diff options
| author | Joey Hess <joeyh@joeyh.name> | 2015-02-10 21:55:39 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-02-10 21:55:39 -0400 |
| commit | a407af3f03b31ec653a21ba0e1db49389c68c246 (patch) | |
| tree | c0bbea8c96d8dfb1dd01e9ae5ede266d8bd50c88 /src | |
| parent | 8f813dc87548a88bb28c326745b0399c74e344d8 (diff) | |
propellor spin
Diffstat (limited to 'src')
| -rw-r--r-- | src/Propellor/Property/Apache.hs | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/Propellor/Property/Apache.hs b/src/Propellor/Property/Apache.hs index e598de1f..a7c7e690 100644 --- a/src/Propellor/Property/Apache.hs +++ b/src/Propellor/Property/Apache.hs @@ -70,13 +70,17 @@ reloaded = Service.reloaded "apache2" -- | Configure apache to use SNI to differentiate between -- https hosts. +-- +-- This was off by default in apache 2.2.22. Newver versions enable +-- it by default. This property uses the filename used by the old version. multiSSL :: Property NoInfo -multiSSL = "/etc/apache2/conf.d/ssl" `File.hasContent` - [ "NameVirtualHost *:443" - , "SSLStrictSNIVHostCheck off" - ] - `describe` "apache SNI enabled" - `onChange` reloaded +multiSSL = check (doesDirectoryExist "/etc/apache2/conf.d") $ + "/etc/apache2/conf.d/ssl" `File.hasContent` + [ "NameVirtualHost *:443" + , "SSLStrictSNIVHostCheck off" + ] + `describe` "apache SNI enabled" + `onChange` reloaded -- | Config file fragment that can be inserted into a <Directory> -- stanza to allow global read access to the directory. |