diff options
author | Joona Hoikkala <joohoi@users.noreply.github.com> | 2019-04-02 19:26:58 +0300 |
---|---|---|
committer | Brad Warren <bmw@users.noreply.github.com> | 2019-04-02 19:26:58 +0300 |
commit | fd6702b86951c96192336e4e77fca7d98e1425f3 (patch) | |
tree | 8a801fbd9156d279ddb6db602cdb38345c9ed078 /certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf | |
parent | 1daa3ca07634168945fc35ff44c413c6c94b795d (diff) |
Fix CentOS 6 installer issue (#6784)
In CentOS 6 default httpd configuration, the `LoadModule ssl_module ...` is handled in `conf.d/ssl.conf`. As the `VirtualHost` configuration files in `conf.d/` are loaded in alphabetical order, this means that all files that have `<IfModule mod_ssl.c>` and are loaded before `ssl.conf` are effectively ignored. This PR moves the `LoadModule ssl_module` to the main `httpd.conf` while leaving a conditional `LoadModule` directive in `ssl.conf`.
Features
- Reads the module configuration from `ssl.conf` in case some modifications to paths have been made by the user.
- Falls back to default paths if the directive doesn't exist.
- Moves the `LoadModule` directive in `ssl.conf` inside `<IfModule !mod_ssl.c>` to avoid printing warning messages of duplicate module loads.
- Adds `LoadModule ssl_module` inside of `<IfModule !mod_ssl.c>` to the top of the main `httpd.conf`.
- Ensures that these modifications are not made multiple times.
Fixes: #6606
* Fix CentOS6 installer issue
* Changelog entry
* Address review comments
* Do not enable mod_ssl if multiple different values were found
* Add test comment
* Address rest of the review comments
* Address review comments
* Better ifmodule argument checking
* Test fixes
* Make linter happy
* Raise an exception when differing LoadModule ssl_module statements are found
* If IfModule !mod_ssl.c with LoadModule ssl_module already exists in Augeas path, do not create new LoadModule directive
* Do not use deprecated assertion functions
* Address review comments
* Kick tests
* Revert "Kick tests"
This reverts commit 967bb574c2d7d6175133931826cc2cdb4b997dda.
* Address review comments
* Add pydoc return value to create_ifmod
Diffstat (limited to 'certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf')
-rw-r--r-- | certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf b/certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf new file mode 100644 index 000000000..c1d23c512 --- /dev/null +++ b/certbot-apache/certbot_apache/tests/testdata/centos6_apache/apache/httpd/conf.d/welcome.conf @@ -0,0 +1,11 @@ +# +# This configuration file enables the default "Welcome" +# page if there is no default index page present for +# the root URL. To disable the Welcome page, comment +# out all the lines below. +# +<LocationMatch "^/+$"> + Options -Indexes + ErrorDocument 403 /error/noindex.html +</LocationMatch> + |