Switch last templates to EPP

A lot of work was done to convert the module templates form ERB to EPP,
but a few templates where still to be converted.

Along with various benefits, EPP templates offer better detection for
access to undefined variables.  This refactoring therefore fix a few
issues that where reported while converting.  Also a bunch of outdated
comments about which template use which variable where removed no that
this usage is explicit.

The extensive test suite helped ensure the conversion was not
introducing regressions.

Author: smortex

Diff for: manifests/mod/php.pp

@@ -32,7 +32,7 @@
   Optional[String] $path         = undef,
   Array $extensions              = ['.php'],
   Optional[String] $content      = undef,
-  String $template               = 'apache/mod/php.conf.erb',
+  String $template               = 'apache/mod/php.conf.epp',
   Optional[String] $source       = undef,
   Optional[String] $root_group   = $apache::params::root_group,
   Optional[String] $php_version  = $apache::params::php_version,
@@ -63,9 +63,9 @@
     fail('apache::mod::php requires apache::mod::prefork or apache::mod::itk; please enable mpm_module => \'prefork\' or mpm_module => \'itk\' on Class[\'apache\']')
   }
 
-  if $source and ($content or $template != 'apache/mod/php.conf.erb') {
+  if $source and ($content or $template != 'apache/mod/php.conf.epp') {
     warning('source and content or template parameters are provided. source parameter will be used')
-  } elsif $content and $template != 'apache/mod/php.conf.erb' {
+  } elsif $content and $template != 'apache/mod/php.conf.epp' {
     warning('content and template parameters are provided. content parameter will be used')
   }
 

Diff for: manifests/mod/security.pp

@@ -316,49 +316,30 @@
   }
 
   if $manage_security_crs {
-    # Template uses:
-    # - $_secdefaultaction
-    # - $critical_anomaly_score
-    # - $error_anomaly_score
-    # - $warning_anomaly_score
-    # - $notice_anomaly_score
-    # - $inbound_anomaly_threshold
-    # - $outbound_anomaly_threshold
-    # - $paranoia_level
-    # - $executing_paranoia_level
-    # - $allowed_methods
-    # - $content_types
-    # - $restricted_extensions
-    # - $restricted_headers
-    # - $secrequestmaxnumargs
-    # - $enable_dos_protection
-    # - $dos_burst_time_slice
-    # - $dos_counter_threshold
-    # - $dos_block_timeout
     $security_crs_parameters = {
-      '_secdefaultaction'           => $_secdefaultaction,
-      'critical_anomaly_score'      => $critical_anomaly_score,
-      'error_anomaly_score'         => $error_anomaly_score,
-      'warning_anomaly_score'       => $warning_anomaly_score,
-      'notice_anomaly_score'        => $notice_anomaly_score,
-      'inbound_anomaly_threshold'   => $inbound_anomaly_threshold,
-      'outbound_anomaly_threshold'  => $outbound_anomaly_threshold,
-      'secrequestmaxnumargs'        => $secrequestmaxnumargs,
-      'allowed_methods'             => $allowed_methods,
-      'content_types'               => $content_types,
-      'restricted_extensions'       => $restricted_extensions,
-      'restricted_headers'          => $restricted_headers,
-      'paranoia_level'              => $paranoia_level,
-      'executing_paranoia_level'    => $executing_paranoia_level,
-      'enable_dos_protection'       => $enable_dos_protection,
-      'dos_burst_time_slice'        => $dos_burst_time_slice,
-      'dos_counter_threshold'       => $dos_counter_threshold,
-      'dos_block_timeout'           => $dos_block_timeout,
+      '_secdefaultaction'          => $_secdefaultaction,
+      'critical_anomaly_score'     => $critical_anomaly_score,
+      'error_anomaly_score'        => $error_anomaly_score,
+      'warning_anomaly_score'      => $warning_anomaly_score,
+      'notice_anomaly_score'       => $notice_anomaly_score,
+      'inbound_anomaly_threshold'  => $inbound_anomaly_threshold,
+      'outbound_anomaly_threshold' => $outbound_anomaly_threshold,
+      'secrequestmaxnumargs'       => $secrequestmaxnumargs,
+      'allowed_methods'            => $allowed_methods,
+      'content_types'              => $content_types,
+      'restricted_extensions'      => $restricted_extensions,
+      'restricted_headers'         => $restricted_headers,
+      'paranoia_level'             => $paranoia_level,
+      'executing_paranoia_level'   => $executing_paranoia_level,
+      'enable_dos_protection'      => $enable_dos_protection,
+      'dos_burst_time_slice'       => $dos_burst_time_slice,
+      'dos_counter_threshold'      => $dos_counter_threshold,
+      'dos_block_timeout'          => $dos_block_timeout,
     }
 
     file { "${modsec_dir}/security_crs.conf":
       ensure  => file,
-      content => template('apache/mod/security_crs.conf.erb'),
+      content => epp('apache/mod/security_crs.conf.epp', $security_crs_parameters),
       require => File[$modsec_dir],
       notify  => Class['apache::service'],
     }

Diff for: manifests/mod/status.pp

@@ -40,11 +40,17 @@
   $requires_defaults = 'ip 127.0.0.1 ::1'
 
   # Template uses $extended_status, $status_path
+  $status_params = {
+    'extended_status'   => $extended_status,
+    'status_path'       => $status_path,
+    'requires'          => $requires,
+    'requires_defaults' => $requires_defaults,
+  }
   file { 'status.conf':
     ensure  => file,
     path    => "${apache::mod_dir}/status.conf",
     mode    => $apache::file_mode,
-    content => template('apache/mod/status.conf.erb'),
+    content => epp('apache/mod/status.conf.epp', $status_params),
     require => Exec["mkdir ${apache::mod_dir}"],
     before  => File[$apache::mod_dir],
     notify  => Class['apache::service'],