From 07e045412696c7bbc515d03173180986e9a7d0be Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 2 Jan 2024 15:29:31 +0100 Subject: [PATCH] Remove deprecated $proxy_ips and $trusted_proxy_ips parameters --- manifests/mod/remoteip.pp | 32 ++++------------------------- spec/classes/mod/remoteip_spec.rb | 34 ------------------------------- 2 files changed, 4 insertions(+), 62 deletions(-) diff --git a/manifests/mod/remoteip.pp b/manifests/mod/remoteip.pp index 9435e00f20..800db0b4a7 100644 --- a/manifests/mod/remoteip.pp +++ b/manifests/mod/remoteip.pp @@ -8,13 +8,10 @@ # # @param internal_proxy # A list of IP addresses, IP blocks or hostname that are trusted to set a -# valid value inside specified header. Unlike the `$trusted_proxy_ips` +# valid value inside specified header. Unlike the `$trusted_proxy` # parameter, any IP address (including private addresses) presented by these # proxies will trusted by `mod_remoteip`. # -# @param proxy_ips -# *Deprecated*: use `$internal_proxy` instead. -# # @param internal_proxy_list # The path to a file containing a list of IP addresses, IP blocks or hostname # that are trusted to set a valid value inside the specified header. See @@ -39,9 +36,6 @@ # any private IP presented by these proxies will be disgarded by # `mod_remoteip`. # -# @param trusted_proxy_ips -# *Deprecated*: use `$trusted_proxy` instead. -# # @param trusted_proxy_list # The path to a file containing a list of IP addresses, IP blocks or hostname # that are trusted to set a valid value inside the specified header. See @@ -51,44 +45,26 @@ # class apache::mod::remoteip ( String $header = 'X-Forwarded-For', - Optional[Array[Stdlib::Host]] $internal_proxy = undef, - Optional[Array[Stdlib::Host]] $proxy_ips = undef, + Array[Stdlib::Host] $internal_proxy = ['127.0.0.1'], Optional[Stdlib::Absolutepath] $internal_proxy_list = undef, Optional[String] $proxies_header = undef, Boolean $proxy_protocol = false, Optional[Array[Stdlib::Host]] $proxy_protocol_exceptions = undef, Optional[Array[Stdlib::Host]] $trusted_proxy = undef, - Optional[Array[Stdlib::Host]] $trusted_proxy_ips = undef, Optional[Stdlib::Absolutepath] $trusted_proxy_list = undef, ) { include apache - if $proxy_ips { - deprecation('apache::mod::remoteip::proxy_ips', 'This parameter is deprecated, please use `internal_proxy`.') - $_internal_proxy = $proxy_ips - } elsif $internal_proxy { - $_internal_proxy = $internal_proxy - } else { - $_internal_proxy = ['127.0.0.1'] - } - - if $trusted_proxy_ips { - deprecation('apache::mod::remoteip::trusted_proxy_ips', 'This parameter is deprecated, please use `trusted_proxy`.') - $_trusted_proxy = $trusted_proxy_ips - } else { - $_trusted_proxy = $trusted_proxy - } - ::apache::mod { 'remoteip': } $template_parameters = { header => $header, - internal_proxy => $_internal_proxy, + internal_proxy => $internal_proxy, internal_proxy_list => $internal_proxy_list, proxies_header => $proxies_header, proxy_protocol => $proxy_protocol, proxy_protocol_exceptions => $proxy_protocol_exceptions, - trusted_proxy => $_trusted_proxy, + trusted_proxy => $trusted_proxy, trusted_proxy_list => $trusted_proxy_list, } diff --git a/spec/classes/mod/remoteip_spec.rb b/spec/classes/mod/remoteip_spec.rb index 2ab7ee72aa..64847927e2 100644 --- a/spec/classes/mod/remoteip_spec.rb +++ b/spec/classes/mod/remoteip_spec.rb @@ -46,31 +46,6 @@ it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) } end - describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do - let :params do - { proxy_ips: ['10.42.17.8', '10.42.18.99'] } - end - - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.17.8$}) } - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.18.99$}) } - end - - describe 'with IPv4 CIDR in proxy_ips => [ 192.168.1.0/24 ]' do - let :params do - { proxy_ips: ['192.168.1.0/24'] } - end - - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 192.168.1.0/24$}) } - end - - describe 'with IPv6 CIDR in proxy_ips => [ fd00:fd00:fd00:2000::/64 ]' do - let :params do - { proxy_ips: ['fd00:fd00:fd00:2000::/64'] } - end - - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) } - end - describe 'with trusted_proxy => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { trusted_proxy: ['10.42.17.8', '10.42.18.99'] } @@ -80,15 +55,6 @@ it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) } end - describe 'with trusted_proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do - let :params do - { trusted_proxy: ['10.42.17.8', '10.42.18.99'] } - end - - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.17.8$}) } - it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) } - end - describe 'with proxy_protocol_exceptions => [ 10.42.17.8, 10.42.18.99 ]' do let :params do { proxy_protocol_exceptions: ['10.42.17.8', '10.42.18.99'] }