summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/Apache.hs
diff options
context:
space:
mode:
authorJoey Hess2015-02-12 12:35:26 -0400
committerJoey Hess2015-02-12 12:35:26 -0400
commitcb67eb1d08ec4cae991c2933624f12fbb68a7b03 (patch)
treecb0dccfee84fa16ef2343487866d1ca08e146ec3 /src/Propellor/Property/Apache.hs
parent9a26a49f510f6880d1e19ad6e4393e8d54395240 (diff)
parentda77276378ecbed7d6434145793bfb209c731b76 (diff)
Merge branch 'joeyconfig'
Conflicts: privdata.joey/privdata.gpg
Diffstat (limited to 'src/Propellor/Property/Apache.hs')
-rw-r--r--src/Propellor/Property/Apache.hs16
1 files changed, 10 insertions, 6 deletions
diff --git a/src/Propellor/Property/Apache.hs b/src/Propellor/Property/Apache.hs
index e598de1f..a7c7e690 100644
--- a/src/Propellor/Property/Apache.hs
+++ b/src/Propellor/Property/Apache.hs
@@ -70,13 +70,17 @@ reloaded = Service.reloaded "apache2"
-- | Configure apache to use SNI to differentiate between
-- https hosts.
+--
+-- This was off by default in apache 2.2.22. Newver versions enable
+-- it by default. This property uses the filename used by the old version.
multiSSL :: Property NoInfo
-multiSSL = "/etc/apache2/conf.d/ssl" `File.hasContent`
- [ "NameVirtualHost *:443"
- , "SSLStrictSNIVHostCheck off"
- ]
- `describe` "apache SNI enabled"
- `onChange` reloaded
+multiSSL = check (doesDirectoryExist "/etc/apache2/conf.d") $
+ "/etc/apache2/conf.d/ssl" `File.hasContent`
+ [ "NameVirtualHost *:443"
+ , "SSLStrictSNIVHostCheck off"
+ ]
+ `describe` "apache SNI enabled"
+ `onChange` reloaded
-- | Config file fragment that can be inserted into a <Directory>
-- stanza to allow global read access to the directory.