Adds php::defaults and php::hardened

diff --git a/manifests/defaults.pp b/manifests/defaults.pp
new file mode 100644 (file)
index 0000000..a8da106
--- /dev/null
+++ b/manifests/defaults.pp
@@ -0,0 +1,7 @@
+class php::defaults {
+  php::config {
+    'error_reporting'     : value => 'E_ALL & ~E_NOTICE',
+    'post_max_size'       : value => '100M',
+    'upload_max_filesize' : value => '100M',
+  }
+}

diff --git a/manifests/hardened.pp b/manifests/hardened.pp
new file mode 100644 (file)
index 0000000..6439b94
--- /dev/null
+++ b/manifests/hardened.pp
@@ -0,0 +1,8 @@
+class php::hardened {
+  php::config {
+    'allow_url_fopen'   : value => 'Off';
+    'allow_url_include' : value => 'Off';
+    'disable_functions' : value => 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, syslog, system_exec';
+    #value => 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+  }
+}

diff --git a/manifests/init.pp b/manifests/init.pp
index 256c3d249ac03270a26dc1db65daedfc3e841e49..90a15b6d93dbbba03706d4d5248dc05263793ea1 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -67,4 +67,5 @@ class php {
   }
 
   include php::resources
+  include php::defaults
 }