puppetlabs-apache

puppetlabs-apache copied to clipboard

Update EL8+ and Debian SSL defaults

2

It has been a long time since the defaults were updated. This results in a safer out-of-the-box deployment, matching what the vendors do. For reference, EL7 has `SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA` and...

ekohl

Automatically enable mod_http2 if needed

1

Following https://httpd.apache.org/docs/current/howto/http2.html the first step is to load the http2 module. By inspecting the protocols argument users can enable HTTP/2 via Hiera.

ekohl

This is likely incomplete and untested at the moment. However, it shows how big the cleanup is.

ekohl

Support setting SSLProxyCipherSuite on mod_ssl

1

While it is a parameter for apache::vhost, this allows setting it server wide just like SSLCipherSuite.

ekohl

## Describe the Bug When `$php_version` is set to `8.0` and the OS is RedHat, the wrong php library is being loaded due to an incorrect comparison. It should load...

polatsinan

add maxrequestworkers parameter for mpm_worker module

3

trefzer

fix rewrite rules being ignored

1

In 7b22dae the default value for $rewrites was changed from undef to [] in manifests/vhost.pp. This results in templates_vhost/_rewrite.erb always evaluating to false (boolean check on an empty array variable...

trefzer

add Hash $vhosts_defaults to apache::vhosts class?

8

## Use Case In our environment we have a some per-vhosts-settings which are identical in multiple vhosts. Therefore it would be great to be able to set defaults for multiple...

janit42

This attempts to unify SELinux handling in the tests. It moves the package installation to the acceptance spec helper to reduce duplication. It then makes the set_apache_defaults line idempotent and...

ekohl

## Describe the Bug apache::mod::security is not RHEL 8 compliant. mod_security_crs-3 incompatible, different path and names. ## Expected Behavior . ## Steps to Reproduce install on rhel8 ## Environment -...

d0n0van