summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2020-05-13 23:23:03 +0200
committerJan Dittberner <jandd@cacert.org>2020-05-13 23:23:03 +0200
commit6a1118a96e930a44ffa51c2c08ee59ee2a1bd678 (patch)
treef788a567f5973efbc69cd8c9e3d0a4251915decc
parent1d1b6360d84145f792742b02fc6ad59721a9f118 (diff)
downloadcacert-puppet-6a1118a96e930a44ffa51c2c08ee59ee2a1bd678.tar.gz
cacert-puppet-6a1118a96e930a44ffa51c2c08ee59ee2a1bd678.tar.xz
cacert-puppet-6a1118a96e930a44ffa51c2c08ee59ee2a1bd678.zip
Move mod_ssl parameters to class apache::mod::ssl
-rw-r--r--sitemodules/profiles/manifests/roundcube.pp6
1 files changed, 4 insertions, 2 deletions
diff --git a/sitemodules/profiles/manifests/roundcube.pp b/sitemodules/profiles/manifests/roundcube.pp
index 98f33b3..11bedae 100644
--- a/sitemodules/profiles/manifests/roundcube.pp
+++ b/sitemodules/profiles/manifests/roundcube.pp
@@ -242,6 +242,10 @@ class profiles::roundcube (
server_signature => 'Off',
}
class { 'apache::mod::php': }
+ class { 'apache::mod::ssl':
+ ssl_sessiontickets => false,
+ stapling_cache => 'shmcb:logs/ssl_stapling(32768)',
+ }
apache::vhost { "${external_name}-http":
vhost_name => '*',
port => 80,
@@ -275,9 +279,7 @@ class profiles::roundcube (
ssl_protocol => 'all -SSLv3 -TLSv1 -TLSv1.1',
ssl_cipher => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384',
ssl_honorcipherorder => 'on',
- ssl_sessiontickets => false,
ssl_stapling => true,
- stapling_cache => 'shmcb:logs/ssl_stapling(32768)',
directories => [
{
path => '/var/lib/roundcube',