From 6fa377cde914087107ea7846198e94be95607b13 Mon Sep 17 00:00:00 2001
From: Sean Alderman <salderman1@udayton.edu>
Date: Thu, 19 Feb 2015 13:35:44 -0500
Subject: [PATCH 1/3] adding support to manage default ssl.conf file

---
 manifests/params.pp |  2 ++
 manifests/ssl.pp    | 41 +++++++++++++++++++++++++++++++----------
 2 files changed, 33 insertions(+), 10 deletions(-)

diff --git a/manifests/params.pp b/manifests/params.pp
index dcce4b8..cb737f4 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -119,6 +119,8 @@
 
   $port = '80'
   $ssl_port = '443'
+  $ssl_source = ''
+  $ssl_template = ''
   $protocol = 'tcp'
 
   # General Settings
diff --git a/manifests/ssl.pp b/manifests/ssl.pp
index 6d0f6d7..96645fa 100644
--- a/manifests/ssl.pp
+++ b/manifests/ssl.pp
@@ -2,10 +2,24 @@
 #
 # Apache resources specific for SSL
 #
-class apache::ssl {
+class apache::ssl (
+  $ssl_port            = params_lookup( 'ssl_port' ),
+  $ssl_source          = params_lookup( 'ssl_source' ),
+  $ssl_template        = params_lookup( 'ssl_template' ),
+  ) inherits apache::params {
 
   include apache
 
+  $manage_ssl_file_source = $apache::ssl::ssl_source ? {
+    '' => undef,
+    default => $apache::ssl::ssl_source,
+  }
+
+  $manage_ssl_file_content = $apache::ssl::ssl_template ? {
+    '' => undef,
+    default => template($apache::ssl::ssl_template),
+  }
+
   case $::operatingsystem {
     ubuntu,debian,mint: {
       exec { 'enable-ssl':
@@ -22,11 +36,18 @@
         require => Package['apache'],
         notify  => Service['apache'],
       }
-      file { "${apache::config_dir}/ssl.conf":
-        mode   => '0644',
-        owner  => 'root',
-        group  => 'root',
-        notify => Service['apache'],
+      file { 'ssl.conf':
+        ensure => $apache::manage_file,
+        path => "${apache::ssl::dotconf_dir}/ssl.conf",
+        mode => $apache::config_file_mode,
+        owner => $apache::config_file_owner,
+        group => $apache::config_file_group,
+        require => Package['mod_ssl'],
+        notify => $apache::manage_service_autorestart,
+        source => $apache::ssl::manage_ssl_file_source,
+        content => $apache::ssl::manage_ssl_file_content,
+        replace => $apache::manage_file_replace,
+        audit => $apache::manage_audit,
       }
       file {['/var/cache/mod_ssl', '/var/cache/mod_ssl/scache']:
         ensure  => directory,
@@ -41,9 +62,9 @@
 
   ### Port monitoring, if enabled ( monitor => true )
   if $apache::bool_monitor == true {
-    monitor::port { "apache_${apache::protocol}_${apache::ssl_port}":
+    monitor::port { "apache_${apache::protocol}_${apache::ssl::ssl_port}":
       protocol => $apache::protocol,
-      port     => $apache::ssl_port,
+      port     => $apache::ssl::ssl_port,
       target   => $apache::monitor_target,
       tool     => $apache::monitor_tool,
       enable   => $apache::manage_monitor,
@@ -52,11 +73,11 @@
 
   ### Firewall management, if enabled ( firewall => true )
   if $apache::bool_firewall == true {
-    firewall { "apache_${apache::protocol}_${apache::ssl_port}":
+    firewall { "apache_${apache::protocol}_${apache::ssl::ssl_port}":
       source      => $apache::firewall_src,
       destination => $apache::firewall_dst,
       protocol    => $apache::protocol,
-      port        => $apache::ssl_port,
+      port        => $apache::ssl::ssl_port,
       action      => 'allow',
       direction   => 'input',
       tool        => $apache::firewall_tool,

From a96426f1a596862defa574dfdd81ca07b2cf33e7 Mon Sep 17 00:00:00 2001
From: Sean Alderman <salderman1@udayton.edu>
Date: Thu, 19 Feb 2015 15:13:25 -0500
Subject: [PATCH 2/3] update README for apache::ssl config file management

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index 08a459e..7852c70 100644
--- a/README.md
+++ b/README.md
@@ -32,6 +32,14 @@ For detailed info about the logic and usage patterns of Example42 modules read R
 
         include apache::ssl
 
+	class { 'apache::ssl':
+	  ssl_template => 'example42/apache/ssl.conf.erb',
+	}
+
+	class { 'apache::ssl':
+	  ssl_source => [ "puppet:///modules/lab42/apache/ssl.conf-${hostname}" , "puppet:///modules/lab42/apache/ssl.conf" ],
+	}
+
 
 * Manage basic auth users (Here user joe is created with the $crypt_password on the defined htpasswd_file
 

From b9d1c4ba0c9ac9fc7e437f08eb7d81efe85fe672 Mon Sep 17 00:00:00 2001
From: Sean Alderman <salderman1@udayton.edu>
Date: Thu, 19 Feb 2015 16:06:24 -0500
Subject: [PATCH 3/3] fixup puppet-lint indentation warnings

---
 manifests/ssl.pp | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/manifests/ssl.pp b/manifests/ssl.pp
index 96645fa..f5386a0 100644
--- a/manifests/ssl.pp
+++ b/manifests/ssl.pp
@@ -37,17 +37,17 @@
         notify  => Service['apache'],
       }
       file { 'ssl.conf':
-        ensure => $apache::manage_file,
-        path => "${apache::ssl::dotconf_dir}/ssl.conf",
-        mode => $apache::config_file_mode,
-        owner => $apache::config_file_owner,
-        group => $apache::config_file_group,
+        ensure  => $apache::manage_file,
+        path    => "${apache::ssl::dotconf_dir}/ssl.conf",
+        mode    => $apache::config_file_mode,
+        owner   => $apache::config_file_owner,
+        group   => $apache::config_file_group,
         require => Package['mod_ssl'],
-        notify => $apache::manage_service_autorestart,
-        source => $apache::ssl::manage_ssl_file_source,
+        notify  => $apache::manage_service_autorestart,
+        source  => $apache::ssl::manage_ssl_file_source,
         content => $apache::ssl::manage_ssl_file_content,
         replace => $apache::manage_file_replace,
-        audit => $apache::manage_audit,
+        audit   => $apache::manage_audit,
       }
       file {['/var/cache/mod_ssl', '/var/cache/mod_ssl/scache']:
         ensure  => directory,