propellor spin

2 files changed, 25 insertions, 18 deletions

diff --git a/src/Propellor/Property/Apache.hs b/src/Propellor/Property/Apache.hs
index a8014999..e6930893 100644
--- a/src/Propellor/Property/Apache.hs
+++ b/src/Propellor/Property/Apache.hs
@@ -68,3 +68,19 @@ multiSSL = "/etc/apache2/conf.d/ssl" `File.hasContent`
 	]
 	`describe` "apache SNI enabled"
 	`onChange` reloaded
+
+-- | Config file fragment that can be inserted into a <Directory>
+-- stanza to allow global read access to the directory.
+--
+-- Works with multiple versions of apache that have different ways to do
+-- it.
+allowAll :: String
+allowAll = unlines
+	[ "<IfVersion < 2.4>"
+	, "Order allow,deny"
+	, "allow from all"
+	, "</IfVersion>"
+	, "<IfVersion >= 2.4>"
+	, "Require all granted"
+	, "</IfVersion>"
+	]
diff --git a/src/Propellor/Property/SiteSpecific/JoeySites.hs b/src/Propellor/Property/SiteSpecific/JoeySites.hs
index 40e1bead..51d3d60c 100644
--- a/src/Propellor/Property/SiteSpecific/JoeySites.hs
+++ b/src/Propellor/Property/SiteSpecific/JoeySites.hs
@@ -61,9 +61,7 @@ oldUseNetServer hosts = propertyList ("olduse.net server")
 		, "  <Directory " ++ datadir ++ "/>"
 		, "    Options Indexes FollowSymlinks"
 		, "    AllowOverride None"
-		-- I had this in the file before.
-		-- This may be needed by a newer version of apache?
-		--, "    Require all granted"
+		, Apache.allowAll
 		, "  </Directory>"
 		]
 	]
@@ -578,9 +576,7 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /var/www>"
 		, "  Options Indexes FollowSymLinks MultiViews ExecCGI Includes"
 		, "  AllowOverride None"
-		, "  Order allow,deny"
-		, "  allow from all"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 		, "ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/"
 
@@ -588,24 +584,19 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /usr/lib/cgi-bin>"
 		, "  AllowOverride None"
 		, "  Options ExecCGI"
-		, "  Order allow,deny"
-		, "  allow from all"
+		, Apache.allowAll
 		, "</Directory>"
 		, "Alias /pipermail/ /var/lib/mailman/archives/public/"
 		, "<Directory /var/lib/mailman/archives/public/>"
 		, "  Options Indexes MultiViews FollowSymlinks"
 		, "  AllowOverride None"
-		, "  Order allow,deny"
-		, "  Allow from all"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 		, "Alias /images/ /usr/share/images/"
 		, "<Directory /usr/share/images/>"
 		, "  Options Indexes MultiViews"
 		, "  AllowOverride None"
-		, "  Order allow,deny"
-		, "  Allow from all"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 
 		, "RewriteEngine On"
@@ -672,7 +663,7 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /home/anna/html/>"
 		, "  Options Indexes ExecCGI"
 		, "  AllowOverride None"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 		]
 	, alias "sows-ear.kitenet.net"
@@ -683,7 +674,7 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /srv/web/sows-ear.kitenet.net>"
 		, "  Options FollowSymLinks"
 		, "  AllowOverride None"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 		]
 	, alias "wortroot.kitenet.net"
@@ -694,7 +685,7 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /srv/web/wortroot.kitenet.net>"
 		, "  Options FollowSymLinks"
 		, "  AllowOverride None"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 		]
 	, alias "joey.kitenet.net"
@@ -703,7 +694,7 @@ legacyWebSites = propertyList "legacy web sites"
 		, "<Directory /home/joey/html/>"
 		, "  Options Indexes ExecCGI"
 		, "  AllowOverride None"
-		, "  Require all granted"
+		, Apache.allowAll
 		, "</Directory>"
 
 		, "RewriteEngine On"