Remove deprecated $proxy_ips and $trusted_proxy_ips parameters

ekohl · ekohl · commit 6168ce0f8681 · 2024-01-02T15:35:52.000+01:00
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -5720,13 +5720,11 @@ The following parameters are available in the `apache::mod::remoteip` class:
 
 * [`header`](#-apache--mod--remoteip--header)
 * [`internal_proxy`](#-apache--mod--remoteip--internal_proxy)
-* [`proxy_ips`](#-apache--mod--remoteip--proxy_ips)
 * [`internal_proxy_list`](#-apache--mod--remoteip--internal_proxy_list)
 * [`proxies_header`](#-apache--mod--remoteip--proxies_header)
 * [`proxy_protocol`](#-apache--mod--remoteip--proxy_protocol)
 * [`proxy_protocol_exceptions`](#-apache--mod--remoteip--proxy_protocol_exceptions)
 * [`trusted_proxy`](#-apache--mod--remoteip--trusted_proxy)
-* [`trusted_proxy_ips`](#-apache--mod--remoteip--trusted_proxy_ips)
 * [`trusted_proxy_list`](#-apache--mod--remoteip--trusted_proxy_list)
 
 ##### <a name="-apache--mod--remoteip--header"></a>`header`
@@ -5739,22 +5737,14 @@ Default value: `'X-Forwarded-For'`
 
 ##### <a name="-apache--mod--remoteip--internal_proxy"></a>`internal_proxy`
 
-Data type: `Optional[Array[Stdlib::Host]]`
+Data type: `Array[Stdlib::Host]`
 
 A list of IP addresses, IP blocks or hostname that are trusted to set a
-valid value inside specified header. Unlike the `$trusted_proxy_ips`
+valid value inside specified header. Unlike the `$trusted_proxy`
 parameter, any IP address (including private addresses) presented by these
 proxies will trusted by `mod_remoteip`.
 
-Default value: `undef`
-
-##### <a name="-apache--mod--remoteip--proxy_ips"></a>`proxy_ips`
-
-Data type: `Optional[Array[Stdlib::Host]]`
-
-*Deprecated*: use `$internal_proxy` instead.
-
-Default value: `undef`
+Default value: `['127.0.0.1']`
 
 ##### <a name="-apache--mod--remoteip--internal_proxy_list"></a>`internal_proxy_list`
 
@@ -5805,14 +5795,6 @@ any private IP presented by these proxies will be disgarded by
 
 Default value: `undef`
 
-##### <a name="-apache--mod--remoteip--trusted_proxy_ips"></a>`trusted_proxy_ips`
-
-Data type: `Optional[Array[Stdlib::Host]]`
-
-*Deprecated*: use `$trusted_proxy` instead.
-
-Default value: `undef`
-
 ##### <a name="-apache--mod--remoteip--trusted_proxy_list"></a>`trusted_proxy_list`
 
 Data type: `Optional[Stdlib::Absolutepath]`
diff --git a/manifests/mod/remoteip.pp b/manifests/mod/remoteip.pp
@@ -8,13 +8,10 @@
 #
 # @param internal_proxy
 #   A list of IP addresses, IP blocks or hostname that are trusted to set a
-#   valid value inside specified header. Unlike the `$trusted_proxy_ips`
+#   valid value inside specified header. Unlike the `$trusted_proxy`
 #   parameter, any IP address (including private addresses) presented by these
 #   proxies will trusted by `mod_remoteip`.
 #
-# @param proxy_ips
-#   *Deprecated*: use `$internal_proxy` instead.
-#
 # @param internal_proxy_list
 #   The path to a file containing a list of IP addresses, IP blocks or hostname
 #   that are trusted to set a valid value inside the specified header. See
@@ -39,9 +36,6 @@
 #   any private IP presented by these proxies will be disgarded by
 #   `mod_remoteip`.
 #
-# @param trusted_proxy_ips
-#   *Deprecated*: use `$trusted_proxy` instead.
-#
 # @param trusted_proxy_list
 #   The path to a file containing a list of IP addresses, IP blocks or hostname
 #   that are trusted to set a valid value inside the specified header. See
@@ -51,44 +45,26 @@
 #
 class apache::mod::remoteip (
   String                                                     $header                    = 'X-Forwarded-For',
-  Optional[Array[Stdlib::Host]]                              $internal_proxy            = undef,
-  Optional[Array[Stdlib::Host]]                              $proxy_ips                 = undef,
+  Array[Stdlib::Host]                                        $internal_proxy            = ['127.0.0.1'],
   Optional[Stdlib::Absolutepath]                             $internal_proxy_list       = undef,
   Optional[String]                                           $proxies_header            = undef,
   Boolean                                                    $proxy_protocol            = false,
   Optional[Array[Stdlib::Host]]                              $proxy_protocol_exceptions = undef,
   Optional[Array[Stdlib::Host]]                              $trusted_proxy             = undef,
-  Optional[Array[Stdlib::Host]]                              $trusted_proxy_ips         = undef,
   Optional[Stdlib::Absolutepath]                             $trusted_proxy_list        = undef,
 ) {
   include apache
 
-  if $proxy_ips {
-    deprecation('apache::mod::remoteip::proxy_ips', 'This parameter is deprecated, please use `internal_proxy`.')
-    $_internal_proxy = $proxy_ips
-  } elsif $internal_proxy {
-    $_internal_proxy = $internal_proxy
-  } else {
-    $_internal_proxy = ['127.0.0.1']
-  }
-
-  if $trusted_proxy_ips {
-    deprecation('apache::mod::remoteip::trusted_proxy_ips', 'This parameter is deprecated, please use `trusted_proxy`.')
-    $_trusted_proxy = $trusted_proxy_ips
-  } else {
-    $_trusted_proxy = $trusted_proxy
-  }
-
   ::apache::mod { 'remoteip': }
 
   $template_parameters = {
     header                    => $header,
-    internal_proxy            => $_internal_proxy,
+    internal_proxy            => $internal_proxy,
     internal_proxy_list       => $internal_proxy_list,
     proxies_header            => $proxies_header,
     proxy_protocol            => $proxy_protocol,
     proxy_protocol_exceptions => $proxy_protocol_exceptions,
-    trusted_proxy             => $_trusted_proxy,
+    trusted_proxy             => $trusted_proxy,
     trusted_proxy_list        => $trusted_proxy_list,
   }
 
diff --git a/spec/classes/mod/remoteip_spec.rb b/spec/classes/mod/remoteip_spec.rb
@@ -46,31 +46,6 @@
       it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) }
     end
 
-    describe 'with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do
-      let :params do
-        { proxy_ips: ['10.42.17.8', '10.42.18.99'] }
-      end
-
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.17.8$}) }
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 10.42.18.99$}) }
-    end
-
-    describe 'with IPv4 CIDR in proxy_ips => [ 192.168.1.0/24 ]' do
-      let :params do
-        { proxy_ips: ['192.168.1.0/24'] }
-      end
-
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy 192.168.1.0/24$}) }
-    end
-
-    describe 'with IPv6 CIDR in proxy_ips => [ fd00:fd00:fd00:2000::/64 ]' do
-      let :params do
-        { proxy_ips: ['fd00:fd00:fd00:2000::/64'] }
-      end
-
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPInternalProxy fd00:fd00:fd00:2000::/64$}) }
-    end
-
     describe 'with trusted_proxy => [ 10.42.17.8, 10.42.18.99 ]' do
       let :params do
         { trusted_proxy: ['10.42.17.8', '10.42.18.99'] }
@@ -80,15 +55,6 @@
       it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) }
     end
 
-    describe 'with trusted_proxy_ips => [ 10.42.17.8, 10.42.18.99 ]' do
-      let :params do
-        { trusted_proxy: ['10.42.17.8', '10.42.18.99'] }
-      end
-
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.17.8$}) }
-      it { is_expected.to contain_file('remoteip.conf').with_content(%r{^RemoteIPTrustedProxy 10.42.18.99$}) }
-    end
-
     describe 'with proxy_protocol_exceptions => [ 10.42.17.8, 10.42.18.99 ]' do
       let :params do
         { proxy_protocol_exceptions: ['10.42.17.8', '10.42.18.99'] }
