improve vhosts / ssl stuff

- facter out ssl things in a seperate file - introduce 1 vhost per file config
author: mh <mh@immerda.ch> 2010-07-06 00:06:32 +0200
committer: mh <mh@immerda.ch> 2010-07-06 00:08:56 +0200
commit: 29deff66d7dfad609e429a14ad6917b79de5de50 (patch)
tree: a1b8a526c5e07e95be8ff6451216a5269b606f66 /files/conf.d/ssl.conf
parent: 9ff20635fbb0945195f2b562f46efca8f5d13850 (diff)
download: puppet-lighttpd-29deff66d7dfad609e429a14ad6917b79de5de50.tar.gz
puppet-lighttpd-29deff66d7dfad609e429a14ad6917b79de5de50.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/files/conf.d/ssl.conf b/files/conf.d/ssl.conf
new file mode 100644
index 0000000..291fce5
--- /dev/null
+++ b/files/conf.d/ssl.conf
@@ -0,0 +1,6 @@
+$SERVER["socket"] == ":443" {
+     ssl.engine             = "enable" 
+     ssl.pemfile            = "/etc/ssl/private/lighttpd.pem"
+     ssl.use-sslv2          = "disable"
+     ssl.cipher-list        = "HIGH:MEDIUM:!aNULL:!SSLv2:@STRENGTH"
+}
author	mh <mh@immerda.ch>	2010-07-06 00:06:32 +0200
committer	mh <mh@immerda.ch>	2010-07-06 00:08:56 +0200
commit	29deff66d7dfad609e429a14ad6917b79de5de50 (patch)
tree	a1b8a526c5e07e95be8ff6451216a5269b606f66 /files/conf.d/ssl.conf
parent	9ff20635fbb0945195f2b562f46efca8f5d13850 (diff)
download	puppet-lighttpd-29deff66d7dfad609e429a14ad6917b79de5de50.tar.gz puppet-lighttpd-29deff66d7dfad609e429a14ad6917b79de5de50.tar.bz2