From 363ac3734f96a68fc8ef65338e6bad6b0800aaba Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Tue, 5 Jul 2016 16:12:21 -0300
Subject: Adds php::defaults and php::hardened

---
 manifests/defaults.pp | 7 +++++++
 manifests/hardened.pp | 8 ++++++++
 manifests/init.pp     | 1 +
 3 files changed, 16 insertions(+)
 create mode 100644 manifests/defaults.pp
 create mode 100644 manifests/hardened.pp

diff --git a/manifests/defaults.pp b/manifests/defaults.pp
new file mode 100644
index 0000000..a8da106
--- /dev/null
+++ b/manifests/defaults.pp
@@ -0,0 +1,7 @@
+class php::defaults {
+  php::config {
+    'error_reporting'     : value => 'E_ALL & ~E_NOTICE',
+    'post_max_size'       : value => '100M',
+    'upload_max_filesize' : value => '100M',
+  }
+}
diff --git a/manifests/hardened.pp b/manifests/hardened.pp
new file mode 100644
index 0000000..6439b94
--- /dev/null
+++ b/manifests/hardened.pp
@@ -0,0 +1,8 @@
+class php::hardened {
+  php::config {
+    'allow_url_fopen'   : value => 'Off';
+    'allow_url_include' : value => 'Off';
+    'disable_functions' : value => 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, syslog, system_exec';
+    #value => 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+  }
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index 256c3d2..90a15b6 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -67,4 +67,5 @@ class php {
   }
 
   include php::resources
+  include php::defaults
 }
-- 
cgit v1.2.3