summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2020-05-13 23:21:14 +0200
committerJan Dittberner <jandd@cacert.org>2020-05-13 23:21:14 +0200
commit1d1b6360d84145f792742b02fc6ad59721a9f118 (patch)
tree21b2fdd995599913369d929632685abb63ed957e
parent8e518f75f6badea75adc3435f8cb595a72938809 (diff)
downloadcacert-puppet-1d1b6360d84145f792742b02fc6ad59721a9f118.tar.gz
cacert-puppet-1d1b6360d84145f792742b02fc6ad59721a9f118.tar.xz
cacert-puppet-1d1b6360d84145f792742b02fc6ad59721a9f118.zip
Fix parameter names for https VirtualHost
-rw-r--r--sitemodules/profiles/manifests/roundcube.pp52
1 files changed, 26 insertions, 26 deletions
diff --git a/sitemodules/profiles/manifests/roundcube.pp b/sitemodules/profiles/manifests/roundcube.pp
index 9a744a9..98f33b3 100644
--- a/sitemodules/profiles/manifests/roundcube.pp
+++ b/sitemodules/profiles/manifests/roundcube.pp
@@ -257,38 +257,38 @@ class profiles::roundcube (
redirect_status => ['permanent'],
}
apache::vhost { "${external_name}-https":
- vhost_name => '*',
- servername => $external_name,
- docroot => '/var/lib/roundcube',
- port => 443,
- access_log => true,
- access_log_format => 'combined',
- error_log => true,
- serveradmin => 'webmail-admin@cacert.org',
- ssl => true,
- ssl_cert => $apache_ssl_cert,
- ssl_key => $apache_ssl_key,
- ssl_ca => $cacert_cert_bundle,
- ssl_verify_client => 'optional',
- ssl_verify_depth => 2,
- ssl_options => ['+StdEnvVars'],
- ssl_protocol => 'all -SSLv3 -TLSv1 -TLSv1.1',
- ssl_cipher => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384',
- ssl_honor_cipher_order => 'on',
- ssl_session_tickets => false,
- ssl_stabling => true,
- ssl_stapling_cache => 'shmcb:logs/ssl_stapling(32768)',
- directories => [
+ vhost_name => '*',
+ servername => $external_name,
+ docroot => '/var/lib/roundcube',
+ port => 443,
+ access_log => true,
+ access_log_format => 'combined',
+ error_log => true,
+ serveradmin => 'webmail-admin@cacert.org',
+ ssl => true,
+ ssl_cert => $apache_ssl_cert,
+ ssl_key => $apache_ssl_key,
+ ssl_ca => $cacert_cert_bundle,
+ ssl_verify_client => 'optional',
+ ssl_verify_depth => 2,
+ ssl_options => ['+StdEnvVars'],
+ ssl_protocol => 'all -SSLv3 -TLSv1 -TLSv1.1',
+ ssl_cipher => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384',
+ ssl_honorcipherorder => 'on',
+ ssl_sessiontickets => false,
+ ssl_stapling => true,
+ stapling_cache => 'shmcb:logs/ssl_stapling(32768)',
+ directories => [
{
path => '/var/lib/roundcube',
options => ['Indexes', 'FollowSymLinks']
},
],
- redirect_source => ['/password.php', '/staff.php'],
- redirect_target => [
+ redirect_source => ['/password.php', '/staff.php'],
+ redirect_dest => [
'https://selfservice.cacert.org/password-reset', 'https://selfservice.cacert.org/staff'],
- redirect_status => ['permanent', 'permanent'],
- rewrites => [
+ redirect_status => ['permanent', 'permanent'],
+ rewrites => [
{
rewrite_cond => ['%{REQUEST_URI} ^/board/motions.php', '%{QUERY_STRING} motion=(.*)$'],
rewrite_rule => ['^/board/motions.php https://motion.cacert.org/motions/%1? [L,R=permanent]'],