Commit 6e708dae authored by Antoine Mazeas's avatar Antoine Mazeas
Browse files

Allow custom settings in `apache2_conf` templates



Using the now documented `options` property of the `conf` resource, it
is now possible to pass arbitrary values to the underlying template.
This is most useful when the conf template is overridden via
template_cookbook (taken from one's own cookbook and not from the apache2 cookbook)

Example:
  apache2_conf 'custom' do
    template_cookbook 'test'
    options(
      index_ignore: '. .secret *.gen',
      index_charset: 'UTF-8'
    )
  end
Signed-off-by: default avatarAntoine Mazeas <antoine@karthanis.net>
parent 06649ca5
......@@ -9,6 +9,7 @@ Writes conf files to the `conf-available` folder, and passes enabled values to `
| path | String | `"#{apache_dir}/conf-available"` | Path to the conf-available directory |
| root_group | String | `node['root_group']` | Platform based default for the templates root group. |
| template_cookbook | String | apache2 | Cookbook to source the template from. Override this to provide your own template. |
| options | Hash | `node['root_group']` | Hash of key-value pairs to pass to the template (useful for overridden templates) |
### Examples
......@@ -33,3 +34,15 @@ apache2_conf 'example' do
path '/random/example/path'
end
```
Use a custom template with discrete variables:
```ruby
apache2_conf 'my_custom_conf' do
template_cookbook 'my_cookbook'
options(
index_ignore: ". .secret *.gen"
index_charset: "UTF-8"
)
end
```
......@@ -27,12 +27,7 @@ action :enable do
group new_resource.root_group
backup false
mode '0644'
variables(
apache_dir: apache_dir,
server_tokens: new_resource.options[:server_tokens],
server_signature: new_resource.options[:server_signature],
trace_enable: new_resource.options[:trace_enable]
)
variables new_resource.options.merge({apache_dir: apache_dir})
notifies :restart, 'service[apache2]', :delayed
end
......
......@@ -12,6 +12,14 @@ apache2_default_site '' do
action :enable
end
apache2_conf 'custom' do
template_cookbook 'test'
options(
index_ignore: '. .secret *.gen',
index_charset: 'UTF-8'
)
end
service 'apache2' do
service_name lazy { apache_platform_service_name }
supports restart: true, status: true, reload: true
......
# This is a custom config with arbitrary settings
IndexIgnore <%= @index_ignore %>
# maybe add another setting here ?
IndexOptions Charset=<%= @index_charset %>
......@@ -79,6 +79,35 @@ control 'template-render' do
end
end
control 'custom-conf' do
case os[:family]
when 'debian'
describe file('/etc/apache2/conf-enabled/custom.conf') do
it { should exist }
its('content') { should include 'IndexIgnore . .secret *.gen' }
its('content') { should include 'IndexOptions Charset=UTF-8' }
end
when 'suse'
describe file('/etc/apache2/conf-enabled/custom.conf') do
it { should exist }
its('content') { should include 'IndexIgnore . .secret *.gen' }
its('content') { should include 'IndexOptions Charset=UTF-8' }
end
when 'freebsd'
describe file('/usr/local/etc/apache2/conf-enabled/custom.conf') do
it { should exist }
its('content') { should include 'IndexIgnore . .secret *.gen' }
its('content') { should include 'IndexOptions Charset=UTF-8' }
end
else
describe file('/etc/httpd/conf/conf-enabled/custom.conf') do
it { should exist }
its('content') { should include 'IndexIgnore . .secret *.gen' }
its('content') { should include 'IndexOptions Charset=UTF-8' }
end
end
end
# Disable until all platforms are pukka
# include_controls 'dev-sec/apache-baseline' do
# skip_control 'apache-05' # We don't have hardening.conf
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment