From bf7ce40e2fe7e28dab11ee2fb0ae26a50b5fa8bd Mon Sep 17 00:00:00 2001
From: Danilo Ramalho <dramalho@thoughtworks.com>
Date: Mon, 28 Sep 2015 17:13:14 -0300
Subject: [PATCH] Grant access for vhosts on Apache >= 2.4

Apache's configuration for access control has changed on 2.4. To allow
access to served directories we need to include the new directive
"Require grant all".

We scoped the configuration to only be applied on Apache 2.4. More
information can be viewed on the Apache's upgrade document[1].

The tests were changed to ensure that the configuration is working
without any extra override, as the extra test vhost is on a custom
directory that requires the template to grant access to it.

[1] http://httpd.apache.org/docs/trunk/upgrading.html

Change-Id: I898ca049c5b3592cb70ad8c22eba8d4c681f3b22
Co-Authored-By: Bruno Tavares <btavare@thoughtworks.com>
---
 spec/acceptance/fixtures/default.pp | 6 ------
 templates/vhost-default.conf.erb    | 3 +++
 templates/vhost-proxy.conf.erb      | 3 +++
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/spec/acceptance/fixtures/default.pp b/spec/acceptance/fixtures/default.pp
index ebd192d..5b7ef43 100644
--- a/spec/acceptance/fixtures/default.pp
+++ b/spec/acceptance/fixtures/default.pp
@@ -13,12 +13,6 @@ httpd::vhost { 'localhost':
 # Enable a secondary port to test proxy and redirect modules
 $override = '
 Listen 8080
-<Directory "/html">
-  Options All
-  AllowOverride All
-  Require all granted
-  Allow from all
-</Directory>
 '
 file { "${::httpd::params::vdir}override.conf":
   content => $override,
diff --git a/templates/vhost-default.conf.erb b/templates/vhost-default.conf.erb
index fdc8336..f960f79 100644
--- a/templates/vhost-default.conf.erb
+++ b/templates/vhost-default.conf.erb
@@ -18,6 +18,9 @@ NameVirtualHost <%= @vhost_name %>:<%= @port %>
     Order allow,deny
     allow from all
     Satisfy any
+    <IfVersion >= 2.4>
+      Require all granted
+    </IfVersion>
   </Directory>
   ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_error.log
   LogLevel warn
diff --git a/templates/vhost-proxy.conf.erb b/templates/vhost-proxy.conf.erb
index 05c6a8a..b40f8b3 100644
--- a/templates/vhost-proxy.conf.erb
+++ b/templates/vhost-proxy.conf.erb
@@ -15,6 +15,9 @@ NameVirtualHost <%= @vhost_name %>:<%= @port %>
    <Proxy *>
      Order deny,allow
      Allow from all
+    <IfVersion >= 2.4>
+      Require all granted
+    </IfVersion>
    </Proxy>
    ProxyPass        / <%= @dest %>/
    ProxyPassReverse / <%= @dest %>/