paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-11 17:36:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
04a6696e3314c3a25af783670381bc3f70e68f2d
zulip/puppet/zulip_ops/manifests/apache.pp
Alex Vandiver e8123dfeea puppet: Match the x bits on directories to what puppet actually does. 
Puppet _always_ sets the `+x` bit on directories if they have the `r`
bit set for that slot[^1]:

> When specifying numeric permissions for directories, Puppet sets the
> search permission wherever the read permission is set.

As such, for instance, `0640` is actually applied as `0750`.

Fix what we "want" to match what puppet is applying, by adding the `x`
bit.  In none of these cases did we actually intend the directory to
not be executable.

[1] https://www.puppet.com/docs/puppet/5.5/types/file.html#file-attribute-mode
2023-01-26 15:06:01 -08:00

43 lines
1.1 KiB
Puppet
Raw Blame History

class zulip_ops::apache {
$apache_packages = [# Needed to run Apache with WSGI
'apache2',
'libapache2-mod-wsgi',
]
package { $apache_packages: ensure => installed }
service { 'apache2':
require => Package['apache2'],
}
apache2mod { [ 'headers', 'proxy', 'proxy_http', 'rewrite', 'auth_digest', 'ssl' ]:
ensure => present,
require => Package['apache2'],
notify => Service['apache2'],
}
file { '/etc/apache2/certs/':
ensure => directory,
require => Package['apache2'],
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/etc/apache2/ports.conf':
ensure => file,
require => Package[apache2],
owner => 'root',
group => 'root',
mode => '0640',
source => 'puppet:///modules/zulip_ops/apache/ports.conf',
notify => Service['apache2'],
}
file { '/etc/apache2/sites-available/':
ensure => directory,
require => Package[apache2],
owner => 'root',
group => 'root',
mode => '0750',
}
}
Reference in New Issue View Git Blame Copy Permalink