Puppetmanifest, welches den apache Webserver auf einem Debian System installiert. Es wird zusätzlich eine minimale Härtung durchgeführt, eine authentifizierung über ldap aktiviert und php installiert.
Seitenkonfigurationen werden über die Variable webpages verteilt und aktiviert.
# Install Apache Webserver and configure some defaults
class infoserver_2410::install_webserver {
$webpages = [ '000-default.conf', '001-db.conf', '002-backup.conf', '004-doku.conf', ]
$module = "modules/infoserver_2410"
$msg = "infoserver_2410:"
# Install package
package { "$msg Install apache2 webserver": name => 'apache2', ensure => present, }
package { "$msg Install php for webserver": name => 'php', ensure => present, notify => Exec["$msg Activate ldap authentication for webserver"] }
exec { "$msg Activate ldap authentication for webserver": path => [ '/usr/sbin', '/usr/bin' ], command => "a2enmod authnz_ldap", refreshonly => true, }
# Check if daemon is running
service { "$msg Run apache2 webserver": name => 'apache2', ensure => running, enable => true, }
# Disable server information
file_line { "$msg Disable Apache and OS information": path => "/etc/apache2/conf-enabled/security.conf", match => "^ServerTokens.*", line => "ServerTokens Prod", ensure => present, notify => Service["$msg Run apache2 webserver"] }
file_line { "$msg Disable error pages": path => "/etc/apache2/conf-enabled/security.conf", match => "^ServerSignature.*", line => "ServerSignature Off", ensure => present, notify => Service["$msg Run apache2 webserver"] }
# Configure webpages
$webpath = "/etc/apache2/sites-available"
$webpages.each | $webpage | {
file { "$msg Create Webpage $webpage": ensure => present, path => "$webpath/$webpage", owner => root, group => root, mode => '640', source => "puppet:///$module/$webpath/$webpage", notify => Exec["$msg Enable webpage $webpage"] }
exec { "$msg Enable webpage $webpage": path => [ '/usr/sbin', '/usr/bin' ], command => "a2ensite $webpage && systemctl reload apache2", refreshonly => true, }
}
}