diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2016-07-05 16:12:21 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2016-07-05 16:12:21 -0300 |
| commit | 363ac3734f96a68fc8ef65338e6bad6b0800aaba (patch) | |
| tree | a94ff35bc33962f8bb585f98f98f1a7e357f4c9c | |
| parent | 09ed4c4d2e016df21c560a563666a8ebc5fc86ea (diff) | |
| download | puppet-php-363ac3734f96a68fc8ef65338e6bad6b0800aaba.tar.gz puppet-php-363ac3734f96a68fc8ef65338e6bad6b0800aaba.tar.bz2 | |
Adds php::defaults and php::hardened
| -rw-r--r-- | manifests/defaults.pp | 7 | ||||
| -rw-r--r-- | manifests/hardened.pp | 8 | ||||
| -rw-r--r-- | manifests/init.pp | 1 |
3 files changed, 16 insertions, 0 deletions
diff --git a/manifests/defaults.pp b/manifests/defaults.pp new file mode 100644 index 0000000..a8da106 --- /dev/null +++ b/manifests/defaults.pp @@ -0,0 +1,7 @@ +class php::defaults { + php::config { + 'error_reporting' : value => 'E_ALL & ~E_NOTICE', + 'post_max_size' : value => '100M', + 'upload_max_filesize' : value => '100M', + } +} diff --git a/manifests/hardened.pp b/manifests/hardened.pp new file mode 100644 index 0000000..6439b94 --- /dev/null +++ b/manifests/hardened.pp @@ -0,0 +1,8 @@ +class php::hardened { + php::config { + 'allow_url_fopen' : value => 'Off'; + 'allow_url_include' : value => 'Off'; + 'disable_functions' : value => 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, syslog, system_exec'; + #value => 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec', + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 256c3d2..90a15b6 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -67,4 +67,5 @@ class php { } include php::resources + include php::defaults } |