diff --git a/.puppet-lint.rc b/.puppet-lint.rc
index 6d61fb07e3..1a73fe3400 100644
--- a/.puppet-lint.rc
+++ b/.puppet-lint.rc
@@ -1,2 +1,3 @@
 --relative
 --no-anchor_resource-check
+--no-140chars-check
diff --git a/.sync.yml b/.sync.yml
index 0ec6e5c8dd..354e9e1eac 100644
--- a/.sync.yml
+++ b/.sync.yml
@@ -38,3 +38,4 @@ changelog_since_tag: "3.2.0"
 Rakefile:
   extra_disabled_lint_checks:
     - anchor_resource
+    - 140chars
diff --git a/README.md b/README.md
index 421f9af426..9237db0d8f 100755
--- a/README.md
+++ b/README.md
@@ -316,7 +316,7 @@ When you declare this class with the default options, the module:
 
 - Installs the appropriate Apache software package and [required Apache modules][`default_mods`] for your operating system.
 - Places the required configuration files in a directory, with the [default location][`conf_dir`] Depends on operating system.
-- Configures the server with a default virtual host and standard port ('80') and address ('\*') bindings.
+- Configures the server with a default virtual host and standard port (80) and address ('\*') bindings.
 - Creates a document root directory Depends on operating system, typically `/var/www`.
 - Starts the Apache service.
 
@@ -345,7 +345,7 @@ To configure basic [name-based virtual hosts][], specify the [`port`][] and [`do
 
 ``` puppet
 apache::vhost { 'vhost.example.com':
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/vhost',
 }
 ```
@@ -358,7 +358,7 @@ To configure user and group ownership for `docroot`, use the [`docroot_owner`][]
 
 ``` puppet
 apache::vhost { 'user.example.com':
-  port          => '80',
+  port          => 80,
   docroot       => '/var/www/user',
   docroot_owner => 'www-data',
   docroot_group => 'www-data',
@@ -367,11 +367,11 @@ apache::vhost { 'user.example.com':
 
 #### Configuring virtual hosts with SSL
 
-To configure a virtual host to use [SSL encryption][] and default SSL certificates, set the [`ssl`][] parameter. You must also specify the [`port`][] parameter, typically with a value of '443', to accommodate HTTPS requests:
+To configure a virtual host to use [SSL encryption][] and default SSL certificates, set the [`ssl`][] parameter. You must also specify the [`port`][] parameter, typically with a value of 443, to accommodate HTTPS requests:
 
 ``` puppet
 apache::vhost { 'ssl.example.com':
-  port    => '443',
+  port    => 443,
   docroot => '/var/www/ssl',
   ssl     => true,
 }
@@ -381,7 +381,7 @@ To configure a virtual host to use SSL and specific SSL certificates, use the pa
 
 ``` puppet
 apache::vhost { 'cert.example.com':
-  port     => '443',
+  port     => 443,
   docroot  => '/var/www/cert',
   ssl      => true,
   ssl_cert => '/etc/ssl/fourth.example.com.cert',
@@ -395,14 +395,14 @@ To configure a mix of SSL and unencrypted virtual hosts at the same domain, decl
 # The non-ssl virtual host
 apache::vhost { 'mix.example.com non-ssl':
   servername => 'mix.example.com',
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/mix',
 }
 
 # The SSL virtual host at the same domain
 apache::vhost { 'mix.example.com ssl':
   servername => 'mix.example.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/mix',
   ssl        => true,
 }
@@ -413,7 +413,7 @@ To configure a virtual host to redirect unencrypted connections to SSL, declare
 ``` puppet
 apache::vhost { 'redirect.example.com non-ssl':
   servername      => 'redirect.example.com',
-  port            => '80',
+  port            => 80,
   docroot         => '/var/www/redirect',
   redirect_status => 'permanent',
   redirect_dest   => 'https://redirect.example.com/'
@@ -421,7 +421,7 @@ apache::vhost { 'redirect.example.com non-ssl':
 
 apache::vhost { 'redirect.example.com ssl':
   servername => 'redirect.example.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/redirect',
   ssl        => true,
 }
@@ -434,7 +434,7 @@ Virtual hosts listen on all IP addresses ('\*') by default. To configure the vir
 ``` puppet
 apache::vhost { 'ip.example.com':
   ip      => '127.0.0.1',
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/ip',
 }
 ```
@@ -444,7 +444,7 @@ You can also configure more than one IP address per virtual host by using an arr
 ``` puppet
 apache::vhost { 'ip.example.com':
   ip      => ['127.0.0.1','169.254.1.1'],
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/ip',
 }
 ```
@@ -454,7 +454,7 @@ You can configure multiple ports per virtual host by using an array of ports for
 ``` puppet
 apache::vhost { 'ip.example.com':
   ip      => ['127.0.0.1'],
-  port    => ['80','8080']
+  port    => [80, 8080]
   docroot => '/var/www/ip',
 }
 ```
@@ -467,7 +467,7 @@ apache::vhost { 'aliases.example.com':
     'aliases.example.org',
     'aliases.example.net',
   ],
-  port          => '80',
+  port          => 80,
   docroot       => '/var/www/aliases',
 }
 ```
@@ -477,7 +477,7 @@ To set up a virtual host with a wildcard alias for the subdomain mapped to a dir
 ``` puppet
 apache::vhost { 'subdomain.loc':
   vhost_name      => '*',
-  port            => '80',
+  port            => 80,
   virtual_docroot => '/var/www/%-2+',
   docroot         => '/var/www',
   serveraliases   => ['*.loc',],
@@ -488,7 +488,7 @@ To configure a virtual host with [filter rules][], pass the filter directives as
 
 ``` puppet
 apache::vhost { 'subdomain.loc':
-  port    => '80',
+  port    => 80,
   filters => [
     'FilterDeclare  COMPRESS',
     'FilterProvider COMPRESS DEFLATE resp=Content-Type $text/html',
@@ -505,13 +505,13 @@ To configure a virtual host to use the [Web Server Gateway Interface][] (WSGI) f
 
 ``` puppet
 apache::vhost { 'wsgi.example.com':
-  port                        => '80',
+  port                        => 80,
   docroot                     => '/var/www/pythonapp',
   wsgi_application_group      => '%{GLOBAL}',
   wsgi_daemon_process         => 'wsgi',
   wsgi_daemon_process_options => {
-    processes    => '2',
-    threads      => '15',
+    processes    => 2,
+    threads      => 15,
     display-name => '%{GROUP}',
   },
   wsgi_import_script          => '/var/www/demo.wsgi',
@@ -528,7 +528,7 @@ As of Apache 2.2.16, Apache supports [FallbackResource][], a simple replacement
 
 ``` puppet
 apache::vhost { 'wordpress.example.com':
-  port             => '80',
+  port             => 80,
   docroot          => '/var/www/wordpress',
   fallbackresource => '/index.php',
 }
@@ -540,7 +540,7 @@ To configure a virtual host with a designated directory for [Common Gateway Inte
 
 ``` puppet
 apache::vhost { 'cgi.example.com':
-  port        => '80',
+  port        => 80,
   docroot     => '/var/www/cgi',
   scriptalias => '/usr/lib/cgi-bin',
 }
@@ -550,7 +550,7 @@ To configure a virtual host for [Rack][], use the [`rack_base_uri`][] parameter:
 
 ``` puppet
 apache::vhost { 'rack.example.com':
-  port           => '80',
+  port           => 80,
   docroot        => '/var/www/rack',
   rack_base_uri => ['/rackapp1', '/rackapp2'],
 }
@@ -590,7 +590,7 @@ In this example, we add two IP-based virtual hosts on an IP address (in this exa
 apache::vhost { 'The first IP-based virtual host, non-ssl':
   servername => 'first.example.com',
   ip         => '10.0.0.10',
-  port       => '80',
+  port       => 80,
   ip_based   => true,
   docroot    => '/var/www/first',
 }
@@ -598,7 +598,7 @@ apache::vhost { 'The first IP-based virtual host, non-ssl':
 apache::vhost { 'The first IP-based vhost, ssl':
   servername => 'first.example.com',
   ip         => '10.0.0.10',
-  port       => '443',
+  port       => 443,
   ip_based   => true,
   docroot    => '/var/www/first-ssl',
   ssl        => true,
@@ -610,13 +610,13 @@ Next, we add two name-based virtual hosts listening on a second IP address (10.0
 ``` puppet
 apache::vhost { 'second.example.com':
   ip      => '10.0.0.20',
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/second',
 }
 
 apache::vhost { 'third.example.com':
   ip      => '10.0.0.20',
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/third',
 }
 ```
@@ -625,13 +625,13 @@ To add name-based virtual hosts that answer on either 10.0.0.10 or 10.0.0.20, yo
 
 ``` puppet
 apache::vhost { 'fourth.example.com':
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/fourth',
   add_listen => false,
 }
 
 apache::vhost { 'fifth.example.com':
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/fifth',
   add_listen => false,
 }
diff --git a/REFERENCE.md b/REFERENCE.md
index 0c030b4697..02ef6f1dca 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -940,7 +940,7 @@ Data type: `Any`
 Sets Apache's `TimeOut` directive, which defines the number of seconds Apache waits for
 certain events before failing a request.
 
-Default value: `'60'`
+Default value: `60`
 
 ##### <a name="trace_enable"></a>`trace_enable`
 
@@ -1075,7 +1075,7 @@ abnormal client request behavior, which may be useful for avoiding some forms of
 denial-of-service attacks. The value should be increased if normal clients see an error
 response from the server that indicates too many fields were sent in the request.
 
-Default value: `'100'`
+Default value: `100`
 
 ##### <a name="limitreqfieldsize"></a>`limitreqfieldsize`
 
@@ -1084,7 +1084,7 @@ Data type: `Any`
 The `limitreqfieldsize` parameter sets the maximum ammount of _bytes_ that will
 be allowed within a request header.
 
-Default value: `'8190'`
+Default value: `8190`
 
 ##### <a name="ip"></a>`ip`
 
@@ -1669,7 +1669,7 @@ Data type: `Any`
 
 Set the minimum number of connections per process.
 
-Default value: `'4'`
+Default value: `4`
 
 ##### <a name="authn_dbd_max"></a>`authn_dbd_max`
 
@@ -1677,7 +1677,7 @@ Data type: `Any`
 
 Set the maximum number of connections per process.
 
-Default value: `'20'`
+Default value: `20`
 
 ##### <a name="authn_dbd_keep"></a>`authn_dbd_keep`
 
@@ -1685,7 +1685,7 @@ Data type: `Any`
 
 Set the maximum number of connections per process to be sustained.
 
-Default value: `'8'`
+Default value: `8`
 
 ##### <a name="authn_dbd_exptime"></a>`authn_dbd_exptime`
 
@@ -1694,7 +1694,7 @@ Data type: `Any`
 Set the time to keep idle connections alive when the number of
 connections specified in DBDKeep has been exceeded.
 
-Default value: `'300'`
+Default value: `300`
 
 ##### <a name="authn_dbd_alias"></a>`authn_dbd_alias`
 
@@ -1906,7 +1906,7 @@ Data type: `Any`
 
 mod_cluster listen port.
 
-Default value: `'6666'`
+Default value: `6666`
 
 ##### <a name="keep_alive_timeout"></a>`keep_alive_timeout`
 
@@ -2250,7 +2250,7 @@ Data type: `Any`
 Sets the number of child server processes created at startup, via the module's `StartServers` directive. Setting this to `false`
 removes the parameter.
 
-Default value: `'2'`
+Default value: `2`
 
 ##### <a name="maxclients"></a>`maxclients`
 
@@ -2258,7 +2258,7 @@ Data type: `Any`
 
 Apache 2.3.12 or older alias for the `MaxRequestWorkers` directive.
 
-Default value: `'150'`
+Default value: `150`
 
 ##### <a name="maxrequestworkers"></a>`maxrequestworkers`
 
@@ -2275,7 +2275,7 @@ Data type: `Any`
 
 Sets the minimum number of idle threads, via the `MinSpareThreads` directive. Setting this to `false` removes the parameters.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="maxsparethreads"></a>`maxsparethreads`
 
@@ -2283,7 +2283,7 @@ Data type: `Any`
 
 Sets the maximum number of idle threads, via the `MaxSpareThreads` directive. Setting this to `false` removes the parameters.
 
-Default value: `'75'`
+Default value: `75`
 
 ##### <a name="threadsperchild"></a>`threadsperchild`
 
@@ -2291,7 +2291,7 @@ Data type: `Any`
 
 Number of threads created by each child process.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="maxrequestsperchild"></a>`maxrequestsperchild`
 
@@ -2299,7 +2299,7 @@ Data type: `Any`
 
 Apache 2.3.8 or older alias for the `MaxConnectionsPerChild` directive.
 
-Default value: `'0'`
+Default value: `0`
 
 ##### <a name="maxconnectionsperchild"></a>`maxconnectionsperchild`
 
@@ -2315,7 +2315,7 @@ Data type: `Any`
 
 Limits the configurable number of processes via the `ServerLimit` directive. Setting this to `false` removes the parameter.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="apache_version"></a>`apache_version`
 
@@ -2331,7 +2331,7 @@ Data type: `Any`
 
 Limits the number of event threads via the module's `ThreadLimit` directive. Setting this to `false` removes the parameter.
 
-Default value: `'64'`
+Default value: `64`
 
 ##### <a name="listenbacklog"></a>`listenbacklog`
 
@@ -2340,7 +2340,7 @@ Data type: `Any`
 Sets the maximum length of the pending connections queue via the module's `ListenBackLog` directive. Setting this to `false` removes
 the parameter.
 
-Default value: `'511'`
+Default value: `511`
 
 ### <a name="apachemodexpires"></a>`apache::mod::expires`
 
@@ -2900,7 +2900,7 @@ Data type: `Any`
 
 Number of child server processes created on startup.
 
-Default value: `'8'`
+Default value: `8`
 
 ##### <a name="minspareservers"></a>`minspareservers`
 
@@ -2908,7 +2908,7 @@ Data type: `Any`
 
 Minimum number of idle child server processes.
 
-Default value: `'5'`
+Default value: `5`
 
 ##### <a name="maxspareservers"></a>`maxspareservers`
 
@@ -2916,7 +2916,7 @@ Data type: `Any`
 
 Maximum number of idle child server processes.
 
-Default value: `'20'`
+Default value: `20`
 
 ##### <a name="serverlimit"></a>`serverlimit`
 
@@ -2924,7 +2924,7 @@ Data type: `Any`
 
 Maximum configured value for `MaxRequestWorkers` for the lifetime of the Apache httpd process.
 
-Default value: `'256'`
+Default value: `256`
 
 ##### <a name="maxclients"></a>`maxclients`
 
@@ -2932,7 +2932,7 @@ Data type: `Any`
 
 Limit on the number of simultaneous requests that will be served.
 
-Default value: `'256'`
+Default value: `256`
 
 ##### <a name="maxrequestsperchild"></a>`maxrequestsperchild`
 
@@ -2940,7 +2940,7 @@ Data type: `Any`
 
 Limit on the number of connections that an individual child server process will handle.
 
-Default value: `'4000'`
+Default value: `4000`
 
 ##### <a name="enablecapabilities"></a>`enablecapabilities`
 
@@ -3408,7 +3408,7 @@ Puppet file:
 ```
 $workers_file_content = {
   worker_lists    => ['status', 'some_name,other_name'],
-  worker_maintain => '60',
+  worker_maintain => 60,
   some_name       => {
     comment          => 'Optional comment',
     type             => 'ajp13',
@@ -3488,11 +3488,11 @@ class { 'apache::mod::ldap':
   ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt',
   ldap_trusted_global_cert_type => 'CA_DER',
   ldap_trusted_mode             => 'TLS',
-  ldap_shared_cache_size        => '500000',
-  ldap_cache_entries            => '1024',
-  ldap_cache_ttl                => '600',
-  ldap_opcache_entries          => '1024',
-  ldap_opcache_ttl              => '600',
+  ldap_shared_cache_size        => 500000,
+  ldap_cache_entries            => 1024,
+  ldap_cache_ttl                => 600,
+  ldap_opcache_entries          => 1024,
+  ldap_opcache_ttl              => 600,
 }
 ```
 
@@ -5290,7 +5290,7 @@ Data type: `Any`
 
 
 
-Default value: `'2'`
+Default value: `2`
 
 ##### <a name="minprocessors"></a>`minprocessors`
 
@@ -5298,7 +5298,7 @@ Data type: `Any`
 
 
 
-Default value: `'2'`
+Default value: `2`
 
 ##### <a name="maxprocessors"></a>`maxprocessors`
 
@@ -5306,7 +5306,7 @@ Data type: `Any`
 
 
 
-Default value: `'10'`
+Default value: `10`
 
 ##### <a name="maxclients"></a>`maxclients`
 
@@ -5314,7 +5314,7 @@ Data type: `Any`
 
 
 
-Default value: `'150'`
+Default value: `150`
 
 ##### <a name="maxrequestsperchild"></a>`maxrequestsperchild`
 
@@ -5322,7 +5322,7 @@ Data type: `Any`
 
 
 
-Default value: `'1000'`
+Default value: `1000`
 
 ##### <a name="idletimeout"></a>`idletimeout`
 
@@ -5330,7 +5330,7 @@ Data type: `Any`
 
 
 
-Default value: `'120'`
+Default value: `120`
 
 ##### <a name="expiretimeout"></a>`expiretimeout`
 
@@ -5338,7 +5338,7 @@ Data type: `Any`
 
 
 
-Default value: `'120'`
+Default value: `120`
 
 ##### <a name="keepalive"></a>`keepalive`
 
@@ -5478,7 +5478,7 @@ Data type: `Any`
 
 Number of child server processes created at startup.
 
-Default value: `'8'`
+Default value: `8`
 
 ##### <a name="minspareservers"></a>`minspareservers`
 
@@ -5486,7 +5486,7 @@ Data type: `Any`
 
 Minimum number of idle child server processes.
 
-Default value: `'5'`
+Default value: `5`
 
 ##### <a name="maxspareservers"></a>`maxspareservers`
 
@@ -5494,7 +5494,7 @@ Data type: `Any`
 
 Maximum number of idle child server processes.
 
-Default value: `'20'`
+Default value: `20`
 
 ##### <a name="serverlimit"></a>`serverlimit`
 
@@ -5502,7 +5502,7 @@ Data type: `Any`
 
 Upper limit on configurable number of processes.
 
-Default value: `'256'`
+Default value: `256`
 
 ##### <a name="maxclients"></a>`maxclients`
 
@@ -5510,7 +5510,7 @@ Data type: `Any`
 
 Old alias for MaxRequestWorkers.
 
-Default value: `'256'`
+Default value: `256`
 
 ##### <a name="maxrequestworkers"></a>`maxrequestworkers`
 
@@ -5526,7 +5526,7 @@ Data type: `Any`
 
 Old alias for MaxConnectionsPerChild.
 
-Default value: `'4000'`
+Default value: `4000`
 
 ##### <a name="maxconnectionsperchild"></a>`maxconnectionsperchild`
 
@@ -5550,7 +5550,7 @@ Data type: `Any`
 
 Maximum length of the queue of pending connections.
 
-Default value: `'511'`
+Default value: `511`
 
 ### <a name="apachemodproxy"></a>`apache::mod::proxy`
 
@@ -6159,7 +6159,7 @@ Data type: `Any`
 
 Sets the scoring threshold level of the inbound blocking rules for the Collaborative Detection Mode in the OWASP ModSecurity Core Rule Set.
 
-Default value: `'5'`
+Default value: `5`
 
 ##### <a name="outbound_anomaly_threshold"></a>`outbound_anomaly_threshold`
 
@@ -6167,7 +6167,7 @@ Data type: `Any`
 
 Sets the scoring threshold level of the outbound blocking rules for the Collaborative Detection Mode in the OWASP ModSecurity Core Rule Set.
 
-Default value: `'4'`
+Default value: `4`
 
 ##### <a name="critical_anomaly_score"></a>`critical_anomaly_score`
 
@@ -6175,7 +6175,7 @@ Data type: `Any`
 
 Sets the Anomaly Score for rules assigned with a critical severity.
 
-Default value: `'5'`
+Default value: `5`
 
 ##### <a name="error_anomaly_score"></a>`error_anomaly_score`
 
@@ -6183,7 +6183,7 @@ Data type: `Any`
 
 Sets the Anomaly Score for rules assigned with a error severity.
 
-Default value: `'4'`
+Default value: `4`
 
 ##### <a name="warning_anomaly_score"></a>`warning_anomaly_score`
 
@@ -6191,7 +6191,7 @@ Data type: `Any`
 
 Sets the Anomaly Score for rules assigned with a warning severity.
 
-Default value: `'3'`
+Default value: `3`
 
 ##### <a name="notice_anomaly_score"></a>`notice_anomaly_score`
 
@@ -6199,7 +6199,7 @@ Data type: `Any`
 
 Sets the Anomaly Score for rules assigned with a notice severity.
 
-Default value: `'2'`
+Default value: `2`
 
 ##### <a name="secrequestmaxnumargs"></a>`secrequestmaxnumargs`
 
@@ -6207,7 +6207,7 @@ Data type: `Any`
 
 Sets the maximum number of arguments in the request.
 
-Default value: `'255'`
+Default value: `255`
 
 ##### <a name="secrequestbodylimit"></a>`secrequestbodylimit`
 
@@ -6215,7 +6215,7 @@ Data type: `Any`
 
 Sets the maximum request body size ModSecurity will accept for buffering.
 
-Default value: `'13107200'`
+Default value: `13107200`
 
 ##### <a name="secrequestbodynofileslimit"></a>`secrequestbodynofileslimit`
 
@@ -6224,7 +6224,7 @@ Data type: `Any`
 Configures the maximum request body size ModSecurity will accept for buffering, excluding the size of any files being transported
 in the request.
 
-Default value: `'131072'`
+Default value: `131072`
 
 ##### <a name="secrequestbodyinmemorylimit"></a>`secrequestbodyinmemorylimit`
 
@@ -6232,7 +6232,7 @@ Data type: `Any`
 
 Configures the maximum request body size that ModSecurity will store in memory.
 
-Default value: `'131072'`
+Default value: `131072`
 
 ##### <a name="manage_security_crs"></a>`manage_security_crs`
 
@@ -6481,7 +6481,7 @@ Data type: `Any`
 
 Pseudo Random Number Generator (PRNG) seeding source.
 
-Default value: `'512'`
+Default value: `512`
 
 ##### <a name="ssl_sessioncache"></a>`ssl_sessioncache`
 
@@ -6497,7 +6497,7 @@ Data type: `Any`
 
 Number of seconds before an SSL session expires in the Session Cache.
 
-Default value: `'300'`
+Default value: `300`
 
 ##### <a name="ssl_stapling"></a>`ssl_stapling`
 
@@ -6850,7 +6850,7 @@ Data type: `Any`
 
 The number of child server processes created on startup
 
-Default value: `'2'`
+Default value: `2`
 
 ##### <a name="maxclients"></a>`maxclients`
 
@@ -6860,7 +6860,7 @@ The max number of simultaneous requests that will be served.
 This is the old name and is still supported. The new name is
 MaxRequestWorkers as of 2.3.13.
 
-Default value: `'150'`
+Default value: `150`
 
 ##### <a name="minsparethreads"></a>`minsparethreads`
 
@@ -6868,7 +6868,7 @@ Data type: `Any`
 
 Minimum number of idle threads to handle request spikes.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="maxsparethreads"></a>`maxsparethreads`
 
@@ -6876,7 +6876,7 @@ Data type: `Any`
 
 Maximum number of idle threads.
 
-Default value: `'75'`
+Default value: `75`
 
 ##### <a name="threadsperchild"></a>`threadsperchild`
 
@@ -6884,7 +6884,7 @@ Data type: `Any`
 
 The number of threads created by each child process.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="maxrequestsperchild"></a>`maxrequestsperchild`
 
@@ -6894,7 +6894,7 @@ Limit on the number of connectiojns an individual child server
 process will handle. This is the old name and is still supported. The new
 name is MaxConnectionsPerChild as of 2.3.9+.
 
-Default value: `'0'`
+Default value: `0`
 
 ##### <a name="serverlimit"></a>`serverlimit`
 
@@ -6906,7 +6906,7 @@ and ThreadsPerChild settings require more than 16 server processes
 number of server processes required by what you may want for
 MaxRequestWorkers and ThreadsPerChild.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="threadlimit"></a>`threadlimit`
 
@@ -6915,7 +6915,7 @@ Data type: `Any`
 This directive sets the maximum configured value for
 ThreadsPerChild for the lifetime of the Apache httpd process.
 
-Default value: `'64'`
+Default value: `64`
 
 ##### <a name="listenbacklog"></a>`listenbacklog`
 
@@ -6923,7 +6923,7 @@ Data type: `Any`
 
 Maximum length of the queue of pending connections.
 
-Default value: `'511'`
+Default value: `511`
 
 ##### <a name="apache_version"></a>`apache_version`
 
@@ -7055,7 +7055,7 @@ class { 'apache::vhosts':
   vhosts => {
     'custom_vhost_1' => {
       'docroot' => '/var/www/custom_vhost_1',
-      'port'    => '81',
+      'port'    => 81,
     },
   },
 }
@@ -7284,7 +7284,7 @@ Sets the configuration file's priority by prefixing its filename with this param
 numeric value, as Apache processes configuration files in alphanumeric order.<br />
 To omit the priority prefix in the configuration file's name, set this parameter to `false`.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="source"></a>`source`
 
@@ -9416,7 +9416,7 @@ If nothing matches the priority, the first name-based virtual host is used. Like
 passing a higher priority causes the alphabetically first name-based virtual host to be
 used if no other names match.<br />
 > **Note:** You should not need to use this parameter. However, if you do use it, be
-aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'.<br />
+aware that the `default_vhost` parameter for `apache::vhost` passes a priority of 15.<br />
 To omit the priority prefix in file names, pass a priority of `false`.
 
 Default value: ``undef``
@@ -9463,7 +9463,7 @@ apache::vhost { 'site.name.fdqn':
     { 'path' => '/l', 'url' => 'http://backend-xy',
       'reverse_urls' => ['http://backend-x', 'http://backend-y'] },
     { 'path' => '/d', 'url' => 'http://backend-a/d',
-      'params' => { 'retry' => '0', 'timeout' => '5' }, },
+      'params' => { 'retry' => 0, 'timeout' => 5 }, },
     { 'path' => '/e', 'url' => 'http://backend-a/e',
       'keywords' => ['nocanon', 'interpolate'] },
     { 'path' => '/f', 'url' => 'http://backend-f/',
@@ -9561,7 +9561,7 @@ and redirectmatch_dest.
 ``` puppet
 apache::vhost { 'site.name.fdqn':
   ...
-  redirectmatch_status => ['404','404'],
+  redirectmatch_status => ['404', '404'],
   redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
   redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
 }
@@ -9579,7 +9579,7 @@ and redirectmatch_dest.
 ``` puppet
 apache::vhost { 'site.name.fdqn':
   ...
-  redirectmatch_status => ['404','404'],
+  redirectmatch_status => ['404', '404'],
   redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
   redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
 }
@@ -9597,7 +9597,7 @@ and redirectmatch_regexp.
 ``` puppet
 apache::vhost { 'site.name.fdqn':
   ...
-  redirectmatch_status => ['404','404'],
+  redirectmatch_status => ['404', '404'],
   redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
   redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
 }
@@ -9875,7 +9875,7 @@ working together with suphp_configpath and suphp_engine.<br />
 An example virtual host configuration with suPHP:
 ``` puppet
 apache::vhost { 'suphp.example.com':
-  port             => '80',
+  port             => 80,
   docroot          => '/home/appuser/myphpapp',
   suphp_addhandler => 'x-httpd-php',
   suphp_engine     => 'on',
@@ -9897,7 +9897,7 @@ working together with suphp_addhandler and suphp_engine.<br />
 An example virtual host configuration with suPHP:
 ``` puppet
 apache::vhost { 'suphp.example.com':
-  port             => '80',
+  port             => 80,
   docroot          => '/home/appuser/myphpapp',
   suphp_addhandler => 'x-httpd-php',
   suphp_engine     => 'on',
@@ -9919,7 +9919,7 @@ working together with suphp_configpath and suphp_addhandler.<br />
 An example virtual host configuration with suPHP:
 ``` puppet
 apache::vhost { 'suphp.example.com':
-  port             => '80',
+  port             => 80,
   docroot          => '/home/appuser/myphpapp',
   suphp_addhandler => 'x-httpd-php',
   suphp_engine     => 'on',
@@ -9954,7 +9954,7 @@ set for `docroot` in the manifest. See [`virtual_use_default_docroot`](#virtual_
 ``` puppet
 apache::vhost { 'subdomain.loc':
   vhost_name      => '*',
-  port            => '80',
+  port            => 80,
   virtual_docroot => '/var/www/%-2+',
   docroot         => '/var/www',
   serveraliases   => ['*.loc',],
@@ -9972,7 +9972,7 @@ to `true` will mean both directives will be added to the configuration.
 ``` puppet
 apache::vhost { 'subdomain.loc':
   vhost_name                  => '*',
-  port                        => '80',
+  port                        => 80,
   virtual_docroot             => '/var/www/%-2+',
   docroot                     => '/var/www',
   virtual_use_default_docroot => true,
@@ -9994,12 +9994,12 @@ A hash that sets the name of the WSGI daemon, accepting
 An example virtual host configuration with WSGI:
 ``` puppet
 apache::vhost { 'wsgi.example.com':
-  port                        => '80',
+  port                        => 80,
   docroot                     => '/var/www/pythonapp',
   wsgi_daemon_process         => 'wsgi',
   wsgi_daemon_process_options =>
-    { processes    => '2',
-      threads      => '15',
+    { processes    => 2,
+      threads      => 15,
       display-name => '%{GROUP}',
     },
   wsgi_process_group          => 'wsgi',
@@ -10853,7 +10853,7 @@ Data type: `Any`
 
 Sets the relative load order for Apache HTTPD VirtualHost configuration files.
 
-Default value: `'25'`
+Default value: `25`
 
 ##### <a name="verify_config"></a>`verify_config`
 
@@ -10886,11 +10886,11 @@ apache::vhost::fragment { 'myfragment':
 ```puppet
 include apache
 apache::vhost { 'myvhost':
-  priority => '42',
+  priority => 42,
 }
 apache::vhost::fragment { 'myfragment':
   vhost    => 'myvhost',
-  priority => '42',
+  priority => 42,
   content  => '# Foo',
 }
 ```
@@ -10904,7 +10904,7 @@ apache::vhost { 'myvhost':
 }
 apache::vhost::fragment { 'myfragment':
   vhost    => 'myvhost',
-  priority => '10', # default_vhost implies priority 10
+  priority => 10, # default_vhost implies priority 10
   content  => '# Foo',
 }
 ```
@@ -10915,7 +10915,7 @@ apache::vhost::fragment { 'myfragment':
 include apache
 apache::vhost::fragment { 'myfragment':
   vhost    => 'default',
-  priority => '15',
+  priority => 15,
   content  => '# Foo',
 }
 ```
@@ -11278,8 +11278,8 @@ Struct[{
     Optional['StateTimeout']                            => Integer,
     Optional['ScrubRequestHeaders']                     => Enum['On','Off'],
     Optional['OutgoingProxy']                           => String,
-    Optional['UnAuthAction']                            => Enum['auth','pass','401','410'],
-    Optional['UnAuthzAction']                           => Enum['401','403','auth'],
+    Optional['UnAuthAction']                            => Enum['auth','pass','401', '410'],
+    Optional['UnAuthzAction']                           => Enum['401', '403', 'auth'],
     Optional['PreservePost']                            => Enum['On','Off'],
     Optional['PassRefreshToken']                        => Enum['On','Off'],
     Optional['RequestObject']                           => String,
diff --git a/examples/vhost.pp b/examples/vhost.pp
index c0813d1608..306866b6ba 100644
--- a/examples/vhost.pp
+++ b/examples/vhost.pp
@@ -9,13 +9,13 @@
 
 # Most basic vhost
 apache::vhost { 'first.example.com':
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/first',
 }
 
 # Vhost with different docroot owner/group/mode
 apache::vhost { 'second.example.com':
-  port          => '80',
+  port          => 80,
   docroot       => '/var/www/second',
   docroot_owner => 'third',
   docroot_group => 'third',
@@ -24,21 +24,21 @@
 
 # Vhost with serveradmin
 apache::vhost { 'third.example.com':
-  port        => '80',
+  port        => 80,
   docroot     => '/var/www/third',
   serveradmin => 'admin@example.com',
 }
 
 # Vhost with ssl (uses default ssl certs)
 apache::vhost { 'ssl.example.com':
-  port    => '443',
+  port    => 443,
   docroot => '/var/www/ssl',
   ssl     => true,
 }
 
 # Vhost with ssl and specific ssl certs
 apache::vhost { 'fourth.example.com':
-  port     => '443',
+  port     => 443,
   docroot  => '/var/www/fourth',
   ssl      => true,
   ssl_cert => '/etc/ssl/fourth.example.com.cert',
@@ -48,7 +48,7 @@
 # Vhost with english title and servername parameter
 apache::vhost { 'The fifth vhost':
   servername => 'fifth.example.com',
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/fifth',
 }
 
@@ -58,13 +58,13 @@
     'sixth.example.org',
     'sixth.example.net',
   ],
-  port          => '80',
+  port          => 80,
   docroot       => '/var/www/fifth',
 }
 
 # Vhost with alternate options
 apache::vhost { 'seventh.example.com':
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/seventh',
   options => [
     'Indexes',
@@ -74,14 +74,14 @@
 
 # Vhost with AllowOverride for .htaccess
 apache::vhost { 'eighth.example.com':
-  port     => '80',
+  port     => 80,
   docroot  => '/var/www/eighth',
   override => 'All',
 }
 
 # Vhost with access and error logs disabled
 apache::vhost { 'ninth.example.com':
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/ninth',
   access_log => false,
   error_log  => false,
@@ -89,7 +89,7 @@
 
 # Vhost with custom access and error logs and logroot
 apache::vhost { 'tenth.example.com':
-  port            => '80',
+  port            => 80,
   docroot         => '/var/www/tenth',
   access_log_file => 'tenth_vhost.log',
   error_log_file  => 'tenth_vhost_error.log',
@@ -98,14 +98,14 @@
 
 # Vhost with a cgi-bin
 apache::vhost { 'eleventh.example.com':
-  port        => '80',
+  port        => 80,
   docroot     => '/var/www/eleventh',
   scriptalias => '/usr/lib/cgi-bin',
 }
 
 # Vhost with a proxypass configuration
 apache::vhost { 'twelfth.example.com':
-  port          => '80',
+  port          => 80,
   docroot       => '/var/www/twelfth',
   proxy_dest    => 'http://internal.example.com:8080/twelfth',
   no_proxy_uris => ['/login','/logout'],
@@ -113,7 +113,7 @@
 
 # Vhost to redirect /login and /logout
 apache::vhost { 'thirteenth.example.com':
-  port            => '80',
+  port            => 80,
   docroot         => '/var/www/thirteenth',
   redirect_source => [
     '/login',
@@ -127,7 +127,7 @@
 
 # Vhost to permamently redirect
 apache::vhost { 'fourteenth.example.com':
-  port            => '80',
+  port            => 80,
   docroot         => '/var/www/fourteenth',
   redirect_source => '/blog',
   redirect_dest   => 'http://blog.example.com',
@@ -136,7 +136,7 @@
 
 # Vhost with a rack configuration
 apache::vhost { 'fifteenth.example.com':
-  port           => '80',
+  port           => 80,
   docroot        => '/var/www/fifteenth',
   rack_base_uris => ['/rackapp1', '/rackapp2'],
 }
@@ -144,7 +144,7 @@
 # Vhost to redirect non-ssl to ssl
 apache::vhost { 'sixteenth.example.com non-ssl':
   servername => 'sixteenth.example.com',
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/sixteenth',
   rewrites   => [
     {
@@ -158,7 +158,7 @@
 # Rewrite a URL to lower case
 apache::vhost { 'sixteenth.example.com non-ssl':
   servername => 'sixteenth.example.com',
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/sixteenth',
   rewrites   => [
     { comment      => 'Rewrite to lower case',
@@ -171,7 +171,7 @@
 
 apache::vhost { 'sixteenth.example.com ssl':
   servername => 'sixteenth.example.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/sixteenth',
   ssl        => true,
 }
@@ -179,41 +179,41 @@
 # Vhost to redirect non-ssl to ssl using old rewrite method
 apache::vhost { 'sixteenth.example.com non-ssl old rewrite':
   servername   => 'sixteenth.example.com',
-  port         => '80',
+  port         => 80,
   docroot      => '/var/www/sixteenth',
   rewrite_cond => '%{HTTPS} off',
   rewrite_rule => '(.*) https://%{HTTP_HOST}%{REQUEST_URI}',
 }
 apache::vhost { 'sixteenth.example.com ssl old rewrite':
   servername => 'sixteenth.example.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/sixteenth',
   ssl        => true,
 }
 
 # Vhost to block repository files
 apache::vhost { 'seventeenth.example.com':
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/seventeenth',
   block   => 'scm',
 }
 
 # Vhost with special environment variables
 apache::vhost { 'eighteenth.example.com':
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/eighteenth',
   setenv  => ['SPECIAL_PATH /foo/bin','KILROY was_here'],
 }
 
 apache::vhost { 'nineteenth.example.com':
-  port     => '80',
+  port     => 80,
   docroot  => '/var/www/nineteenth',
   setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1',
 }
 
 # Vhost with additional include files
 apache::vhost { 'twentyieth.example.com':
-  port                => '80',
+  port                => 80,
   docroot             => '/var/www/twelfth',
   additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'],
 }
@@ -222,7 +222,7 @@
 # http://example.com.loc => /var/www/example.com
 apache::vhost { 'subdomain.loc':
   vhost_name      => '*',
-  port            => '80',
+  port            => 80,
   virtual_docroot => '/var/www/%-2+',
   docroot         => '/var/www',
   serveraliases   => ['*.loc',],
@@ -230,9 +230,9 @@
 
 # Vhost with SSL (SSLProtocol, SSLCipherSuite & SSLHonorCipherOrder from default)
 apache::vhost { 'securedomain.com':
-  priority   => '10',
+  priority   => 10,
   vhost_name => 'www.securedomain.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/secure',
   ssl        => true,
   ssl_cert   => '/etc/ssl/securedomain.cert',
@@ -243,14 +243,14 @@
 
 # Vhost with access log environment variables writing control
 apache::vhost { 'twentyfirst.example.com':
-  port               => '80',
+  port               => 80,
   docroot            => '/var/www/twentyfirst',
   access_log_env_var => 'admin',
 }
 
 # Vhost with a passenger_base configuration
 apache::vhost { 'twentysecond.example.com':
-  port           => '80',
+  port           => 80,
   docroot        => '/var/www/twentysecond',
   rack_base_uris => ['/passengerapp1', '/passengerapp2'],
 }
diff --git a/examples/vhost_proxypass.pp b/examples/vhost_proxypass.pp
index ca9c57dff5..9cd0a18559 100644
--- a/examples/vhost_proxypass.pp
+++ b/examples/vhost_proxypass.pp
@@ -28,8 +28,8 @@
       'path'   => '/second',
       'url'    => 'http://localhost:8080/second',
       'params' => {
-        'retry'   => '0',
-        'timeout' => '5',
+        'retry'   => 0,
+        'timeout' => 5,
       }
     },
   ],
@@ -57,8 +57,8 @@
       'path'     => '/fourth',
       'url'      => 'http://localhost:8080/fourth',
       'params'   => {
-        'retry'   => '0',
-        'timeout' => '5',
+        'retry'   => 0,
+        'timeout' => 5,
       },
       'keywords' => ['noquery', 'interpolate']
     },
diff --git a/examples/vhost_ssl.pp b/examples/vhost_ssl.pp
index 8e7a2b279e..83584e73ce 100644
--- a/examples/vhost_ssl.pp
+++ b/examples/vhost_ssl.pp
@@ -10,14 +10,14 @@
 # Non-ssl vhost
 apache::vhost { 'first.example.com non-ssl':
   servername => 'first.example.com',
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/first',
 }
 
 # SSL vhost at the same domain
 apache::vhost { 'first.example.com ssl':
   servername => 'first.example.com',
-  port       => '443',
+  port       => 443,
   docroot    => '/var/www/first',
   ssl        => true,
 }
diff --git a/examples/vhosts_without_listen.pp b/examples/vhosts_without_listen.pp
index d42118bc2c..1ccb7f41ae 100644
--- a/examples/vhosts_without_listen.pp
+++ b/examples/vhosts_without_listen.pp
@@ -12,14 +12,14 @@
 apache::vhost { 'The first IP-based vhost, non-ssl':
   servername => 'first.example.com',
   ip         => '10.0.0.10',
-  port       => '80',
+  port       => 80,
   ip_based   => true,
   docroot    => '/var/www/first',
 }
 apache::vhost { 'The first IP-based vhost, ssl':
   servername => 'first.example.com',
   ip         => '10.0.0.10',
-  port       => '443',
+  port       => 443,
   ip_based   => true,
   docroot    => '/var/www/first-ssl',
   ssl        => true,
@@ -28,12 +28,12 @@
 # Two name-based vhost listening on 10.0.0.20
 apache::vhost { 'second.example.com':
   ip      => '10.0.0.20',
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/second',
 }
 apache::vhost { 'third.example.com':
   ip      => '10.0.0.20',
-  port    => '80',
+  port    => 80,
   docroot => '/var/www/third',
 }
 
@@ -41,12 +41,12 @@
 # `add_listen => 'false'` to disable declaring "Listen 80" which will conflict
 # with the IP-based preceeding vhosts.
 apache::vhost { 'fourth.example.com':
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/fourth',
   add_listen => false,
 }
 apache::vhost { 'fifth.example.com':
-  port       => '80',
+  port       => 80,
   docroot    => '/var/www/fifth',
   add_listen => false,
 }
diff --git a/manifests/balancer.pp b/manifests/balancer.pp
index b67e10b0d7..71fdd81c6d 100644
--- a/manifests/balancer.pp
+++ b/manifests/balancer.pp
@@ -46,7 +46,7 @@
   Hash $proxy_set = {},
   Boolean $collect_exported = true,
   Optional[String] $target = undef,
-  Array $options = [],
+  Array[Pattern[/=/]] $options = [],
 ) {
   include apache::mod::proxy_balancer
 
@@ -73,8 +73,8 @@
   }
 
   concat { "apache_balancer_${name}":
-    owner  => '0',
-    group  => '0',
+    owner  => 0,
+    group  => 0,
     path   => $_target,
     mode   => $apache::file_mode,
     notify => Class['Apache::Service'],
diff --git a/manifests/balancermember.pp b/manifests/balancermember.pp
index 29126ee043..fc4b6067d8 100644
--- a/manifests/balancermember.pp
+++ b/manifests/balancermember.pp
@@ -40,8 +40,8 @@
 #
 define apache::balancermember (
   String $balancer_cluster,
-  String $url = "http://${$facts['networking']['fqdn']}/",
-  Array $options = [],
+  Stdlib::HTTPUrl $url = "http://${$facts['networking']['fqdn']}/",
+  Array $options       = [],
 ) {
   concat::fragment { "BalancerMember ${name}":
     target  => "apache_balancer_${balancer_cluster}",
diff --git a/manifests/custom_config.pp b/manifests/custom_config.pp
index dea32f7a65..48d39a2d27 100644
--- a/manifests/custom_config.pp
+++ b/manifests/custom_config.pp
@@ -49,18 +49,18 @@
 #   show_diff property for configuration file resource
 #
 define apache::custom_config (
-  Enum['absent', 'present'] $ensure         = 'present',
-  String $confdir                           = $apache::confd_dir,
-  Optional[String] $content                 = undef,
-  Variant[Integer,String,Boolean] $priority = '25',
-  Optional[String] $source                  = undef,
-  String $verify_command                    = $apache::params::verify_command,
-  Boolean $verify_config                    = true,
-  Optional[String] $filename                = undef,
-  Optional[String] $owner                   = undef,
-  Optional[String] $group                   = undef,
-  Optional[String] $file_mode               = undef,
-  Boolean $show_diff                        = true,
+  Enum['absent', 'present'] $ensure     = 'present',
+  Stdlib::Absolutepath $confdir         = $apache::confd_dir,
+  Optional[String] $content             = undef,
+  Variant[Integer, Boolean] $priority   = 25,
+  Optional[String] $source              = undef,
+  String $verify_command                = $apache::params::verify_command,
+  Boolean $verify_config                = true,
+  Optional[String] $filename            = undef,
+  Optional[String] $owner               = undef,
+  Optional[String] $group               = undef,
+  Optional[Stdlib::Filemode] $file_mode = undef,
+  Boolean $show_diff                    = true,
 ) {
   if $content and $source {
     fail('Only one of $content and $source can be specified.')
diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp
index 68bf56ac53..edf18b350d 100644
--- a/manifests/default_mods.pp
+++ b/manifests/default_mods.pp
@@ -3,10 +3,10 @@
 #
 # @api private
 class apache::default_mods (
-  Boolean $all                                  = true,
-  Optional[Variant[Array[String],String]] $mods = undef,
-  String $apache_version                        = $apache::apache_version,
-  Boolean $use_systemd                          = $apache::use_systemd,
+  Boolean $all                                   = true,
+  Optional[Variant[Array[String], String]] $mods = undef,
+  String $apache_version                         = $apache::apache_version,
+  Boolean $use_systemd                           = $apache::use_systemd,
 ) {
   # These are modules required to run the default configuration.
   # They are not configurable at this time, so we just include
diff --git a/manifests/fastcgi/server.pp b/manifests/fastcgi/server.pp
index 3e6af87af2..df7e5ce004 100644
--- a/manifests/fastcgi/server.pp
+++ b/manifests/fastcgi/server.pp
@@ -32,13 +32,13 @@
 #   Sets a header for the server
 #
 define apache::fastcgi::server (
-  String $host                  = '127.0.0.1:9000',
-  Integer $timeout              = 15,
-  Boolean $flush                = false,
-  String $faux_path             = "/var/www/${name}.fcgi",
-  String $fcgi_alias            = "/${name}.fcgi",
-  String $file_type             = 'application/x-httpd-php',
-  Optional[String] $pass_header = undef,
+  String $host                    = '127.0.0.1:9000',
+  Integer $timeout                = 15,
+  Boolean $flush                  = false,
+  Stdlib::Absolutepath $faux_path = "/var/www/${name}.fcgi",
+  Stdlib::Unixpath $fcgi_alias    = "/${name}.fcgi",
+  String $file_type               = 'application/x-httpd-php',
+  Optional[String] $pass_header   = undef,
 ) {
   include apache::mod::fastcgi
 
diff --git a/manifests/init.pp b/manifests/init.pp
index 9a48af21ad..02f51dc7a3 100755
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -461,94 +461,93 @@
 #   Specifies any idditional Internet media (mime) types that you wish to be configured.
 # 
 class apache (
-  String $apache_name                                                   = $apache::params::apache_name,
-  String $service_name                                                  = $apache::params::service_name,
-  Variant[Array,Boolean] $default_mods                                  = true,
-  Boolean $default_vhost                                                = true,
-  Optional[String] $default_charset                                     = undef,
-  Boolean $default_confd_files                                          = true,
-  Boolean $default_ssl_vhost                                            = false,
-  String $default_ssl_cert                                              = $apache::params::default_ssl_cert,
-  String $default_ssl_key                                               = $apache::params::default_ssl_key,
-  Optional[String] $default_ssl_chain                                   = undef,
-  Optional[String] $default_ssl_ca                                      = undef,
-  Optional[String] $default_ssl_crl_path                                = undef,
-  Optional[String] $default_ssl_crl                                     = undef,
-  Optional[String] $default_ssl_crl_check                               = undef,
-  Boolean $default_ssl_reload_on_change                                 = false,
-  String $default_type                                                  = 'none',
-  Optional[Variant[Array,String]] $dev_packages                         = $apache::params::dev_packages,
-  Optional[String] $ip                                                  = undef,
-  Boolean $service_enable                                               = true,
-  Boolean $service_manage                                               = true,
-  Variant[Boolean,String] $service_ensure                               = 'running',
-  Optional[String] $service_restart                                     = undef,
-  Boolean $purge_configs                                                = true,
-  Optional[Boolean] $purge_vhost_dir                                    = undef,
-  Boolean $purge_vdir                                                   = false,
-  String $serveradmin                                                   = 'root@localhost',
-  Enum['On', 'Off', 'on', 'off'] $sendfile                              = 'On',
-  Optional[Enum['On', 'Off', 'on', 'off']] $ldap_verify_server_cert     = undef,
-  Optional[String] $ldap_trusted_mode                                   = undef,
-  Boolean $error_documents                                              = false,
-  Variant[Integer,String] $timeout                                      = '60',
-  String $httpd_dir                                                     = $apache::params::httpd_dir,
-  String $server_root                                                   = $apache::params::server_root,
-  String $conf_dir                                                      = $apache::params::conf_dir,
-  String $confd_dir                                                     = $apache::params::confd_dir,
-  Enum['Off', 'On', 'Double', 'off', 'on', 'double'] $hostname_lookups  = $apache::params::hostname_lookups,
-  Optional[String] $conf_enabled                                        = $apache::params::conf_enabled,
-  String $vhost_dir                                                     = $apache::params::vhost_dir,
-  Optional[String] $vhost_enable_dir                                    = $apache::params::vhost_enable_dir,
-  Hash $mod_libs                                                        = $apache::params::mod_libs,
-  Hash $mod_packages                                                    = $apache::params::mod_packages,
-  String $vhost_include_pattern                                         = $apache::params::vhost_include_pattern,
-  String $mod_dir                                                       = $apache::params::mod_dir,
-  Optional[String] $mod_enable_dir                                      = $apache::params::mod_enable_dir,
-  Variant[Boolean,String] $mpm_module                                   = $apache::params::mpm_module,
-  String $lib_path                                                      = $apache::params::lib_path,
-  String $conf_template                                                 = $apache::params::conf_template,
-  Optional[String] $servername                                          = $apache::params::servername,
-  String $pidfile                                                       = $apache::params::pidfile,
-  Optional[Stdlib::Absolutepath] $rewrite_lock                          = undef,
-  Boolean $manage_user                                                  = true,
-  Boolean $manage_group                                                 = true,
-  String $user                                                          = $apache::params::user,
-  String $group                                                         = $apache::params::group,
-  Optional[String] $http_protocol_options                               = $apache::params::http_protocol_options,
-  Array $supplementary_groups                                           = [],
-  String $keepalive                                                     = $apache::params::keepalive,
-  Variant[Integer,String] $keepalive_timeout                            = $apache::params::keepalive_timeout,
-  Variant[Integer,String] $max_keepalive_requests                       = $apache::params::max_keepalive_requests,
-  Variant[Integer,String] $limitreqfieldsize                            = '8190',
-  Variant[Integer,String] $limitreqfields                               = '100',
-  String $logroot                                                       = $apache::params::logroot,
-  Optional[String] $logroot_mode                                        = $apache::params::logroot_mode,
-  Apache::LogLevel $log_level                                           = $apache::params::log_level,
-  Hash $log_formats                                                     = {},
-  Optional[String] $ssl_file                                            = undef,
-  String $ports_file                                                    = $apache::params::ports_file,
-  String $docroot                                                       = $apache::params::docroot,
-  String $apache_version                                                = $apache::version::default,
-  String $server_tokens                                                 = 'Prod',
-  String $server_signature                                              = 'On',
-  String $trace_enable                                                  = 'On',
-  Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes        = undef,
-  Optional[String] $file_e_tag                                          = undef,
-  Optional[Enum['On', 'on', 'Off', 'off', 'DNS', 'dns']]
-  $use_canonical_name                                                   = undef,
-  String $package_ensure                                                = 'installed',
-  Boolean $use_optional_includes                                        = $apache::params::use_optional_includes,
-  Boolean $use_systemd                                                  = $apache::params::use_systemd,
-  Hash $mime_types_additional                                           = $apache::params::mime_types_additional,
-  String $file_mode                                                     = $apache::params::file_mode,
-  Array $root_directory_options                                         = $apache::params::root_directory_options,
-  Boolean $root_directory_secured                                       = false,
-  String $error_log                                                     = $apache::params::error_log,
-  String $scriptalias                                                   = $apache::params::scriptalias,
-  String $access_log_file                                               = $apache::params::access_log_file,
-  Array[Enum['h2', 'h2c', 'http/1.1']] $protocols                = [],
-  Optional[Boolean] $protocols_honor_order                       = undef,
+  String $apache_name                                                        = $apache::params::apache_name,
+  String $service_name                                                       = $apache::params::service_name,
+  Variant[Array, Boolean] $default_mods                                      = true,
+  Boolean $default_vhost                                                     = true,
+  Optional[String] $default_charset                                          = undef,
+  Boolean $default_confd_files                                               = true,
+  Boolean $default_ssl_vhost                                                 = false,
+  Stdlib::Absolutepath $default_ssl_cert                                     = $apache::params::default_ssl_cert,
+  Stdlib::Absolutepath $default_ssl_key                                      = $apache::params::default_ssl_key,
+  Optional[Stdlib::Absolutepath] $default_ssl_chain                          = undef,
+  Optional[Stdlib::Absolutepath] $default_ssl_ca                             = undef,
+  Optional[Stdlib::Absolutepath] $default_ssl_crl_path                       = undef,
+  Optional[Stdlib::Absolutepath] $default_ssl_crl                            = undef,
+  Optional[String] $default_ssl_crl_check                                    = undef,
+  Boolean $default_ssl_reload_on_change                                      = false,
+  String $default_type                                                       = 'none',
+  Optional[Variant[Array, String]] $dev_packages                             = $apache::params::dev_packages,
+  Optional[String] $ip                                                       = undef,
+  Boolean $service_enable                                                    = true,
+  Boolean $service_manage                                                    = true,
+  Variant[Stdlib::Ensure::Service, Boolean] $service_ensure                  = 'running',
+  Optional[String] $service_restart                                          = undef,
+  Boolean $purge_configs                                                     = true,
+  Optional[Boolean] $purge_vhost_dir                                         = undef,
+  Boolean $purge_vdir                                                        = false,
+  String $serveradmin                                                        = 'root@localhost',
+  Enum['On', 'Off', 'on', 'off'] $sendfile                                   = 'On',
+  Optional[Enum['On', 'Off', 'on', 'off']] $ldap_verify_server_cert          = undef,
+  Optional[String] $ldap_trusted_mode                                        = undef,
+  Boolean $error_documents                                                   = false,
+  Integer[0] $timeout                                                        = 60,
+  Stdlib::Absolutepath $httpd_dir                                            = $apache::params::httpd_dir,
+  Stdlib::Absolutepath $server_root                                          = $apache::params::server_root,
+  Stdlib::Absolutepath $conf_dir                                             = $apache::params::conf_dir,
+  Stdlib::Absolutepath $confd_dir                                            = $apache::params::confd_dir,
+  Enum['Off', 'On', 'Double', 'off', 'on', 'double'] $hostname_lookups       = $apache::params::hostname_lookups,
+  Optional[Stdlib::Absolutepath] $conf_enabled                               = $apache::params::conf_enabled,
+  Stdlib::Absolutepath $vhost_dir                                            = $apache::params::vhost_dir,
+  Optional[Stdlib::Absolutepath] $vhost_enable_dir                           = $apache::params::vhost_enable_dir,
+  Hash $mod_libs                                                             = $apache::params::mod_libs,
+  Hash $mod_packages                                                         = $apache::params::mod_packages,
+  String $vhost_include_pattern                                              = $apache::params::vhost_include_pattern,
+  Stdlib::Absolutepath $mod_dir                                              = $apache::params::mod_dir,
+  Optional[Stdlib::Absolutepath] $mod_enable_dir                             = $apache::params::mod_enable_dir,
+  Variant[Boolean, String] $mpm_module                                       = $apache::params::mpm_module,
+  String $lib_path                                                           = $apache::params::lib_path,
+  String $conf_template                                                      = $apache::params::conf_template,
+  Optional[String] $servername                                               = $apache::params::servername,
+  String $pidfile                                                            = $apache::params::pidfile,
+  Optional[Stdlib::Absolutepath] $rewrite_lock                               = undef,
+  Boolean $manage_user                                                       = true,
+  Boolean $manage_group                                                      = true,
+  String $user                                                               = $apache::params::user,
+  String $group                                                              = $apache::params::group,
+  Optional[String] $http_protocol_options                                    = $apache::params::http_protocol_options,
+  Array $supplementary_groups                                                = [],
+  Enum['On', 'Off'] $keepalive                                               = $apache::params::keepalive,
+  Integer $keepalive_timeout                                                 = $apache::params::keepalive_timeout,
+  Integer $max_keepalive_requests                                            = $apache::params::max_keepalive_requests,
+  Integer $limitreqfieldsize                                                 = 8190,
+  Integer $limitreqfields                                                    = 100,
+  Stdlib::Absolutepath $logroot                                              = $apache::params::logroot,
+  Optional[Stdlib::Filemode] $logroot_mode                                   = $apache::params::logroot_mode,
+  Apache::LogLevel $log_level                                                = $apache::params::log_level,
+  Hash $log_formats                                                          = {},
+  Optional[String] $ssl_file                                                 = undef,
+  Stdlib::Absolutepath $ports_file                                           = $apache::params::ports_file,
+  Stdlib::Absolutepath $docroot                                              = $apache::params::docroot,
+  String $apache_version                                                     = $apache::version::default,
+  Apache::ServerTokens $server_tokens                                        = 'Prod',
+  Variant[Enum['On', 'Off'], String] $server_signature                       = 'On',
+  Enum['On', 'Off', 'extended'] $trace_enable                                = 'On',
+  Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes             = undef,
+  Optional[String] $file_e_tag                                               = undef,
+  Optional[Enum['On', 'on', 'Off', 'off', 'DNS', 'dns']] $use_canonical_name = undef,
+  String $package_ensure                                                     = 'installed',
+  Boolean $use_optional_includes                                             = $apache::params::use_optional_includes,
+  Boolean $use_systemd                                                       = $apache::params::use_systemd,
+  Hash $mime_types_additional                                                = $apache::params::mime_types_additional,
+  Stdlib::Filemode $file_mode                                                = $apache::params::file_mode,
+  Array $root_directory_options                                              = $apache::params::root_directory_options,
+  Boolean $root_directory_secured                                            = false,
+  String $error_log                                                          = $apache::params::error_log,
+  String $scriptalias                                                        = $apache::params::scriptalias,
+  String $access_log_file                                                    = $apache::params::access_log_file,
+  Array[Enum['h2', 'h2c', 'http/1.1']] $protocols                            = [],
+  Optional[Boolean] $protocols_honor_order                                   = undef,
 ) inherits apache::params {
   $valid_mpms_re = $apache_version ? {
     '2.4'   => '(event|itk|peruser|prefork|worker)',
@@ -825,12 +824,12 @@
 
     ::apache::vhost { 'default':
       ensure                       => $default_vhost_ensure,
-      port                         => '80',
+      port                         => 80,
       docroot                      => $docroot,
       scriptalias                  => $scriptalias,
       serveradmin                  => $serveradmin,
       access_log_file              => $access_log_file,
-      priority                     => '15',
+      priority                     => 15,
       ip                           => $ip,
       logroot_mode                 => $logroot_mode,
       manage_docroot               => $default_vhost,
@@ -843,13 +842,13 @@
     }
     ::apache::vhost { 'default-ssl':
       ensure                       => $default_ssl_vhost_ensure,
-      port                         => '443',
+      port                         => 443,
       ssl                          => true,
       docroot                      => $docroot,
       scriptalias                  => $scriptalias,
       serveradmin                  => $serveradmin,
       access_log_file              => $ssl_access_log_file,
-      priority                     => '15',
+      priority                     => 15,
       ip                           => $ip,
       logroot_mode                 => $logroot_mode,
       manage_docroot               => $default_ssl_vhost,
diff --git a/manifests/mod/alias.pp b/manifests/mod/alias.pp
index 5271e8f2f8..79e5ec0da9 100644
--- a/manifests/mod/alias.pp
+++ b/manifests/mod/alias.pp
@@ -25,7 +25,7 @@
   Optional[String] $apache_version  = undef,
   String $icons_options             = 'Indexes MultiViews',
   # set icons_path to false to disable the alias
-  String $icons_path                = $apache::params::alias_icons_path,
+  Stdlib::Absolutepath $icons_path  = $apache::params::alias_icons_path,
   String $icons_prefix              = $apache::params::icons_prefix
 ) inherits apache::params {
   include apache
diff --git a/manifests/mod/auth_cas.pp b/manifests/mod/auth_cas.pp
index a85b9d3763..17df090237 100644
--- a/manifests/mod/auth_cas.pp
+++ b/manifests/mod/auth_cas.pp
@@ -88,7 +88,7 @@
   String $cas_login_url,
   String $cas_validate_url,
   String $cas_cookie_path                     = $apache::params::cas_cookie_path,
-  String $cas_cookie_path_mode                = '0750',
+  Stdlib::Filemode $cas_cookie_path_mode      = '0750',
   Integer $cas_version                        = 2,
   String $cas_debug                           = 'Off',
   Optional[String] $cas_validate_server       = undef,
diff --git a/manifests/mod/auth_mellon.pp b/manifests/mod/auth_mellon.pp
index d98a4ea3eb..81693d7d04 100644
--- a/manifests/mod/auth_mellon.pp
+++ b/manifests/mod/auth_mellon.pp
@@ -25,13 +25,13 @@
 # @see https://github.com/Uninett/mod_auth_mellon for additional documentation.
 #
 class apache::mod::auth_mellon (
-  Optional[Variant[String,Integer]] $mellon_cache_size  = $apache::params::mellon_cache_size,
-  Optional[String] $mellon_lock_file                    = $apache::params::mellon_lock_file,
-  Optional[String] $mellon_post_directory     = $apache::params::mellon_post_directory,
-  Optional[String] $mellon_cache_entry_size   = undef,
-  Optional[String] $mellon_post_ttl           = undef,
-  Optional[String] $mellon_post_size          = undef,
-  Optional[String] $mellon_post_count         = undef
+  Optional[Integer] $mellon_cache_size                  = $apache::params::mellon_cache_size,
+  Optional[Stdlib::Absolutepath] $mellon_lock_file      = $apache::params::mellon_lock_file,
+  Optional[Stdlib::Absolutepath] $mellon_post_directory = $apache::params::mellon_post_directory,
+  Optional[Integer] $mellon_cache_entry_size            = undef,
+  Optional[Integer] $mellon_post_ttl                    = undef,
+  Optional[Integer] $mellon_post_size                   = undef,
+  Optional[Integer] $mellon_post_count                  = undef
 ) inherits apache::params {
   include apache
   ::apache::mod { 'auth_mellon': }
diff --git a/manifests/mod/auth_openidc.pp b/manifests/mod/auth_openidc.pp
index 7311759323..7fa75b8303 100644
--- a/manifests/mod/auth_openidc.pp
+++ b/manifests/mod/auth_openidc.pp
@@ -3,8 +3,7 @@
 # 
 # @see https://github.com/zmartzone/mod_auth_openidc for additional documentation.
 #
-class apache::mod::auth_openidc (
-) inherits apache::params {
+class apache::mod::auth_openidc inherits apache::params {
   include apache
   include apache::mod::authz_user
   apache::mod { 'auth_openidc': }
diff --git a/manifests/mod/authn_dbd.pp b/manifests/mod/authn_dbd.pp
index 73e06952fe..d775183ddd 100644
--- a/manifests/mod/authn_dbd.pp
+++ b/manifests/mod/authn_dbd.pp
@@ -29,13 +29,13 @@
 #
 class apache::mod::authn_dbd (
   Optional[String] $authn_dbd_params,
-  String $authn_dbd_dbdriver                  = 'mysql',
-  Optional[String] $authn_dbd_query           = undef,
-  Variant[String,Integer] $authn_dbd_min      = '4',
-  Variant[String,Integer]  $authn_dbd_max     = '20',
-  Variant[String,Integer]  $authn_dbd_keep    = '8',
-  Variant[String,Integer]  $authn_dbd_exptime = '300',
-  Optional[String] $authn_dbd_alias           = undef,
+  String $authn_dbd_dbdriver         = 'mysql',
+  Optional[String] $authn_dbd_query  = undef,
+  Integer $authn_dbd_min             = 4,
+  Integer $authn_dbd_max             = 20,
+  Integer $authn_dbd_keep            = 8,
+  Integer $authn_dbd_exptime         = 300,
+  Optional[String] $authn_dbd_alias  = undef,
 ) inherits apache::params {
   include apache
   include apache::mod::dbd
diff --git a/manifests/mod/authnz_ldap.pp b/manifests/mod/authnz_ldap.pp
index c12a0869e3..ab3ab0502c 100644
--- a/manifests/mod/authnz_ldap.pp
+++ b/manifests/mod/authnz_ldap.pp
@@ -10,8 +10,8 @@
 # @see https://httpd.apache.org/docs/current/mod/mod_authnz_ldap.html for additional documentation.
 # @note Unsupported platforms: RedHat: 6, 8, 9; CentOS: 6, 8; OracleLinux: 6, 8; Ubuntu: all; Debian: all; SLES: all
 class apache::mod::authnz_ldap (
-  Boolean $verify_server_cert     = true,
-  Optional[String] $package_name  = undef,
+  Boolean $verify_server_cert    = true,
+  Optional[String] $package_name = undef,
 ) {
   include apache
   include 'apache::mod::ldap'
diff --git a/manifests/mod/cluster.pp b/manifests/mod/cluster.pp
index 2cc920b9a1..44eeef43be 100644
--- a/manifests/mod/cluster.pp
+++ b/manifests/mod/cluster.pp
@@ -51,15 +51,15 @@
 class apache::mod::cluster (
   String $allowed_network,
   String $balancer_name,
-  String $ip,
+  Stdlib::IP::Address $ip,
   String $version,
-  Boolean $enable_mcpm_receive          = true,
-  String $port                          = '6666',
-  Integer $keep_alive_timeout           = 60,
-  String $manager_allowed_network       = '127.0.0.1',
-  Integer $max_keep_alive_requests      = 0,
-  Boolean $server_advertise             = true,
-  Optional[String] $advertise_frequency = undef,
+  Boolean $enable_mcpm_receive                 = true,
+  Stdlib::Port $port                           = 6666,
+  Integer $keep_alive_timeout                  = 60,
+  Stdlib::IP::Address $manager_allowed_network = '127.0.0.1',
+  Integer $max_keep_alive_requests             = 0,
+  Boolean $server_advertise                    = true,
+  Optional[String] $advertise_frequency        = undef,
 ) {
   include apache
 
diff --git a/manifests/mod/deflate.pp b/manifests/mod/deflate.pp
index 0d0180050c..c5a6aaac8a 100644
--- a/manifests/mod/deflate.pp
+++ b/manifests/mod/deflate.pp
@@ -17,7 +17,7 @@
     'application/rss+xml',
     'application/json',
   ],
-  Hash $notes = {
+  Hash $notes          = {
     'Input'  => 'instream',
     'Output' => 'outstream',
     'Ratio'  => 'ratio',
diff --git a/manifests/mod/disk_cache.pp b/manifests/mod/disk_cache.pp
index 044de457d1..0ae3cd4261 100644
--- a/manifests/mod/disk_cache.pp
+++ b/manifests/mod/disk_cache.pp
@@ -23,9 +23,9 @@
 # @see https://httpd.apache.org/docs/2.2/mod/mod_disk_cache.html for additional documentation.
 #
 class apache::mod::disk_cache (
-  Optional[String] $cache_root            = undef,
-  Optional[String] $cache_ignore_headers  = undef,
-  Boolean $default_cache_enable           = true,
+  Optional[Stdlib::Absolutepath] $cache_root = undef,
+  Optional[String] $cache_ignore_headers     = undef,
+  Boolean $default_cache_enable              = true,
 ) {
   include apache
   if $cache_root {
diff --git a/manifests/mod/event.pp b/manifests/mod/event.pp
index 56c3c2b14f..20464fe051 100644
--- a/manifests/mod/event.pp
+++ b/manifests/mod/event.pp
@@ -47,18 +47,18 @@
 # @see https://httpd.apache.org/docs/current/mod/event.html for additional documentation.
 # @note Unsupported platforms: SLES: all
 class apache::mod::event (
-  Variant[String,Integer,Boolean] $startservers                     = '2',
-  Variant[String,Integer,Boolean] $maxclients                       = '150',
-  Optional[Variant[String,Integer,Boolean]] $maxrequestworkers      = undef,
-  Variant[String,Integer,Boolean] $minsparethreads                  = '25',
-  Variant[String,Integer,Boolean] $maxsparethreads                  = '75',
-  Variant[String,Integer,Boolean] $threadsperchild                  = '25',
-  Variant[String,Integer,Boolean] $maxrequestsperchild              = '0',
-  Optional[Variant[String,Integer,Boolean]] $maxconnectionsperchild = undef,
-  Variant[String,Integer,Boolean] $serverlimit                      = '25',
-  Optional[String] $apache_version                                  = undef,
-  Variant[String,Integer,Boolean]  $threadlimit                     = '64',
-  Variant[String,Integer,Boolean]  $listenbacklog                   = '511',
+  Variant[Integer, Boolean] $startservers                     = 2,
+  Variant[Integer, Boolean] $maxclients                       = 150,
+  Optional[Variant[Integer, Boolean]] $maxrequestworkers      = undef,
+  Variant[Integer, Boolean] $minsparethreads                  = 25,
+  Variant[Integer, Boolean] $maxsparethreads                  = 75,
+  Variant[Integer, Boolean] $threadsperchild                  = 25,
+  Variant[Integer, Boolean] $maxrequestsperchild              = 0,
+  Optional[Variant[Integer, Boolean]] $maxconnectionsperchild = undef,
+  Variant[Integer, Boolean] $serverlimit                      = 25,
+  Optional[String] $apache_version                            = undef,
+  Variant[Integer, Boolean]  $threadlimit                     = 64,
+  Variant[Integer, Boolean]  $listenbacklog                   = 511,
 ) {
   include apache
 
@@ -107,7 +107,7 @@
         }
       }
     }
-    'debian','freebsd' : {
+    'debian', 'freebsd' : {
       apache::mpm { 'event':
         apache_version => $_apache_version,
       }
diff --git a/manifests/mod/geoip.pp b/manifests/mod/geoip.pp
index cacf29af23..42050df5cd 100644
--- a/manifests/mod/geoip.pp
+++ b/manifests/mod/geoip.pp
@@ -28,14 +28,14 @@
 # @see https://dev.maxmind.com/geoip/legacy/mod_geoip2 for additional documentation.
 #
 class apache::mod::geoip (
-  Boolean $enable                               = false,
-  String $db_file                               = '/usr/share/GeoIP/GeoIP.dat',
-  String $flag                                  = 'Standard',
-  String $output                                = 'All',
-  Optional[String] $enable_utf8                 = undef,
-  Optional[String] $scan_proxy_headers          = undef,
-  Optional[String] $scan_proxy_header_field     = undef,
-  Optional[String] $use_last_xforwarededfor_ip  = undef,
+  Boolean $enable                              = false,
+  Stdlib::Absolutepath $db_file                = '/usr/share/GeoIP/GeoIP.dat',
+  String $flag                                 = 'Standard',
+  String $output                               = 'All',
+  Optional[String] $enable_utf8                = undef,
+  Optional[String] $scan_proxy_headers         = undef,
+  Optional[String] $scan_proxy_header_field    = undef,
+  Optional[String] $use_last_xforwarededfor_ip = undef,
 ) {
   include apache
   ::apache::mod { 'geoip': }
diff --git a/manifests/mod/info.pp b/manifests/mod/info.pp
index 487f764276..abb5bb6404 100644
--- a/manifests/mod/info.pp
+++ b/manifests/mod/info.pp
@@ -17,10 +17,10 @@
 # @see https://httpd.apache.org/docs/current/mod/mod_info.html for additional documentation.
 #
 class apache::mod::info (
-  Array[String] $allow_from         = ['127.0.0.1','::1'],
-  Optional[String] $apache_version  = undef,
-  Boolean $restrict_access          = true,
-  String $info_path                 = '/server-info',
+  Array[Stdlib::IP::Address] $allow_from = ['127.0.0.1', '::1'],
+  Optional[String] $apache_version       = undef,
+  Boolean $restrict_access               = true,
+  Stdlib::Unixpath $info_path            = '/server-info',
 ) {
   include apache
   $_apache_version = pick($apache_version, $apache::apache_version)
diff --git a/manifests/mod/itk.pp b/manifests/mod/itk.pp
index eb4285fb00..393e03150d 100644
--- a/manifests/mod/itk.pp
+++ b/manifests/mod/itk.pp
@@ -30,14 +30,14 @@
 # @see http://mpm-itk.sesse.net for additional documentation.
 # @note Unsupported platforms: CentOS: 8; RedHat: 8, 9; SLES: all
 class apache::mod::itk (
-  Variant[String,Integer] $startservers                 = '8',
-  Variant[String,Integer] $minspareservers              = '5',
-  Variant[String,Integer] $maxspareservers              = '20',
-  Variant[String,Integer] $serverlimit                  = '256',
-  Variant[String,Integer] $maxclients                   = '256',
-  Variant[String,Integer] $maxrequestsperchild          = '4000',
-  Optional[Variant[Boolean,String]] $enablecapabilities = undef,
-  Optional[String] $apache_version                      = undef,
+  Integer $startservers                                  = 8,
+  Integer $minspareservers                               = 5,
+  Integer $maxspareservers                               = 20,
+  Integer $serverlimit                                   = 256,
+  Integer $maxclients                                    = 256,
+  Integer $maxrequestsperchild                           = 4000,
+  Optional[Variant[Boolean, String]] $enablecapabilities = undef,
+  Optional[String] $apache_version                       = undef,
 ) {
   include apache
 
diff --git a/manifests/mod/jk.pp b/manifests/mod/jk.pp
index 8f9a596dc1..a169b366f5 100644
--- a/manifests/mod/jk.pp
+++ b/manifests/mod/jk.pp
@@ -180,8 +180,8 @@
 #   Puppet file:
 #   ```
 #   $workers_file_content = {
-#     worker_lists    => ['status', 'some_name,other_name'],
-#     worker_maintain => '60',
+#     worker_lists    => ['status', 'some_name, other_name'],
+#     worker_maintain => 60,
 #     some_name       => {
 #       comment          => 'Optional comment',
 #       type             => 'ajp13',
@@ -271,13 +271,13 @@
 #
 class apache::mod::jk (
   # Binding to mod_jk
-  Optional[String] $ip                          = undef,
-  Integer          $port                        = 80,
+  Optional[Stdlib::IP::Address] $ip             = undef,
+  Stdlib::Port     $port                        = 80,
   Boolean          $add_listen                  = true,
   # Conf file content
   Optional[String] $workers_file                = undef,
   Hash $worker_property                         = {},
-  Optional[String] $logroot                     = undef,
+  Optional[Stdlib::Absolutepath] $logroot       = undef,
   String $shm_file                              = 'jk-runtime-status',
   Optional[String] $shm_size                    = undef,
   Optional[String] $mount_file                  = undef,
diff --git a/manifests/mod/ldap.pp b/manifests/mod/ldap.pp
index 2677c392fe..14dcd7048b 100644
--- a/manifests/mod/ldap.pp
+++ b/manifests/mod/ldap.pp
@@ -39,27 +39,27 @@
 #     ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt',
 #     ldap_trusted_global_cert_type => 'CA_DER',
 #     ldap_trusted_mode             => 'TLS',
-#     ldap_shared_cache_size        => '500000',
-#     ldap_cache_entries            => '1024',
-#     ldap_cache_ttl                => '600',
-#     ldap_opcache_entries          => '1024',
-#     ldap_opcache_ttl              => '600',
+#     ldap_shared_cache_size        => 500000,
+#     ldap_cache_entries            => 1024,
+#     ldap_cache_ttl                => 600,
+#     ldap_opcache_entries          => 1024,
+#     ldap_opcache_ttl              => 600,
 #   }
 #
 # @see https://httpd.apache.org/docs/current/mod/mod_ldap.html for additional documentation.
 # @note Unsupported platforms: CentOS: 8; RedHat: 8, 9
 class apache::mod::ldap (
-  Optional[String] $apache_version                 = undef,
-  Optional[String] $package_name                   = undef,
-  Optional[String] $ldap_trusted_global_cert_file  = undef,
-  String $ldap_trusted_global_cert_type            = 'CA_BASE64',
-  Optional[String] $ldap_shared_cache_size         = undef,
-  Optional[String] $ldap_cache_entries             = undef,
-  Optional[String] $ldap_cache_ttl                 = undef,
-  Optional[String] $ldap_opcache_entries           = undef,
-  Optional[String] $ldap_opcache_ttl               = undef,
-  Optional[String] $ldap_trusted_mode              = undef,
-  String $ldap_path                                = '/ldap-status',
+  Optional[String] $apache_version                = undef,
+  Optional[String] $package_name                  = undef,
+  Optional[String] $ldap_trusted_global_cert_file = undef,
+  String $ldap_trusted_global_cert_type           = 'CA_BASE64',
+  Optional[Integer] $ldap_shared_cache_size       = undef,
+  Optional[Integer] $ldap_cache_entries           = undef,
+  Optional[Integer] $ldap_cache_ttl               = undef,
+  Optional[Integer] $ldap_opcache_entries         = undef,
+  Optional[Integer] $ldap_opcache_ttl             = undef,
+  Optional[String] $ldap_trusted_mode             = undef,
+  String $ldap_path                               = '/ldap-status',
 ) {
   include apache
   $_apache_version = pick($apache_version, $apache::apache_version)
diff --git a/manifests/mod/nss.pp b/manifests/mod/nss.pp
index c7660cd262..028bbeeb96 100644
--- a/manifests/mod/nss.pp
+++ b/manifests/mod/nss.pp
@@ -16,10 +16,10 @@
 # @see https://pagure.io/mod_nss for additional documentation.
 #
 class apache::mod::nss (
-  String $transfer_log          = "${apache::params::logroot}/access.log",
-  String $error_log             = "${apache::params::logroot}/error.log",
-  Optional[String] $passwd_file = undef,
-  Integer $port                 = 8443,
+  Stdlib::Absolutepath $transfer_log = "${apache::params::logroot}/access.log",
+  Stdlib::Absolutepath $error_log    = "${apache::params::logroot}/error.log",
+  Optional[String] $passwd_file      = undef,
+  Stdlib::Port $port                 = 8443,
 ) {
   include apache
   include apache::mod::mime
diff --git a/manifests/mod/pagespeed.pp b/manifests/mod/pagespeed.pp
index 43b6e4153a..117d8fb887 100644
--- a/manifests/mod/pagespeed.pp
+++ b/manifests/mod/pagespeed.pp
@@ -157,41 +157,41 @@
 # @see https://developers.google.com/speed/pagespeed/module/ for additional documentation.
 #
 class apache::mod::pagespeed (
-  String $inherit_vhost_config                  = 'on',
-  Boolean $filter_xhtml                         = false,
-  String $cache_path                            = '/var/cache/mod_pagespeed/',
-  String $log_dir                               = '/var/log/pagespeed',
-  Array $memcache_servers                       = [],
-  String $rewrite_level                         = 'CoreFilters',
-  Array $disable_filters                        = [],
-  Array $enable_filters                         = [],
-  Array $forbid_filters                         = [],
-  Integer $rewrite_deadline_per_flush_ms        = 10,
-  Optional[String] $additional_domains          = undef,
-  Integer $file_cache_size_kb                   = 102400,
-  Integer $file_cache_clean_interval_ms         = 3600000,
-  Integer $lru_cache_per_process                = 1024,
-  Integer $lru_cache_byte_limit                 = 16384,
-  Integer $css_flatten_max_bytes                = 2048,
-  Integer $css_inline_max_bytes                 = 2048,
-  Integer $css_image_inline_max_bytes           = 2048,
-  Integer $image_inline_max_bytes               = 2048,
-  Integer $js_inline_max_bytes                  = 2048,
-  Integer $css_outline_min_bytes                = 3000,
-  Integer $js_outline_min_bytes                 = 3000,
-  Integer $inode_limit                          = 500000,
-  Integer $image_max_rewrites_at_once           = 8,
-  Integer $num_rewrite_threads                  = 4,
-  Integer $num_expensive_rewrite_threads        = 4,
-  String $collect_statistics                    = 'on',
-  String $statistics_logging                    = 'on',
-  Array $allow_view_stats                       = [],
-  Array $allow_pagespeed_console                = [],
-  Array $allow_pagespeed_message                = [],
-  Integer $message_buffer_size                  = 100000,
-  Variant[Array,Hash] $additional_configuration = {},
-  Optional[String] $apache_version              = undef,
-  Optional[String] $package_ensure              = undef,
+  String $inherit_vhost_config                   = 'on',
+  Boolean $filter_xhtml                          = false,
+  Stdlib::Absolutepath $cache_path               = '/var/cache/mod_pagespeed/',
+  Stdlib::Absolutepath $log_dir                  = '/var/log/pagespeed',
+  Array $memcache_servers                        = [],
+  String $rewrite_level                          = 'CoreFilters',
+  Array $disable_filters                         = [],
+  Array $enable_filters                          = [],
+  Array $forbid_filters                          = [],
+  Integer $rewrite_deadline_per_flush_ms         = 10,
+  Optional[String] $additional_domains           = undef,
+  Integer $file_cache_size_kb                    = 102400,
+  Integer $file_cache_clean_interval_ms          = 3600000,
+  Integer $lru_cache_per_process                 = 1024,
+  Integer $lru_cache_byte_limit                  = 16384,
+  Integer $css_flatten_max_bytes                 = 2048,
+  Integer $css_inline_max_bytes                  = 2048,
+  Integer $css_image_inline_max_bytes            = 2048,
+  Integer $image_inline_max_bytes                = 2048,
+  Integer $js_inline_max_bytes                   = 2048,
+  Integer $css_outline_min_bytes                 = 3000,
+  Integer $js_outline_min_bytes                  = 3000,
+  Integer $inode_limit                           = 500000,
+  Integer $image_max_rewrites_at_once            = 8,
+  Integer $num_rewrite_threads                   = 4,
+  Integer $num_expensive_rewrite_threads         = 4,
+  String $collect_statistics                     = 'on',
+  String $statistics_logging                     = 'on',
+  Array $allow_view_stats                        = [],
+  Array $allow_pagespeed_console                 = [],
+  Array $allow_pagespeed_message                 = [],
+  Integer $message_buffer_size                   = 100000,
+  Variant[Array, Hash] $additional_configuration = {},
+  Optional[String] $apache_version               = undef,
+  Optional[String] $package_ensure               = undef,
 ) {
   include apache
   $_apache_version = pick($apache_version, $apache::apache_version)
diff --git a/manifests/mod/passenger.pp b/manifests/mod/passenger.pp
index 9892ac9573..1b0047ed90 100644
--- a/manifests/mod/passenger.pp
+++ b/manifests/mod/passenger.pp
@@ -341,7 +341,7 @@
   Optional[String] $passenger_concurrency_model                                              = undef,
   String $passenger_conf_file                                                                = $apache::params::passenger_conf_file,
   Optional[String] $passenger_conf_package_file                                              = $apache::params::passenger_conf_package_file,
-  Optional[String] $passenger_data_buffer_dir                                                = undef,
+  Optional[Stdlib::Absolutepath] $passenger_data_buffer_dir                                  = undef,
   Optional[String] $passenger_debug_log_file                                                 = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_debugger                               = undef,
   Optional[String] $passenger_default_group                                                  = undef,
@@ -354,7 +354,7 @@
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_error_override                         = undef,
   Optional[String] $passenger_file_descriptor_log_file                                       = undef,
   Optional[String] $passenger_fly_with                                                       = undef,
-  Optional[Variant[Integer,String]] $passenger_force_max_concurrent_requests_per_process     = undef,
+  Optional[Variant[Integer, String]] $passenger_force_max_concurrent_requests_per_process    = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_friendly_error_pages                   = undef,
   Optional[String] $passenger_group                                                          = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_high_performance                       = undef,
@@ -363,41 +363,41 @@
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_load_shell_envvars                     = undef,
   Optional[Boolean] $passenger_preload_bundler                                               = undef,
   Optional[Stdlib::Absolutepath] $passenger_log_file                                         = undef,
-  Optional[Variant[Integer,String]] $passenger_log_level                                     = undef,
-  Optional[Variant[Integer,String]] $passenger_lve_min_uid                                   = undef,
-  Optional[Variant[Integer,String]] $passenger_max_instances                                 = undef,
-  Optional[Variant[Integer,String]] $passenger_max_instances_per_app                         = undef,
-  Optional[Variant[Integer,String]] $passenger_max_pool_size                                 = undef,
-  Optional[Variant[Integer,String]] $passenger_max_preloader_idle_time                       = undef,
-  Optional[Variant[Integer,String]] $passenger_max_request_queue_size                        = undef,
-  Optional[Variant[Integer,String]] $passenger_max_request_time                              = undef,
-  Optional[Variant[Integer,String]] $passenger_max_requests                                  = undef,
-  Optional[Variant[Integer,String]] $passenger_memory_limit                                  = undef,
+  Optional[Integer] $passenger_log_level                                                     = undef,
+  Optional[Integer] $passenger_lve_min_uid                                                   = undef,
+  Optional[Integer] $passenger_max_instances                                                 = undef,
+  Optional[Integer] $passenger_max_instances_per_app                                         = undef,
+  Optional[Integer] $passenger_max_pool_size                                                 = undef,
+  Optional[Integer] $passenger_max_preloader_idle_time                                       = undef,
+  Optional[Integer] $passenger_max_request_queue_size                                        = undef,
+  Optional[Integer] $passenger_max_request_time                                              = undef,
+  Optional[Integer] $passenger_max_requests                                                  = undef,
+  Optional[Integer] $passenger_memory_limit                                                  = undef,
   Optional[String] $passenger_meteor_app_settings                                            = undef,
-  Optional[Variant[Integer,String]] $passenger_min_instances                                 = undef,
+  Optional[Integer] $passenger_min_instances                                                 = undef,
   Optional[String] $passenger_nodejs                                                         = undef,
-  Optional[Variant[Integer,String]] $passenger_pool_idle_time                                = undef,
-  Optional[Variant[String,Array[String]]] $passenger_pre_start                               = undef,
+  Optional[Integer] $passenger_pool_idle_time                                                = undef,
+  Optional[Variant[String, Array[String]]] $passenger_pre_start                              = undef,
   Optional[String] $passenger_python                                                         = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_resist_deployment_errors               = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_resolve_symlinks_in_document_root      = undef,
-  Optional[Variant[Integer,String]] $passenger_response_buffer_high_watermark                = undef,
+  Optional[Variant[Integer, String]] $passenger_response_buffer_high_watermark               = undef,
   Optional[String] $passenger_restart_dir                                                    = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_rolling_restarts                       = undef,
   Optional[String] $passenger_root                                                           = $apache::params::passenger_root,
   Optional[String] $passenger_ruby                                                           = $apache::params::passenger_ruby,
   Optional[String] $passenger_security_update_check_proxy                                    = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_show_version_in_header                 = undef,
-  Optional[Variant[Integer,String]] $passenger_socket_backlog                                = undef,
+  Optional[Variant[Integer, String]] $passenger_socket_backlog                               = undef,
   Optional[String] $passenger_spawn_dir                                                      = undef,
   Optional[Enum['smart', 'direct', 'smart-lv2', 'conservative']] $passenger_spawn_method     = undef,
-  Optional[Variant[Integer,String]] $passenger_start_timeout                                 = undef,
+  Optional[Integer] $passenger_start_timeout                                                 = undef,
   Optional[String] $passenger_startup_file                                                   = undef,
-  Optional[Variant[Integer,String]] $passenger_stat_throttle_rate                            = undef,
+  Optional[Integer] $passenger_stat_throttle_rate                                            = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_sticky_sessions                        = undef,
   Optional[String] $passenger_sticky_sessions_cookie_name                                    = undef,
   Optional[String] $passenger_sticky_sessions_cookie_attributes                              = undef,
-  Optional[Variant[Integer,String]] $passenger_thread_count                                  = undef,
+  Optional[Integer] $passenger_thread_count                                                  = undef,
   Optional[String] $passenger_use_global_queue                                               = undef,
   Optional[String] $passenger_user                                                           = undef,
   Optional[Enum['on', 'off', 'On', 'Off']] $passenger_user_switching                         = undef,
diff --git a/manifests/mod/peruser.pp b/manifests/mod/peruser.pp
index 22e9d0f627..85573e67a0 100644
--- a/manifests/mod/peruser.pp
+++ b/manifests/mod/peruser.pp
@@ -22,14 +22,14 @@
 # @param keepalive
 # 
 class apache::mod::peruser (
-  Variant[Integer,String] $minspareprocessors   = '2',
-  Variant[Integer,String] $minprocessors        = '2',
-  Variant[Integer,String] $maxprocessors        = '10',
-  Variant[Integer,String] $maxclients           = '150',
-  Variant[Integer,String] $maxrequestsperchild  = '1000',
-  Variant[Integer,String] $idletimeout          = '120',
-  Variant[Integer,String] $expiretimeout        = '120',
-  String $keepalive                             = 'Off',
+  Integer $minspareprocessors  = 2,
+  Integer $minprocessors       = 2,
+  Integer $maxprocessors       = 10,
+  Integer $maxclients          = 150,
+  Integer $maxrequestsperchild = 1000,
+  Integer $idletimeout         = 120,
+  Integer $expiretimeout       = 120,
+  Enum['On', 'Off'] $keepalive = 'Off',
 ) {
   include apache
   case $facts['os']['family'] {
diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp
index cb12eab092..844b207094 100644
--- a/manifests/mod/php.pp
+++ b/manifests/mod/php.pp
@@ -26,16 +26,16 @@
 # @param libphp_prefix
 #
 class apache::mod::php (
-  Optional[String] $package_name  = undef,
-  String $package_ensure          = 'present',
-  Optional[String] $path          = undef,
-  Array $extensions               = ['.php'],
-  Optional[String] $content       = undef,
-  String $template                = 'apache/mod/php.conf.erb',
-  Optional[String] $source        = undef,
-  Optional[String] $root_group    = $apache::params::root_group,
-  Optional[String] $php_version   = $apache::params::php_version,
-  String $libphp_prefix           = 'libphp'
+  Optional[String] $package_name = undef,
+  String $package_ensure         = 'present',
+  Optional[String] $path         = undef,
+  Array $extensions              = ['.php'],
+  Optional[String] $content      = undef,
+  String $template               = 'apache/mod/php.conf.erb',
+  Optional[String] $source       = undef,
+  Optional[String] $root_group   = $apache::params::root_group,
+  Optional[String] $php_version  = $apache::params::php_version,
+  String $libphp_prefix          = 'libphp'
 ) inherits apache::params {
   include apache
   if (versioncmp($php_version, '8') < 0) {
diff --git a/manifests/mod/prefork.pp b/manifests/mod/prefork.pp
index bffaf86ba7..f58c7007ef 100644
--- a/manifests/mod/prefork.pp
+++ b/manifests/mod/prefork.pp
@@ -34,16 +34,16 @@
 # @see https://httpd.apache.org/docs/current/mod/prefork.html for additional documentation.
 #
 class apache::mod::prefork (
-  Variant[Integer,String] $startservers                     = '8',
-  Variant[Integer,String] $minspareservers                  = '5',
-  Variant[Integer,String] $maxspareservers                  = '20',
-  Variant[Integer,String] $serverlimit                      = '256',
-  Variant[Integer,String] $maxclients                       = '256',
-  Optional[Variant[Integer,String]] $maxrequestworkers      = undef,
-  Variant[Integer,String] $maxrequestsperchild              = '4000',
-  Optional[Variant[Integer,String]] $maxconnectionsperchild = undef,
-  Optional[String] $apache_version                          = undef,
-  Variant[String,Integer] $listenbacklog                    = '511'
+  Integer $startservers                     = 8,
+  Integer $minspareservers                  = 5,
+  Integer $maxspareservers                  = 20,
+  Integer $serverlimit                      = 256,
+  Integer $maxclients                       = 256,
+  Optional[Integer] $maxrequestworkers      = undef,
+  Integer $maxrequestsperchild              = 4000,
+  Optional[Integer] $maxconnectionsperchild = undef,
+  Optional[String] $apache_version          = undef,
+  Integer $listenbacklog                    = 511
 ) {
   include apache
   $_apache_version = pick($apache_version, $apache::apache_version)
diff --git a/manifests/mod/proxy_balancer.pp b/manifests/mod/proxy_balancer.pp
index 1616f69d84..de7947a4fc 100644
--- a/manifests/mod/proxy_balancer.pp
+++ b/manifests/mod/proxy_balancer.pp
@@ -16,10 +16,10 @@
 # @see https://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html for additional documentation.
 #
 class apache::mod::proxy_balancer (
-  Boolean $manager                   = false,
-  Stdlib::Absolutepath $manager_path = '/balancer-manager',
-  Array $allow_from                  = ['127.0.0.1','::1'],
-  Optional[String] $apache_version   = $apache::apache_version,
+  Boolean $manager                       = false,
+  Stdlib::Unixpath $manager_path         = '/balancer-manager',
+  Array[Stdlib::IP::Address] $allow_from = ['127.0.0.1', '::1'],
+  Optional[String] $apache_version       = $apache::apache_version,
 ) {
   require apache::mod::proxy
   require apache::mod::proxy_http
diff --git a/manifests/mod/reqtimeout.pp b/manifests/mod/reqtimeout.pp
index fc64cfbfc8..3e303b67e3 100644
--- a/manifests/mod/reqtimeout.pp
+++ b/manifests/mod/reqtimeout.pp
@@ -7,7 +7,7 @@
 # @see https://httpd.apache.org/docs/current/mod/mod_reqtimeout.html for additional documentation.
 #
 class apache::mod::reqtimeout (
-  Variant[Array[String],String] $timeouts = ['header=20-40,minrate=500', 'body=10,minrate=500']
+  Variant[Array[String], String] $timeouts = ['header=20-40,minrate=500', 'body=10,minrate=500']
 ) {
   include apache
   ::apache::mod { 'reqtimeout': }
diff --git a/manifests/mod/rpaf.pp b/manifests/mod/rpaf.pp
index 7fa97b132b..8cc8717d91 100644
--- a/manifests/mod/rpaf.pp
+++ b/manifests/mod/rpaf.pp
@@ -16,8 +16,8 @@
 # @see https://github.com/gnif/mod_rpaf for additional documentation.
 #
 class apache::mod::rpaf (
-  Variant[Boolean,String] $sethostname  = true,
-  Array[String] $proxy_ips              = ['127.0.0.1'],
+  Variant[Boolean, String] $sethostname = true,
+  Array[Stdlib::IP::Address] $proxy_ips = ['127.0.0.1'],
   String $header                        = 'X-Forwarded-For',
   String $template                      = 'apache/mod/rpaf.conf.erb'
 ) {
diff --git a/manifests/mod/security.pp b/manifests/mod/security.pp
index da78ddc120..f1bcdbcd71 100644
--- a/manifests/mod/security.pp
+++ b/manifests/mod/security.pp
@@ -94,18 +94,18 @@
 # @see https://github.com/SpiderLabs/ModSecurity/wiki for additional documentation.
 #
 class apache::mod::security (
-  String $logroot                                       = $apache::params::logroot,
+  Stdlib::Absolutepath $logroot                         = $apache::params::logroot,
   Integer $version                                      = $apache::params::modsec_version,
   Optional[String] $crs_package                         = $apache::params::modsec_crs_package,
   Array[String] $activated_rules                        = $apache::params::modsec_default_rules,
   Boolean $custom_rules                                 = $apache::params::modsec_custom_rules,
   Optional[Array[String]] $custom_rules_set             = $apache::params::modsec_custom_rules_set,
-  String $modsec_dir                                    = $apache::params::modsec_dir,
+  Stdlib::Absolutepath $modsec_dir                      = $apache::params::modsec_dir,
   String $modsec_secruleengine                          = $apache::params::modsec_secruleengine,
   String $audit_log_relevant_status                     = '^(?:5|4(?!04))',
   String $audit_log_parts                               = $apache::params::modsec_audit_log_parts,
   String $audit_log_type                                = $apache::params::modsec_audit_log_type,
-  Optional[String] $audit_log_storage_dir               = undef,
+  Optional[Stdlib::Absolutepath] $audit_log_storage_dir = undef,
   Integer $secpcrematchlimit                            = $apache::params::secpcrematchlimit,
   Integer $secpcrematchlimitrecursion                   = $apache::params::secpcrematchlimitrecursion,
   String $allowed_methods                               = 'GET HEAD POST OPTIONS',
@@ -113,16 +113,16 @@
   String $restricted_extensions                         = '.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/',
   String $restricted_headers                            = '/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/',
   String $secdefaultaction                              = 'deny',
-  Variant[String,Integer] $inbound_anomaly_threshold    = '5',
-  Variant[String,Integer] $outbound_anomaly_threshold   = '4',
-  Variant[String,Integer] $critical_anomaly_score       = '5',
-  Variant[String,Integer] $error_anomaly_score          = '4',
-  Variant[String,Integer] $warning_anomaly_score        = '3',
-  Variant[String,Integer] $notice_anomaly_score         = '2',
-  Variant[String,Integer] $secrequestmaxnumargs         = '255',
-  Variant[String,Integer] $secrequestbodylimit          = '13107200',
-  Variant[String,Integer] $secrequestbodynofileslimit   = '131072',
-  Variant[String,Integer] $secrequestbodyinmemorylimit  = '131072',
+  Integer $inbound_anomaly_threshold                    = 5,
+  Integer $outbound_anomaly_threshold                   = 4,
+  Integer $critical_anomaly_score                       = 5,
+  Integer $error_anomaly_score                          = 4,
+  Integer $warning_anomaly_score                        = 3,
+  Integer $notice_anomaly_score                         = 2,
+  Integer $secrequestmaxnumargs                         = 255,
+  Integer $secrequestbodylimit                          = 13107200,
+  Integer $secrequestbodynofileslimit                   = 131072,
+  Integer $secrequestbodyinmemorylimit                  = 131072,
   Boolean $manage_security_crs                          = true,
 ) inherits apache::params {
   include apache
diff --git a/manifests/mod/shib.pp b/manifests/mod/shib.pp
index ea94344a87..1bcbe327c4 100644
--- a/manifests/mod/shib.pp
+++ b/manifests/mod/shib.pp
@@ -24,10 +24,10 @@
 # @see https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig for additional documentation.
 # @note Unsupported platforms: RedHat: all; CentOS: all; Scientific: all; SLES: all; Debian: 7, 8; Ubuntu: all; OracleLinux: all
 class apache::mod::shib (
-  Boolean $suppress_warning       = false,
-  Optional[String] $mod_full_path = undef,
-  Optional[String] $package_name  = undef,
-  Optional[String] $mod_lib       = undef,
+  Boolean $suppress_warning                     = false,
+  Optional[Stdlib::Absolutepath] $mod_full_path = undef,
+  Optional[String] $package_name                = undef,
+  Optional[String] $mod_lib                     = undef,
 ) {
   include apache
   if $facts['os']['family'] == 'RedHat' and ! $suppress_warning {
diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp
index 27d8bac601..c91fb3fb33 100644
--- a/manifests/mod/ssl.pp
+++ b/manifests/mod/ssl.pp
@@ -92,17 +92,17 @@
   String $ssl_cryptodevice                                  = 'builtin',
   Array[String] $ssl_options                                = ['StdEnvVars'],
   Optional[String] $ssl_openssl_conf_cmd                    = undef,
-  Optional[String] $ssl_cert                                = undef,
-  Optional[String] $ssl_key                                 = undef,
-  Optional[String] $ssl_ca                                  = undef,
+  Optional[Stdlib::Absolutepath] $ssl_cert                  = undef,
+  Optional[Stdlib::Absolutepath] $ssl_key                   = undef,
+  Optional[Stdlib::Absolutepath] $ssl_ca                    = undef,
   String $ssl_cipher                                        = 'HIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DES',
   Variant[Boolean, Enum['on', 'off']] $ssl_honorcipherorder = true,
   Array[String] $ssl_protocol                               = $apache::params::ssl_protocol,
   Array $ssl_proxy_protocol                                 = [],
   String $ssl_pass_phrase_dialog                            = 'builtin',
-  Variant[Integer,String] $ssl_random_seed_bytes            = '512',
+  Integer $ssl_random_seed_bytes                            = 512,
   String $ssl_sessioncache                                  = $apache::params::ssl_sessioncache,
-  Variant[Integer,String] $ssl_sessioncachetimeout          = '300',
+  Integer $ssl_sessioncachetimeout                          = 300,
   Boolean $ssl_stapling                                     = false,
   Optional[String] $stapling_cache                          = undef,
   Optional[Boolean] $ssl_stapling_return_errors             = undef,
diff --git a/manifests/mod/status.pp b/manifests/mod/status.pp
index 4cd4c144a4..d9c741c23e 100644
--- a/manifests/mod/status.pp
+++ b/manifests/mod/status.pp
@@ -50,7 +50,7 @@
   ::apache::mod { 'status': }
 
   # Defaults for "Allow from" or "Require" directives
-  $allow_defaults = ['127.0.0.1','::1']
+  $allow_defaults = ['127.0.0.1', '::1']
   $requires_defaults = 'ip 127.0.0.1 ::1'
 
   # Template uses $allow_from, $extended_status, $_apache_version, $status_path
diff --git a/manifests/mod/worker.pp b/manifests/mod/worker.pp
index 898c184d15..2b1ca24fe4 100644
--- a/manifests/mod/worker.pp
+++ b/manifests/mod/worker.pp
@@ -43,16 +43,16 @@
 # @see https://httpd.apache.org/docs/current/mod/worker.html for additional documentation.
 #
 class apache::mod::worker (
-  Variant[Integer,String] $startservers        = '2',
-  Variant[Integer,String] $maxclients          = '150',
-  Variant[Integer,String] $minsparethreads     = '25',
-  Variant[Integer,String] $maxsparethreads     = '75',
-  Variant[Integer,String] $threadsperchild     = '25',
-  Variant[Integer,String] $maxrequestsperchild = '0',
-  Variant[Integer,String] $serverlimit         = '25',
-  Variant[Integer,String] $threadlimit         = '64',
-  Variant[Integer,String] $listenbacklog       = '511',
-  Optional[String] $apache_version             = undef,
+  Integer $startservers            = 2,
+  Integer $maxclients              = 150,
+  Integer $minsparethreads         = 25,
+  Integer $maxsparethreads         = 75,
+  Integer $threadsperchild         = 25,
+  Integer $maxrequestsperchild     = 0,
+  Integer $serverlimit             = 25,
+  Integer $threadlimit             = 64,
+  Integer $listenbacklog           = 511,
+  Optional[String] $apache_version = undef,
 ) {
   include apache
   $_apache_version = pick($apache_version, $apache::apache_version)
diff --git a/manifests/mod/wsgi.pp b/manifests/mod/wsgi.pp
index d582702273..404df2381a 100644
--- a/manifests/mod/wsgi.pp
+++ b/manifests/mod/wsgi.pp
@@ -28,14 +28,14 @@
 # @see https://github.com/GrahamDumpleton/mod_wsgi for additional documentation.
 # @note Unsupported platforms: SLES: all; RedHat: all; CentOS: all; OracleLinux: all; Scientific: all
 class apache::mod::wsgi (
-  Optional[String] $wsgi_restrict_embedded                = undef,
-  Optional[String] $wsgi_socket_prefix                    = $apache::params::wsgi_socket_prefix,
-  Optional[String] $wsgi_python_path                      = undef,
-  Optional[String] $wsgi_python_home                      = undef,
-  Optional[Variant[Integer,String]] $wsgi_python_optimize = undef,
-  Optional[String] $wsgi_application_group                = undef,
-  Optional[String] $package_name                          = undef,
-  Optional[String] $mod_path                              = undef,
+  Optional[String] $wsgi_restrict_embedded         = undef,
+  Optional[String] $wsgi_socket_prefix             = $apache::params::wsgi_socket_prefix,
+  Optional[Stdlib::Absolutepath] $wsgi_python_path = undef,
+  Optional[Stdlib::Absolutepath] $wsgi_python_home = undef,
+  Optional[Integer] $wsgi_python_optimize          = undef,
+  Optional[String] $wsgi_application_group         = undef,
+  Optional[String] $package_name                   = undef,
+  Optional[String] $mod_path                       = undef,
 ) inherits apache::params {
   include apache
   if ($package_name != undef and $mod_path == undef) or ($package_name == undef and $mod_path != undef) {
diff --git a/manifests/mpm.pp b/manifests/mpm.pp
index 8d76fa796a..eb802889d9 100644
--- a/manifests/mpm.pp
+++ b/manifests/mpm.pp
@@ -2,8 +2,8 @@
 #
 # @api private
 define apache::mpm (
-  String $lib_path                  = $apache::lib_path,
-  Optional[String] $apache_version  = $apache::apache_version,
+  String $lib_path                 = $apache::lib_path,
+  Optional[String] $apache_version = $apache::apache_version,
 ) {
   if ! defined(Class['apache']) {
     fail('You must include the apache base class before using any apache defined resources')
diff --git a/manifests/mpm/disable_mpm_event.pp b/manifests/mpm/disable_mpm_event.pp
index 8c47576a79..7aee630507 100644
--- a/manifests/mpm/disable_mpm_event.pp
+++ b/manifests/mpm/disable_mpm_event.pp
@@ -1,3 +1,4 @@
+# @summary disable Apache-Module event
 class apache::mpm::disable_mpm_event {
   exec { '/usr/sbin/a2dismod event':
     onlyif  => "/usr/bin/test -e ${apache::mod_enable_dir}/event.load",
diff --git a/manifests/mpm/disable_mpm_prefork.pp b/manifests/mpm/disable_mpm_prefork.pp
index ea67edbdb5..9653b831cc 100644
--- a/manifests/mpm/disable_mpm_prefork.pp
+++ b/manifests/mpm/disable_mpm_prefork.pp
@@ -1,3 +1,4 @@
+# @summary disable Apache-Module prefork
 class apache::mpm::disable_mpm_prefork {
   exec { '/usr/sbin/a2dismod prefork':
     onlyif  => "/usr/bin/test -e ${apache::mod_enable_dir}/prefork.load",
diff --git a/manifests/mpm/disable_mpm_worker.pp b/manifests/mpm/disable_mpm_worker.pp
index 4156d8438b..6b7411d1de 100644
--- a/manifests/mpm/disable_mpm_worker.pp
+++ b/manifests/mpm/disable_mpm_worker.pp
@@ -1,3 +1,4 @@
+# @summary disable Apache-Module worker
 class apache::mpm::disable_mpm_worker {
   exec { '/usr/sbin/a2dismod worker':
     onlyif  => "/usr/bin/test -e ${apache::mod_enable_dir}/worker.load",
diff --git a/manifests/peruser/multiplexer.pp b/manifests/peruser/multiplexer.pp
index b8b271e306..c09189de13 100644
--- a/manifests/peruser/multiplexer.pp
+++ b/manifests/peruser/multiplexer.pp
@@ -5,9 +5,9 @@
 #
 # @api private
 define apache::peruser::multiplexer (
-  String $user            = $apache::user,
-  String $group           = $apache::group,
-  Optional[String] $file  = undef,
+  String $user           = $apache::user,
+  String $group          = $apache::group,
+  Optional[String] $file = undef,
 ) {
   if ! $file {
     $filename = "${name}.conf"
diff --git a/manifests/security/rule_link.pp b/manifests/security/rule_link.pp
index a3f70b1095..59cd8dee8f 100644
--- a/manifests/security/rule_link.pp
+++ b/manifests/security/rule_link.pp
@@ -2,7 +2,7 @@
 #   Links the activated_rules from `apache::mod::security` to the respective CRS rules on disk.
 #
 # @api private
-define apache::security::rule_link () {
+define apache::security::rule_link {
   $parts = split($title, '/')
   $filename = $parts[-1]
 
diff --git a/manifests/service.pp b/manifests/service.pp
index 6e5ce53d9f..914b45ba9c 100644
--- a/manifests/service.pp
+++ b/manifests/service.pp
@@ -3,11 +3,11 @@
 #
 # @api private
 class apache::service (
-  String $service_name                    = $apache::params::service_name,
-  Boolean $service_enable                 = true,
-  Variant[Boolean,String] $service_ensure = 'running',
-  Boolean $service_manage                 = true,
-  Optional[String] $service_restart       = undef
+  String $service_name                     = $apache::params::service_name,
+  Boolean $service_enable                  = true,
+  Variant[Boolean, String] $service_ensure = 'running',
+  Boolean $service_manage                  = true,
+  Optional[String] $service_restart        = undef
 ) {
   # The base class must be included first because parameter defaults depend on it
   if ! defined(Class['apache::params']) {
diff --git a/manifests/vhost.pp b/manifests/vhost.pp
index 9b8ddbeb5f..58d8fb9799 100644
--- a/manifests/vhost.pp
+++ b/manifests/vhost.pp
@@ -31,8 +31,8 @@
 #   Apache's version number as a string, such as '2.2' or '2.4'.
 #
 # @param access_log
-#   Determines whether to configure `*_access.log` directives (`*_file`,`*_pipe`, or `*_syslog`).
-#
+#   Determines whether to configure `*_access.log` directives (`*_file`, `*_pipe`, or `*_syslog`).
+# 
 # @param access_log_env_var
 #   Specifies that only requests with particular environment variables be logged.
 #
@@ -590,7 +590,7 @@
 #   ``` puppet
 #   apache::vhost { 'site.name.fdqn':
 #     ...
-#     options => ['Indexes','FollowSymLinks','MultiViews'],
+#     options => ['Indexes', 'FollowSymLinks', 'MultiViews'],
 #   }
 #   ```
 #   > **Note**: If you use the `directories` parameter of `apache::vhost`, 'Options', 
@@ -846,7 +846,7 @@
 #   passing a higher priority causes the alphabetically first name-based virtual host to be 
 #   used if no other names match.<br />
 #   > **Note:** You should not need to use this parameter. However, if you do use it, be 
-#   aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'.<br />
+#   aware that the `default_vhost` parameter for `apache::vhost` passes a priority of 15.<br />
 #   To omit the priority prefix in file names, pass a priority of `false`.
 #
 # @param protocols
@@ -873,11 +873,11 @@
 #       { 'path' => '/l', 'url' => 'http://backend-xy',
 #         'reverse_urls' => ['http://backend-x', 'http://backend-y'] },
 #       { 'path' => '/d', 'url' => 'http://backend-a/d',
-#         'params' => { 'retry' => '0', 'timeout' => '5' }, },
+#         'params' => { 'retry' => 0, 'timeout' => 5 }, },
 #       { 'path' => '/e', 'url' => 'http://backend-a/e',
 #         'keywords' => ['nocanon', 'interpolate'] },
 #       { 'path' => '/f', 'url' => 'http://backend-f/',
-#         'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1']},
+#         'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1']},
 #       { 'path' => '/g', 'url' => 'http://backend-g/',
 #         'reverse_cookies' => [{'path' => '/g', 'url' => 'http://backend-g/',}, {'domain' => 'http://backend-g', 'url' => 'http:://backend-g',},], },
 #       { 'path' => '/h', 'url' => 'http://backend-h/h',
@@ -915,8 +915,8 @@
 #   ``` puppet
 #   apache::vhost { 'site.name.fdqn':
 #     ...
-#     redirect_source => ['/images','/downloads'],
-#     redirect_dest   => ['http://img.example.com/','http://downloads.example.com/'],
+#     redirect_source => ['/images', '/downloads'],
+#     redirect_dest   => ['http://img.example.com/', 'http://downloads.example.com/'],
 #   }
 #   ```
 #
@@ -925,7 +925,7 @@
 #   ``` puppet
 #     apache::vhost { 'site.name.fdqn':
 #     ...
-#     redirect_status => ['temp','permanent'],
+#     redirect_status => ['temp', 'permanent'],
 #   }
 #   ```
 #
@@ -936,9 +936,9 @@
 #   ``` puppet
 #   apache::vhost { 'site.name.fdqn':
 #     ...
-#     redirectmatch_status => ['404','404'],
-#     redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
-#     redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
+#     redirectmatch_status => ['404', '404'],
+#     redirectmatch_regexp => ['\.git(/.*|$)/', '\.svn(/.*|$)'],
+#     redirectmatch_dest => ['http://www.example.com/$1', 'http://www.example.com/$2'],
 #   }
 #   ```
 #
@@ -949,9 +949,9 @@
 #   ``` puppet
 #   apache::vhost { 'site.name.fdqn':
 #     ...
-#     redirectmatch_status => ['404','404'],
-#     redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
-#     redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
+#     redirectmatch_status => ['404', '404'],
+#     redirectmatch_regexp => ['\.git(/.*|$)/', '\.svn(/.*|$)'],
+#     redirectmatch_dest => ['http://www.example.com/$1', 'http://www.example.com/$2'],
 #   }
 #   ```
 #
@@ -962,9 +962,9 @@
 #   ``` puppet
 #   apache::vhost { 'site.name.fdqn':
 #     ...
-#     redirectmatch_status => ['404','404'],
-#     redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'],
-#     redirectmatch_dest => ['http://www.example.com/$1','http://www.example.com/$2'],
+#     redirectmatch_status => ['404', '404'],
+#     redirectmatch_regexp => ['\.git(/.*|$)/', '\.svn(/.*|$)'],
+#     redirectmatch_dest => ['http://www.example.com/$1', 'http://www.example.com/$2'],
 #   }
 #   ```
 #
@@ -1168,7 +1168,7 @@
 #   ``` puppet
 #   apache::vhost { 'subdomain.loc':
 #     vhost_name      => '*',
-#     port            => '80',
+#     port            => 80,
 #     virtual_docroot => '/var/www/%-2+',
 #     docroot         => '/var/www',
 #     serveraliases   => ['*.loc',],
@@ -1181,7 +1181,7 @@
 #   ``` puppet
 #   apache::vhost { 'subdomain.loc':
 #     vhost_name                  => '*',
-#     port                        => '80',
+#     port                        => 80,
 #     virtual_docroot             => '/var/www/%-2+',
 #     docroot                     => '/var/www',
 #     virtual_use_default_docroot => true,
@@ -1198,12 +1198,12 @@
 #   An example virtual host configuration with WSGI:
 #   ``` puppet
 #   apache::vhost { 'wsgi.example.com':
-#     port                        => '80',
+#     port                        => 80,
 #     docroot                     => '/var/www/pythonapp',
 #     wsgi_daemon_process         => 'wsgi',
 #     wsgi_daemon_process_options =>
-#       { processes    => '2',
-#         threads      => '15',
+#       { processes    => 2,
+#         threads      => 15,
 #         display-name => '%{GROUP}',
 #       },
 #     wsgi_process_group          => 'wsgi',
@@ -1407,7 +1407,10 @@
 #   }
 #   ```
 #
+# TODO: check, if this Documentation is obsolete
+# lint:ignore:parameter_documentation
 # @param gssapi
+# lint:endignore
 #   Specfies mod_auth_gssapi parameters for particular directories in a virtual host directory
 #   ```puppet
 #   apache::vhost { 'sample.example.net':
@@ -1688,72 +1691,77 @@
 #   Instances of apache::mod::userdir
 #
 define apache::vhost (
-  Variant[Boolean,String] $docroot,
+  Variant[Stdlib::Absolutepath, Boolean] $docroot,
   Boolean $manage_docroot                                                             = true,
-  Variant[Boolean,String] $virtual_docroot                                            = false,
+  Variant[Stdlib::Absolutepath, Boolean] $virtual_docroot                             = false,
   Boolean $virtual_use_default_docroot                                                = false,
-  Optional[Variant[Array[Integer],Array[String],Integer,String]] $port                = undef,
-  Optional[Variant[Array[String],String]] $ip                                         = undef,
+  Optional[Variant[Array[Stdlib::Port], Stdlib::Port]] $port                          = undef,
+  Optional[
+    Variant[
+      Array[Variant[Stdlib::IP::Address, Enum['*']]],
+      Variant[Stdlib::IP::Address, Enum['*']]
+    ]
+  ] $ip                                                                               = undef,
   Boolean $ip_based                                                                   = false,
   Boolean $add_listen                                                                 = true,
   String $docroot_owner                                                               = 'root',
   String $docroot_group                                                               = $apache::params::root_group,
-  Optional[Variant[Integer,String]] $docroot_mode                                     = undef,
+  Optional[Stdlib::Filemode] $docroot_mode                                            = undef,
   Array[Enum['h2', 'h2c', 'http/1.1']] $protocols                                     = [],
   Optional[Boolean] $protocols_honor_order                                            = undef,
   Optional[String] $serveradmin                                                       = undef,
   Boolean $ssl                                                                        = false,
-  Optional[String] $ssl_cert                                                          = $apache::default_ssl_cert,
-  Optional[String] $ssl_key                                                           = $apache::default_ssl_key,
-  Optional[String] $ssl_chain                                                         = $apache::default_ssl_chain,
-  Optional[String] $ssl_ca                                                            = $apache::default_ssl_ca,
-  Optional[String] $ssl_crl_path                                                      = $apache::default_ssl_crl_path,
-  Optional[String] $ssl_crl                                                           = $apache::default_ssl_crl,
+  Optional[Stdlib::Absolutepath] $ssl_cert                                            = $apache::default_ssl_cert,
+  Optional[Stdlib::Absolutepath] $ssl_key                                             = $apache::default_ssl_key,
+  Optional[Stdlib::Absolutepath] $ssl_chain                                           = $apache::default_ssl_chain,
+  Optional[Stdlib::Absolutepath] $ssl_ca                                              = $apache::default_ssl_ca,
+  Optional[Stdlib::Absolutepath] $ssl_crl_path                                        = $apache::default_ssl_crl_path,
+  Optional[Stdlib::Absolutepath] $ssl_crl                                             = $apache::default_ssl_crl,
   Optional[String] $ssl_crl_check                                                     = $apache::default_ssl_crl_check,
-  Optional[String] $ssl_certs_dir                                                     = $apache::params::ssl_certs_dir,
+  Optional[Stdlib::Absolutepath] $ssl_certs_dir                                       = $apache::params::ssl_certs_dir,
   Boolean $ssl_reload_on_change                                                       = $apache::default_ssl_reload_on_change,
-  Optional[Variant[Array[String],String]] $ssl_protocol                               = undef,
-  Optional[Variant[Array[String],String]] $ssl_cipher                                 = undef,
+  Optional[Variant[Array[String], String]] $ssl_protocol                              = undef,
+  Optional[Variant[Array[String], String]] $ssl_cipher                                = undef,
   Variant[Boolean, Enum['on', 'On', 'off', 'Off'], Undef] $ssl_honorcipherorder       = undef,
   Optional[Enum['none', 'optional', 'require', 'optional_no_ca']] $ssl_verify_client  = undef,
-  Optional[Variant[Integer,String]] $ssl_verify_depth                                 = undef,
+  Optional[Integer] $ssl_verify_depth                                                 = undef,
   Optional[Enum['none', 'optional', 'require', 'optional_no_ca']] $ssl_proxy_verify   = undef,
   Optional[Integer[0]] $ssl_proxy_verify_depth                                        = undef,
-  Optional[String] $ssl_proxy_ca_cert                                                 = undef,
+  Optional[Stdlib::Absolutepath] $ssl_proxy_ca_cert                                   = undef,
   Optional[Enum['on', 'off']] $ssl_proxy_check_peer_cn                                = undef,
   Optional[Enum['on', 'off']] $ssl_proxy_check_peer_name                              = undef,
   Optional[Enum['on', 'off']] $ssl_proxy_check_peer_expire                            = undef,
-  Optional[String] $ssl_proxy_machine_cert                                            = undef,
-  Optional[String] $ssl_proxy_machine_cert_chain                                      = undef,
+  Optional[Stdlib::Absolutepath] $ssl_proxy_machine_cert                              = undef,
+  Optional[Stdlib::Absolutepath] $ssl_proxy_machine_cert_chain                        = undef,
   Optional[String] $ssl_proxy_cipher_suite                                            = undef,
   Optional[String] $ssl_proxy_protocol                                                = undef,
-  Optional[Variant[Array[String],String]] $ssl_options                                = undef,
+  Optional[Variant[Array[String], String]] $ssl_options                               = undef,
   Optional[String] $ssl_openssl_conf_cmd                                              = undef,
   Boolean $ssl_proxyengine                                                            = false,
   Optional[Boolean] $ssl_stapling                                                     = undef,
-  Optional[Variant[Integer,String]] $ssl_stapling_timeout                             = undef,
+  Optional[Integer] $ssl_stapling_timeout                                             = undef,
   Optional[Enum['on', 'off']] $ssl_stapling_return_errors                             = undef,
   Optional[String] $ssl_user_name                                                     = undef,
-  Optional[Variant[Integer,String,Boolean]] $priority                                 = undef,
+  Optional[Variant[Integer, Boolean]] $priority                                       = undef,
   Boolean $default_vhost                                                              = false,
   Optional[String] $servername                                                        = $name,
-  Variant[Array[String],String] $serveraliases                                        = [],
-  Array[String] $options                                                              = ['Indexes','FollowSymLinks','MultiViews'],
+  Variant[Array[String], String] $serveraliases                                       = [],
+  Array[String] $options                                                              = ['Indexes', 'FollowSymLinks', 'MultiViews'],
   Array[String] $override                                                             = ['None'],
   Optional[String] $directoryindex                                                    = undef,
   String $vhost_name                                                                  = '*',
-  String $logroot                                                                     = $apache::logroot,
+  Stdlib::Absolutepath $logroot                                                       = $apache::logroot,
   Enum['directory', 'absent'] $logroot_ensure                                         = 'directory',
-  Optional[String] $logroot_mode                                                      = undef,
+  Optional[Stdlib::Filemode] $logroot_mode                                            = undef,
   Optional[String] $logroot_owner                                                     = undef,
   Optional[String] $logroot_group                                                     = undef,
   Optional[Apache::LogLevel] $log_level                                               = undef,
   Boolean $access_log                                                                 = true,
-  Variant[Boolean,String] $access_log_file                                            = false,
-  Variant[Boolean,String] $access_log_pipe                                            = false,
-  Variant[Boolean,String] $access_log_syslog                                          = false,
-  Variant[Boolean,String] $access_log_format                                          = false,
-  Variant[Boolean,String] $access_log_env_var                                         = false,
+  Optional[String[1]] $access_log_file                                                = undef,
+  Optional[String[1]] $access_log_pipe                                                = undef,
+  Optional[Variant[String, Boolean]] $access_log_syslog                               = undef,
+  Optional[String[1]] $access_log_format                                              = undef,
+  Optional[Variant[Boolean, String]] $access_log_env_var                              = undef,
   Optional[Array[Hash]] $access_logs                                                  = undef,
   Boolean $use_servername_for_filenames                                               = false,
   Boolean $use_port_for_filenames                                                     = false,
@@ -1762,7 +1770,7 @@
   Boolean $error_log                                                                  = true,
   Optional[String] $error_log_file                                                    = undef,
   Optional[String] $error_log_pipe                                                    = undef,
-  Optional[Variant[String,Boolean]] $error_log_syslog                                 = undef,
+  Optional[Variant[String, Boolean]] $error_log_syslog                                = undef,
   Optional[
     Array[
       Variant[
@@ -1770,12 +1778,12 @@
         Hash[String, Enum['connection', 'request']]
       ]
     ]
-  ]       $error_log_format                                                           = undef,
+  ] $error_log_format                                                                 = undef,
   Optional[Pattern[/^((Strict|Unsafe)?\s*(\b(Registered|Lenient)Methods)?\s*(\b(Allow0\.9|Require1\.0))?)$/]] $http_protocol_options = undef,
-  Optional[Variant[String,Boolean]] $modsec_audit_log                                 = undef,
+  Optional[Variant[String, Boolean]] $modsec_audit_log                                = undef,
   Optional[String] $modsec_audit_log_file                                             = undef,
   Optional[String] $modsec_audit_log_pipe                                             = undef,
-  Variant[Array[Hash],String] $error_documents                                        = [],
+  Variant[Array[Hash], String] $error_documents                                       = [],
   Optional[Variant[Stdlib::Absolutepath, Enum['disabled']]] $fallbackresource         = undef,
   Optional[String] $scriptalias                                                       = undef,
   Array[Hash] $scriptaliases                                                          = [],
@@ -1786,39 +1794,39 @@
   Optional[String] $proxy_dest                                                        = undef,
   Optional[String] $proxy_dest_match                                                  = undef,
   Optional[String] $proxy_dest_reverse_match                                          = undef,
-  Optional[Variant[Array[Hash],Hash]] $proxy_pass                                     = undef,
-  Optional[Variant[Array[Hash],Hash]] $proxy_pass_match                               = undef,
+  Optional[Variant[Array[Hash], Hash]] $proxy_pass                                    = undef,
+  Optional[Variant[Array[Hash], Hash]] $proxy_pass_match                              = undef,
   Boolean $proxy_requests                                                             = false,
   Hash $php_flags                                                                     = {},
   Hash $php_values                                                                    = {},
-  Variant[Array[String],Hash] $php_admin_flags                                        = {},
-  Variant[Array[String],Hash] $php_admin_values                                       = {},
-  Variant[Array[String],String] $no_proxy_uris                                        = [],
-  Variant[Array[String],String] $no_proxy_uris_match                                  = [],
+  Variant[Array[String], Hash] $php_admin_flags                                       = {},
+  Variant[Array[String], Hash] $php_admin_values                                      = {},
+  Variant[Array[String], String] $no_proxy_uris                                       = [],
+  Variant[Array[String], String] $no_proxy_uris_match                                 = [],
   Boolean $proxy_preserve_host                                                        = false,
-  Optional[Variant[String,Boolean]] $proxy_add_headers                                = undef,
+  Optional[Variant[String, Boolean]] $proxy_add_headers                               = undef,
   Boolean $proxy_error_override                                                       = false,
-  Variant[String,Array[String]] $redirect_source                                      = '/',
-  Optional[Variant[Array[String],String]] $redirect_dest                              = undef,
-  Optional[Variant[Array[String],String]] $redirect_status                            = undef,
-  Optional[Variant[Array[String],String]] $redirectmatch_status                       = undef,
-  Optional[Variant[Array[String],String]] $redirectmatch_regexp                       = undef,
-  Optional[Variant[Array[String],String]] $redirectmatch_dest                         = undef,
+  Variant[String, Array[String]] $redirect_source                                     = '/',
+  Optional[Variant[Array[String], String]] $redirect_dest                             = undef,
+  Optional[Variant[Array[String], String]] $redirect_status                           = undef,
+  Optional[Variant[Array[String], String]] $redirectmatch_status                      = undef,
+  Optional[Variant[Array[String], String]] $redirectmatch_regexp                      = undef,
+  Optional[Variant[Array[String], String]] $redirectmatch_dest                        = undef,
   Array[String[1]] $headers                                                           = [],
   Array[String[1]] $request_headers                                                   = [],
   Array[String[1]] $filters                                                           = [],
   Array[Hash] $rewrites                                                               = [],
   Optional[String[1]] $rewrite_base                                                   = undef,
-  Optional[String[1]] $rewrite_rule                                                   = undef,
+  Optional[Variant[Array[String[1]], String[1]]] $rewrite_rule                        = undef,
   Array[String[1]] $rewrite_cond                                                      = [],
   Boolean $rewrite_inherit                                                            = false,
-  Variant[Array[String],String] $setenv                                               = [],
-  Variant[Array[String],String] $setenvif                                             = [],
-  Variant[Array[String],String] $setenvifnocase                                       = [],
-  Variant[Array[String],String] $block                                                = [],
+  Variant[Array[String], String] $setenv                                              = [],
+  Variant[Array[String], String] $setenvif                                            = [],
+  Variant[Array[String], String] $setenvifnocase                                      = [],
+  Variant[Array[String], String] $block                                               = [],
   Enum['absent', 'present'] $ensure                                                   = 'present',
   Optional[String] $wsgi_application_group                                            = undef,
-  Optional[Variant[String,Hash]] $wsgi_daemon_process                                 = undef,
+  Optional[Variant[String, Hash]] $wsgi_daemon_process                                = undef,
   Optional[Hash] $wsgi_daemon_process_options                                         = undef,
   Optional[String] $wsgi_import_script                                                = undef,
   Optional[Hash] $wsgi_import_script_options                                          = undef,
@@ -1833,8 +1841,8 @@
   Optional[String] $fastcgi_server                                                    = undef,
   Optional[String] $fastcgi_socket                                                    = undef,
   Optional[String] $fastcgi_dir                                                       = undef,
-  Optional[Variant[Integer,String]] $fastcgi_idle_timeout                             = undef,
-  Variant[Array[String],String] $additional_includes                                  = [],
+  Optional[Integer] $fastcgi_idle_timeout                                             = undef,
+  Variant[Array[String], String] $additional_includes                                 = [],
   Boolean $use_optional_includes                                                      = $apache::use_optional_includes,
   Optional[String] $apache_version                                                    = $apache::apache_version,
   Optional[Enum['on', 'off', 'nodecode']] $allow_encoded_slashes                      = undef,
@@ -1888,7 +1896,7 @@
   Optional[Integer] $passenger_max_request_time                                       = undef,
   Optional[Integer] $passenger_memory_limit                                           = undef,
   Optional[Integer] $passenger_stat_throttle_rate                                     = undef,
-  Optional[Variant[String,Array[String]]] $passenger_pre_start                        = undef,
+  Optional[Variant[String, Array[String]]] $passenger_pre_start                       = undef,
   Optional[Boolean] $passenger_high_performance                                       = undef,
   Optional[Boolean] $passenger_buffer_upload                                          = undef,
   Optional[Boolean] $passenger_buffer_response                                        = undef,
@@ -1921,8 +1929,8 @@
   String $krb_servicename                                                             = 'HTTP',
   Enum['on', 'off'] $krb_save_credentials                                             = 'off',
   Optional[Enum['on', 'off']] $keepalive                                              = undef,
-  Optional[Variant[Integer,String]] $keepalive_timeout                                = undef,
-  Optional[Variant[Integer,String]] $max_keepalive_requests                           = undef,
+  Optional[Variant[Integer, String]] $keepalive_timeout                               = undef,
+  Optional[Variant[Integer, String]] $max_keepalive_requests                          = undef,
   Optional[String] $cas_attribute_prefix                                              = undef,
   Optional[String] $cas_attribute_delimiter                                           = undef,
   Optional[String] $cas_root_proxied_as                                               = undef,
@@ -1934,12 +1942,12 @@
   Optional[String] $cas_cookie_path                                                   = undef,
   Optional[String] $shib_compat_valid_user                                            = undef,
   Optional[Enum['On', 'on', 'Off', 'off', 'DNS', 'dns']] $use_canonical_name          = undef,
-  Optional[Variant[String,Array[String]]] $comment                                    = undef,
+  Optional[Variant[String, Array[String]]] $comment                                   = undef,
   Hash $define                                                                        = {},
   Boolean $auth_oidc                                                                  = false,
   Optional[Apache::OIDCSettings] $oidc_settings                                       = undef,
-  Optional[Variant[Boolean,String]] $mdomain                                          = undef,
-  Optional[Variant[String[1],Array[String[1]]]] $userdir                              = undef,
+  Optional[Variant[Boolean, String]] $mdomain                                         = undef,
+  Optional[Variant[String[1], Array[String[1]]]] $userdir                             = undef,
 ) {
   # The base class must be included first because it is used by parameter defaults
   if ! defined(Class['apache']) {
@@ -2117,7 +2125,7 @@
   } else {
     if $port {
       $listen_addr_port = $port
-      $nvh_addr_port = prefix(any2array($port),"${vhost_name}:")
+      $nvh_addr_port = prefix(any2array($port), "${vhost_name}:")
     } else {
       $listen_addr_port = undef
       $nvh_addr_port = $name
diff --git a/manifests/vhost/custom.pp b/manifests/vhost/custom.pp
index 8f4143bcfe..4e208d578d 100644
--- a/manifests/vhost/custom.pp
+++ b/manifests/vhost/custom.pp
@@ -17,9 +17,9 @@
 #
 define apache::vhost::custom (
   String $content,
-  String $ensure                            = 'present',
-  Variant[Integer,String,Boolean] $priority = '25',
-  Boolean $verify_config                    = true,
+  String $ensure                      = 'present',
+  Variant[Integer, Boolean] $priority = 25,
+  Boolean $verify_config              = true,
 ) {
   include apache
 
diff --git a/manifests/vhost/fragment.pp b/manifests/vhost/fragment.pp
index fa5ea36ab1..e29d637d21 100644
--- a/manifests/vhost/fragment.pp
+++ b/manifests/vhost/fragment.pp
@@ -29,11 +29,11 @@
 # @example With a vhost with priority
 #   include apache
 #   apache::vhost { 'myvhost':
-#     priority => '42',
+#     priority => 42,
 #   }
 #   apache::vhost::fragment { 'myfragment':
 #     vhost    => 'myvhost',
-#     priority => '42',
+#     priority => 42,
 #     content  => '# Foo',
 #   }
 #
@@ -44,7 +44,7 @@
 #   }
 #   apache::vhost::fragment { 'myfragment':
 #     vhost    => 'myvhost',
-#     priority => '10', # default_vhost implies priority 10
+#     priority => 10, # default_vhost implies priority 10
 #     content  => '# Foo',
 #   }
 #
@@ -52,16 +52,16 @@
 #   include apache
 #   apache::vhost::fragment { 'myfragment':
 #     vhost    => 'default',
-#     priority => '15',
+#     priority => 15,
 #     content  => '# Foo',
 #   }
 #
 define apache::vhost::fragment (
   String[1] $vhost,
-  Optional[Integer[0]] $port                          = undef,
-  Optional[Variant[Integer,String,Boolean]] $priority = undef,
-  Optional[String] $content                           = undef,
-  Integer[0] $order                                   = 900,
+  Optional[Stdlib::Port] $port                  = undef,
+  Optional[Variant[Integer, Boolean]] $priority = undef,
+  Optional[String] $content                     = undef,
+  Integer[0] $order                             = 900,
 ) {
   # This copies the logic from apache::vhost
   if $priority {
diff --git a/manifests/vhost/proxy.pp b/manifests/vhost/proxy.pp
index 0faca113a1..6ae89d41f1 100644
--- a/manifests/vhost/proxy.pp
+++ b/manifests/vhost/proxy.pp
@@ -92,11 +92,11 @@
 #       { 'path' => '/l', 'url' => 'http://backend-xy',
 #         'reverse_urls' => ['http://backend-x', 'http://backend-y'] },
 #       { 'path' => '/d', 'url' => 'http://backend-a/d',
-#         'params' => { 'retry' => '0', 'timeout' => '5' }, },
+#         'params' => { 'retry' => 0, 'timeout' => 5 }, },
 #       { 'path' => '/e', 'url' => 'http://backend-a/e',
 #         'keywords' => ['nocanon', 'interpolate'] },
 #       { 'path' => '/f', 'url' => 'http://backend-f/',
-#         'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1']},
+#         'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1']},
 #       { 'path' => '/g', 'url' => 'http://backend-g/',
 #         'reverse_cookies' => [{'path' => '/g', 'url' => 'http://backend-g/',}, {'domain' => 'http://backend-g', 'url' => 'http:://backend-g',},], },
 #       { 'path' => '/h', 'url' => 'http://backend-h/h',
@@ -106,20 +106,20 @@
 #
 define apache::vhost::proxy (
   String[1] $vhost,
-  Optional[Variant[Integer,String,Boolean]] $priority = undef,
-  Integer[0] $order = 170,
-  Optional[Stdlib::Port] $port = undef,
-  Optional[String[1]] $proxy_dest = undef,
-  Optional[String[1]] $proxy_dest_match = undef,
-  Optional[String[1]] $proxy_dest_reverse_match = undef,
-  Variant[Array[String[1]], String[1]] $no_proxy_uris = [],
-  Variant[Array[String[1]], String[1]] $no_proxy_uris_match = [],
-  Optional[Array[Apache::Vhost::ProxyPass]] $proxy_pass = undef,
+  Optional[Variant[Integer, Boolean]] $priority               = undef,
+  Integer[0] $order                                           = 170,
+  Optional[Stdlib::Port] $port                                = undef,
+  Optional[String[1]] $proxy_dest                             = undef,
+  Optional[String[1]] $proxy_dest_match                       = undef,
+  Optional[String[1]] $proxy_dest_reverse_match               = undef,
+  Variant[Array[String[1]], String[1]] $no_proxy_uris         = [],
+  Variant[Array[String[1]], String[1]] $no_proxy_uris_match   = [],
+  Optional[Array[Apache::Vhost::ProxyPass]] $proxy_pass       = undef,
   Optional[Array[Apache::Vhost::ProxyPass]] $proxy_pass_match = undef,
-  Boolean $proxy_requests = false,
-  Boolean $proxy_preserve_host = false,
-  Optional[Boolean] $proxy_add_headers = undef,
-  Boolean $proxy_error_override = false,
+  Boolean $proxy_requests                                     = false,
+  Boolean $proxy_preserve_host                                = false,
+  Optional[Boolean] $proxy_add_headers                        = undef,
+  Boolean $proxy_error_override                               = false,
 ) {
   include apache::mod::proxy
   include apache::mod::proxy_http
diff --git a/manifests/vhosts.pp b/manifests/vhosts.pp
index a212a5c31a..9ac49abaa3 100644
--- a/manifests/vhosts.pp
+++ b/manifests/vhosts.pp
@@ -9,7 +9,7 @@
 #     vhosts => {
 #       'custom_vhost_1' => {
 #         'docroot' => '/var/www/custom_vhost_1',
-#         'port'    => '81',
+#         'port'    => 81,
 #       },
 #     },
 #   }
diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb
index aba05beca6..44c2884511 100644
--- a/spec/acceptance/apache_parameters_spec.rb
+++ b/spec/acceptance/apache_parameters_spec.rb
@@ -222,7 +222,7 @@ class { 'apache':
   describe 'timeout' do
     describe 'setup' do
       it 'applies cleanly' do
-        pp = "class { 'apache': timeout => '1234' }"
+        pp = "class { 'apache': timeout => 1234 }"
         apply_manifest(pp, catch_failures: true)
       end
     end
@@ -384,7 +384,7 @@ class { 'apache':
   describe 'keepalive' do
     describe 'setup' do
       it 'applies cleanly' do
-        pp = "class { 'apache': keepalive => 'Off', keepalive_timeout => '30', max_keepalive_requests => '200' }"
+        pp = "class { 'apache': keepalive => 'Off', keepalive_timeout => 30, max_keepalive_requests => 200 }"
         apply_manifest(pp, catch_failures: true)
       end
     end
@@ -400,7 +400,7 @@ class { 'apache':
   describe 'limitrequestfieldsize' do
     describe 'setup' do
       it 'applies cleanly' do
-        pp = "class { 'apache': limitreqfieldsize => '16830' }"
+        pp = "class { 'apache': limitreqfieldsize => 16830 }"
         apply_manifest(pp, catch_failures: true)
       end
     end
@@ -414,7 +414,7 @@ class { 'apache':
   describe 'limitrequestfields' do
     describe 'setup' do
       it 'applies cleanly' do
-        pp = "class { 'apache': limitreqfields => '120' }"
+        pp = "class { 'apache': limitreqfields => 120 }"
         apply_manifest(pp, catch_failures: true)
       end
     end
diff --git a/spec/acceptance/apache_ssl_spec.rb b/spec/acceptance/apache_ssl_spec.rb
index c13ae260af..0b69febec7 100644
--- a/spec/acceptance/apache_ssl_spec.rb
+++ b/spec/acceptance/apache_ssl_spec.rb
@@ -79,7 +79,7 @@ class { 'apache':
           ssl_cipher           => 'test',
           ssl_honorcipherorder => true,
           ssl_verify_client    => 'require',
-          ssl_verify_depth     => 'test',
+          ssl_verify_depth     => 1,
           ssl_options          => ['test', 'test1'],
           ssl_proxyengine      => true,
           ssl_proxy_protocol   => 'TLSv1.2',
@@ -103,7 +103,7 @@ class { 'apache':
       it { is_expected.to contain 'SSLCipherSuite          test' }
       it { is_expected.to contain 'SSLHonorCipherOrder     On' }
       it { is_expected.to contain 'SSLVerifyClient         require' }
-      it { is_expected.to contain 'SSLVerifyDepth          test' }
+      it { is_expected.to contain 'SSLVerifyDepth          1' }
       it { is_expected.to contain 'SSLOptions test test1' }
       if apache_hash['version'] == '2.4'
         it { is_expected.to contain 'SSLCARevocationCheck    chain flag' }
diff --git a/spec/acceptance/mod_php_spec.rb b/spec/acceptance/mod_php_spec.rb
index 558156c3fc..cc8ee4b9fa 100644
--- a/spec/acceptance/mod_php_spec.rb
+++ b/spec/acceptance/mod_php_spec.rb
@@ -13,7 +13,7 @@ class { 'apache':
           }
           class { 'apache::mod::php': }
           apache::vhost { 'php.example.com':
-            port    => '80',
+            port    => 80,
             docroot => '#{apache_hash['doc_root']}/php',
           }
           host { 'php.example.com': ip => '127.0.0.1', }
@@ -75,7 +75,7 @@ class { 'apache::mod::php':
         }
 
           apache::vhost { 'php.example.com':
-            port             => '80',
+            port             => 80,
             docroot          => '#{apache_hash['doc_root']}/php',
             php_values       => { 'include_path' => '.:/usr/share/pear:/usr/bin/php', },
             php_flags        => { 'display_errors' => 'on', },
diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb
index 7874557be2..109dc9da81 100644
--- a/spec/acceptance/vhost_spec.rb
+++ b/spec/acceptance/vhost_spec.rb
@@ -86,7 +86,7 @@ class { 'apache': }
       }
 
       apache::vhost { 'first.example.com':
-        port    => '80',
+        port    => 80,
         docroot => '/var/www/first',
         require => File['/var/www'],
       }
@@ -105,7 +105,7 @@ class { 'apache': }
     pp = <<-MANIFEST
       class { 'apache': }
       apache::vhost { 'proxy.example.com':
-        port    => '80',
+        port    => 80,
         docroot => '/var/www/proxy',
         proxy_pass => [
           { 'path' => '/foo', 'url' => 'http://backend-foo/'},
@@ -133,7 +133,7 @@ class { 'apache': }
     pp = <<-MANIFEST
       class { 'apache': }
       apache::vhost { 'proxy.example.com':
-        port    => '80',
+        port    => 80,
         docroot => '#{apache_hash['doc_root']}/proxy',
         proxy_pass_match => [
           { 'path' => '/foo', 'url' => 'http://backend-foo/'},
@@ -163,7 +163,7 @@ class { 'apache':
         default_vhost => false,
       }
       apache::vhost { 'example.com':
-        port     => ['80', '8080'],
+        port     => [80, 8080],
         ip       => ['127.0.0.1','127.0.0.2'],
         ip_based => true,
         docroot  => '/var/www/html',
@@ -232,7 +232,7 @@ class { 'apache':
         default_vhost  => false,
       }
       apache::vhost { 'example.com':
-        port           => '80',
+        port           => 80,
         ip             => '::1',
         ip_based       => true,
         docroot        => '/var/www/html',
@@ -512,7 +512,7 @@ class { 'apache': }
       apache::vhost { 'virt.example.com':
         vhost_name      => '*',
         serveraliases   => '*virt.example.com',
-        port            => '80',
+        port            => 80,
         docroot         => '/var/www/virt',
         virtual_docroot => '/var/www/virt/%1',
       }
@@ -552,12 +552,12 @@ class { 'apache': default_vhost => false, }
         apache::vhost { 'localhost':
           docroot => '/var/www/local',
           ip      => '127.0.0.1',
-          port    => '8888',
+          port    => 8888,
         }
         apache::listen { '*:80': }
         apache::vhost { 'proxy.example.com':
           docroot    => '/var/www',
-          port       => '80',
+          port       => 80,
           add_listen => false,
           proxy_pass => {
             'path' => '/',
@@ -597,12 +597,12 @@ class { 'apache': default_vhost => false, }
         apache::vhost { 'localhost':
           docroot => '/var/www/local',
           ip      => '127.0.0.1',
-          port    => '8888',
+          port    => 8888,
         }
         apache::listen { '*:80': }
         apache::vhost { 'proxy.example.com':
           docroot    => '/var/www',
-          port       => '80',
+          port       => 80,
           add_listen => false,
           proxy_pass_match => {
             'path' => '/',
@@ -690,7 +690,7 @@ class { 'apache': default_vhost => false }
       apache::listen { '81': }
       apache::vhost { 'testlisten.server':
         docroot    => '/tmp',
-        port       => '80',
+        port       => 80,
         add_listen => false,
         servername => 'testlisten.server',
       }
@@ -1134,7 +1134,7 @@ class { 'apache::mod::wsgi': }
         docroot                     => '/tmp',
         wsgi_application_group      => '%{GLOBAL}',
         wsgi_daemon_process         => { 'wsgi' => { 'python-home' => '/usr' }, 'foo' => {} },
-        wsgi_daemon_process_options => {processes => '2'},
+        wsgi_daemon_process_options => {processes => 2},
         wsgi_import_script          => '/test1',
         wsgi_import_script_options  => { application-group => '%{GLOBAL}', process-group => 'wsgi' },
         wsgi_process_group          => 'nobody',
@@ -1207,7 +1207,7 @@ class { 'apache': }
       class { 'apache': }
       class { 'apache::mod::shib': }
       apache::vhost { 'test.server':
-        port    => '80',
+        port    => 80,
         docroot => '/var/www/html',
         shib_compat_valid_user => 'On'
       }
@@ -1227,7 +1227,7 @@ class { 'apache::mod::shib': }
     pp = <<-MANIFEST
         class { 'apache': }
         apache::vhost { 'test.server':
-          port    => '80',
+          port    => 80,
           docroot => '/var/www/html',
           auth_oidc     => true,
           oidc_settings => {
diff --git a/spec/acceptance/vhosts_spec.rb b/spec/acceptance/vhosts_spec.rb
index 90dc8c99f4..1048c2074b 100644
--- a/spec/acceptance/vhosts_spec.rb
+++ b/spec/acceptance/vhosts_spec.rb
@@ -9,11 +9,11 @@ class { 'apache::vhosts':
           vhosts => {
             'custom_vhost_1' => {
                 'docroot' => '/var/www/custom_vhost_1',
-                'port' => '81',
+                'port' => 81,
             },
             'custom_vhost_2' => {
                 'docroot' => '/var/www/custom_vhost_2',
-                'port' => '82',
+                'port' => 82,
             },
           },
         }
diff --git a/spec/classes/mod/auth_mellon_spec.rb b/spec/classes/mod/auth_mellon_spec.rb
index c1ccd4b23a..bdd06059c1 100644
--- a/spec/classes/mod/auth_mellon_spec.rb
+++ b/spec/classes/mod/auth_mellon_spec.rb
@@ -16,13 +16,13 @@
     end
     describe 'with parameters' do
       let :params do
-        { mellon_cache_size: '200',
-          mellon_cache_entry_size: '2010',
+        { mellon_cache_size: 200,
+          mellon_cache_entry_size: 2010,
           mellon_lock_file: '/tmp/junk',
           mellon_post_directory: '/tmp/post',
-          mellon_post_ttl: '5',
-          mellon_post_size: '8',
-          mellon_post_count: '10' }
+          mellon_post_ttl: 5,
+          mellon_post_size: 8,
+          mellon_post_count: 10 }
       end
 
       it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheSize\s+200$}) }
@@ -45,13 +45,13 @@
     end
     describe 'with parameters' do
       let :params do
-        { mellon_cache_size: '200',
-          mellon_cache_entry_size: '2010',
+        { mellon_cache_size: 200,
+          mellon_cache_entry_size: 2010,
           mellon_lock_file: '/tmp/junk',
           mellon_post_directory: '/tmp/post',
-          mellon_post_ttl: '5',
-          mellon_post_size: '8',
-          mellon_post_count: '10' }
+          mellon_post_ttl: 5,
+          mellon_post_size: 8,
+          mellon_post_count: 10 }
       end
 
       it { is_expected.to contain_file('auth_mellon.conf').with_content(%r{^MellonCacheSize\s+200$}) }
diff --git a/spec/classes/mod/event_spec.rb b/spec/classes/mod/event_spec.rb
index 572baefe5d..05d7b57bb8 100644
--- a/spec/classes/mod/event_spec.rb
+++ b/spec/classes/mod/event_spec.rb
@@ -32,17 +32,17 @@
     context 'Test mpm_event new params' do
       let :params do
         {
-          serverlimit: '0',
-          startservers: '1',
-          maxclients: '2',
-          minsparethreads: '3',
-          maxsparethreads: '4',
-          threadsperchild: '5',
-          maxrequestsperchild: '6',
-          threadlimit: '7',
-          listenbacklog: '8',
-          maxrequestworkers: '9',
-          maxconnectionsperchild: '10',
+          serverlimit: 0,
+          startservers: 1,
+          maxclients: 2,
+          minsparethreads: 3,
+          maxsparethreads: 4,
+          threadsperchild: 5,
+          maxrequestsperchild: 6,
+          threadlimit: 7,
+          listenbacklog: 8,
+          maxrequestworkers: 9,
+          maxconnectionsperchild: 10,
         }
       end
 
@@ -62,15 +62,15 @@
     context 'Test mpm_event old style params' do
       let :params do
         {
-          serverlimit: '0',
-          startservers: '1',
-          maxclients: '2',
-          minsparethreads: '3',
-          maxsparethreads: '4',
-          threadsperchild: '5',
-          maxrequestsperchild: '6',
-          threadlimit: '7',
-          listenbacklog: '8',
+          serverlimit: 0,
+          startservers: 1,
+          maxclients: 2,
+          minsparethreads: 3,
+          maxsparethreads: 4,
+          threadsperchild: 5,
+          maxrequestsperchild: 6,
+          threadlimit: 7,
+          listenbacklog: 8,
           maxrequestworkers: :undef,
           maxconnectionsperchild: :undef,
         }
diff --git a/spec/classes/mod/ldap_spec.rb b/spec/classes/mod/ldap_spec.rb
index 934b62da8f..2b965bb33c 100644
--- a/spec/classes/mod/ldap_spec.rb
+++ b/spec/classes/mod/ldap_spec.rb
@@ -28,11 +28,11 @@
           ldap_trusted_global_cert_file: 'ca.pem',
           ldap_trusted_global_cert_type: 'CA_DER',
           ldap_trusted_mode: 'TLS',
-          ldap_shared_cache_size: '500000',
-          ldap_cache_entries: '1024',
-          ldap_cache_ttl: '600',
-          ldap_opcache_entries: '1024',
-          ldap_opcache_ttl: '600',
+          ldap_shared_cache_size: 500_000,
+          ldap_cache_entries: 1024,
+          ldap_cache_ttl: 600,
+          ldap_opcache_entries: 1024,
+          ldap_opcache_ttl: 600,
           ldap_path: '/custom-ldap-status',
         }
       end
diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb
index 0925696ce6..80e56ca08c 100644
--- a/spec/classes/mod/passenger_spec.rb
+++ b/spec/classes/mod/passenger_spec.rb
@@ -135,7 +135,7 @@
                   it { is_expected.to contain_file('passenger.conf').with_content(%r{^  #{config_hash[:pass_opt]} "#{valid_value}"$}) }
                 end
               end
-            when 'URI', 'String', 'Integer'
+            when 'URI', 'String'
               valid_config_values = ['some_value_for_you']
               valid_config_values.each do |valid_value|
                 describe "with #{puppetized_config_option} => #{valid_value}" do
@@ -143,6 +143,17 @@
                     { puppetized_config_option.to_sym => valid_value }
                   end
 
+                  it { is_expected.to contain_file('passenger.conf').with_content(%r{^  #{config_hash[:pass_opt]} #{valid_value}$}) }
+                end
+              end
+            when 'Integer'
+              valid_config_values = [4711]
+              valid_config_values.each do |valid_value|
+                describe "with #{puppetized_config_option} => #{valid_value}" do
+                  let :params do
+                    { puppetized_config_option.to_sym => valid_value }
+                  end
+
                   it { is_expected.to contain_file('passenger.conf').with_content(%r{^  #{config_hash[:pass_opt]} #{valid_value}$}) }
                 end
               end
diff --git a/spec/classes/mod/prefork_spec.rb b/spec/classes/mod/prefork_spec.rb
index 51eb8c0904..9a8afd9462 100644
--- a/spec/classes/mod/prefork_spec.rb
+++ b/spec/classes/mod/prefork_spec.rb
@@ -67,8 +67,8 @@
       let :params do
         {
           apache_version: '2.4',
-          maxrequestworkers: '512',
-          maxconnectionsperchild: '4000',
+          maxrequestworkers: 512,
+          maxconnectionsperchild: 4000,
         }
       end
 
diff --git a/spec/classes/mod/ssl_spec.rb b/spec/classes/mod/ssl_spec.rb
index d1c1ef8ff8..9f6b660000 100644
--- a/spec/classes/mod/ssl_spec.rb
+++ b/spec/classes/mod/ssl_spec.rb
@@ -253,7 +253,7 @@
     context 'setting ssl_random_seed_bytes' do
       let :params do
         {
-          ssl_random_seed_bytes: '1024',
+          ssl_random_seed_bytes: 1024,
         }
       end
 
diff --git a/spec/classes/vhosts_spec.rb b/spec/classes/vhosts_spec.rb
index 42a5ed9002..2c75ea69c7 100644
--- a/spec/classes/vhosts_spec.rb
+++ b/spec/classes/vhosts_spec.rb
@@ -12,11 +12,11 @@
           vhosts: {
             'custom_vhost_1' => {
               'docroot' => '/var/www/custom_vhost_1',
-              'port' => '81',
+              'port' => 81,
             },
             'custom_vhost_2' => {
               'docroot' => '/var/www/custom_vhost_2',
-              'port' => '82',
+              'port' => 82,
             },
           },
         }
diff --git a/spec/defines/custom_config_spec.rb b/spec/defines/custom_config_spec.rb
index 2e31b1f790..c10564a3e3 100644
--- a/spec/defines/custom_config_spec.rb
+++ b/spec/defines/custom_config_spec.rb
@@ -41,7 +41,7 @@
     let :params do
       {
         'confdir'        => '/dne',
-        'priority'       => '30',
+        'priority'       => 30,
         'source'         => 'puppet:///modules/apache/test',
         'verify_command' => '/bin/true',
       }
diff --git a/spec/defines/vhost_fragment_spec.rb b/spec/defines/vhost_fragment_spec.rb
index af042e4de0..c5aac54c96 100644
--- a/spec/defines/vhost_fragment_spec.rb
+++ b/spec/defines/vhost_fragment_spec.rb
@@ -15,7 +15,7 @@
           {
             vhost: 'default',
             port: 80,
-            priority: '15',
+            priority: 15,
           }
         end
 
@@ -74,13 +74,13 @@
         end
 
         context 'with priority => 42' do
-          let(:params) { super().merge(priority: '42') }
+          let(:params) { super().merge(priority: 42) }
           let(:pre_condition) do
             <<-PUPPET
             include apache
             apache::vhost { 'custom':
               docroot  => '/path/to/docroot',
-              priority => '42',
+              priority => 42,
             }
             PUPPET
           end
diff --git a/spec/defines/vhost_proxy_spec.rb b/spec/defines/vhost_proxy_spec.rb
index 57a5477147..fbdf642386 100644
--- a/spec/defines/vhost_proxy_spec.rb
+++ b/spec/defines/vhost_proxy_spec.rb
@@ -15,7 +15,7 @@
           {
             vhost: 'default',
             port: 80,
-            priority: '15',
+            priority: 15,
           }
         end
 
diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb
index d92d116918..30a3754efd 100644
--- a/spec/defines/vhost_spec.rb
+++ b/spec/defines/vhost_spec.rb
@@ -18,7 +18,7 @@
       let :default_params do
         {
           docroot: '/rspec/docroot',
-          port: '84',
+          port: 84,
         }
       end
 
@@ -47,7 +47,7 @@
               'manage_docroot'              => false,
               'virtual_docroot'             => true,
               'virtual_use_default_docroot' => false,
-              'port'                        => '8080',
+              'port'                        => 8080,
               'ip'                          => '127.0.0.1',
               'ip_based'                    => true,
               'add_listen'                  => false,
@@ -66,7 +66,7 @@
               'ssl_cipher'                  => 'HIGH',
               'ssl_honorcipherorder'        => 'Off',
               'ssl_verify_client'           => 'optional',
-              'ssl_verify_depth'            => '3',
+              'ssl_verify_depth'            => 3,
               'ssl_options'                 => '+ExportCertData',
               'ssl_openssl_conf_cmd'        => 'DHParameters "foo.pem"',
               'ssl_proxy_verify'            => 'require',
@@ -78,7 +78,7 @@
               'ssl_proxy_protocol'          => 'TLSv1.2',
               'ssl_user_name'               => 'SSL_CLIENT_S_DN_CN',
               'ssl_reload_on_change'        => true,
-              'priority'                    => '30',
+              'priority'                    => 30,
               'default_vhost'               => true,
               'servername'                  => 'example.com',
               'serveraliases'               => ['test-example.com'],
@@ -174,7 +174,7 @@
                 { 'path'               => '/var/www/dav',
                   'dav'                => 'filesystem',
                   'dav_depth_infinity' => true,
-                  'dav_min_timeout'    => '600' },
+                  'dav_min_timeout'    => 600 },
                 {
                   'path'             => '/var/www/http2',
                   'h2_copy_files'    => true,
@@ -200,8 +200,8 @@
                       'url'             => 'http://backend-b/',
                       'keywords'        => ['noquery', 'interpolate'],
                       'params' => {
-                        'retry'   => '0',
-                        'timeout' => '5',
+                        'retry'   => 0,
+                        'timeout' => 5,
                       },
                     },
                   ],
@@ -214,8 +214,8 @@
                       'url'             => 'http://backend-b/',
                       'keywords'        => ['noquery', 'interpolate'],
                       'params' => {
-                        'retry'   => '0',
-                        'timeout' => '5',
+                        'retry'   => 0,
+                        'timeout' => 5,
                       },
                     },
                   ],
@@ -304,7 +304,7 @@
                   'provider'          => 'location',
                   'ssl_options'       => ['+ExportCertData', '+StdEnvVars'],
                   'ssl_verify_client' => 'optional',
-                  'ssl_verify_depth'  => '10',
+                  'ssl_verify_depth'  => 10,
                 },
               ],
               'error_log'                   => false,
@@ -347,8 +347,8 @@
                     },
                   ],
                   'params' => {
-                    'retry'   => '0',
-                    'timeout' => '5',
+                    'retry'   => 0,
+                    'timeout' => 5,
                   },
                   'setenv'   => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1'],
                 },
@@ -361,8 +361,8 @@
                   'no_proxy_uris'       => ['/a/foo', '/a/bar'],
                   'no_proxy_uris_match' => ['/a/foomatch'],
                   'params' => {
-                    'retry'   => '0',
-                    'timeout' => '5',
+                    'retry'   => 0,
+                    'timeout' => 5,
                   },
                   'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1'],
                 },
@@ -408,8 +408,8 @@
               'wsgi_application_group'      => '%{GLOBAL}',
               'wsgi_daemon_process'         => { 'foo' => { 'python-home' => '/usr' }, 'bar' => {} },
               'wsgi_daemon_process_options' => {
-                'processes'    => '2',
-                'threads'      => '15',
+                'processes'    => 2,
+                'threads'      => 15,
                 'display-name' => '%{GROUP}',
               },
               'wsgi_import_script'          => '/var/www/demo.wsgi',
@@ -520,8 +520,8 @@
               'krb_local_user_mapping'      => 'off',
               'http_protocol_options' => 'Strict LenientMethods Allow0.9',
               'keepalive'                   => 'on',
-              'keepalive_timeout'           => '100',
-              'max_keepalive_requests'      => '1000',
+              'keepalive_timeout'           => 100,
+              'max_keepalive_requests'      => 1000,
               'protocols'                   => ['h2', 'http/1.1'],
               'protocols_honor_order'       => true,
               'auth_oidc'                   => true,
@@ -912,7 +912,7 @@
         context 'vhost with scheme and port in servername and use_servername_for_filenames' do
           let :params do
             {
-              'port'                          => '80',
+              'port'                          => 80,
               'ip'                            => '127.0.0.1',
               'ip_based'                      => true,
               'servername'                    => 'https://www.example.com:443',
@@ -936,7 +936,7 @@
         context 'vhost with scheme in servername and use_servername_for_filenames' do
           let :params do
             {
-              'port'                          => '80',
+              'port'                          => 80,
               'ip'                            => '127.0.0.1',
               'ip_based'                      => true,
               'servername'                    => 'https://www.example.com',
@@ -960,7 +960,7 @@
         context 'vhost with port in servername and use_servername_for_filenames' do
           let :params do
             {
-              'port'                          => '80',
+              'port'                          => 80,
               'ip'                            => '127.0.0.1',
               'ip_based'                      => true,
               'servername'                    => 'www.example.com:443',
@@ -984,7 +984,7 @@
         context 'vhost with servername and use_servername_for_filenames' do
           let :params do
             {
-              'port'                          => '80',
+              'port'                          => 80,
               'ip'                            => '127.0.0.1',
               'ip_based'                      => true,
               'servername'                    => 'www.example.com',
@@ -1008,7 +1008,7 @@
         context 'vhost with multiple ip addresses' do
           let :params do
             {
-              'port'                        => '80',
+              'port'                        => 80,
               'ip'                          => ['127.0.0.1', '::1'],
               'ip_based'                    => true,
               'servername'                  => 'example.com',
@@ -1033,7 +1033,7 @@
         context 'vhost with multiple ports' do
           let :params do
             {
-              'port'                        => ['80', '8080'],
+              'port'                        => [80, 8080],
               'ip'                          => '127.0.0.1',
               'ip_based'                    => true,
               'servername'                  => 'example.com',
@@ -1058,7 +1058,7 @@
         context 'vhost with multiple ip addresses, multiple ports' do
           let :params do
             {
-              'port'                        => ['80', '8080'],
+              'port'                        => [80, 8080],
               'ip'                          => ['127.0.0.1', '::1'],
               'ip_based'                    => true,
               'servername'                  => 'example.com',
@@ -1087,7 +1087,7 @@
         context 'vhost with ipv6 address' do
           let :params do
             {
-              'port'                        => '80',
+              'port'                        => 80,
               'ip'                          => '::1',
               'ip_based'                    => true,
               'servername'                  => 'example.com',
@@ -1110,7 +1110,7 @@
         context 'vhost with wildcard ip address' do
           let :params do
             {
-              'port'                        => '80',
+              'port'                        => 80,
               'ip'                          => '*',
               'ip_based'                    => true,
               'servername'                  => 'example.com',
@@ -1768,7 +1768,7 @@
                   'fastcgi_server'       => 'localhost',
                   'fastcgi_socket'       => '/tmp/fastcgi.socket',
                   'fastcgi_dir'          => '/tmp',
-                  'fastcgi_idle_timeout' => '120',
+                  'fastcgi_idle_timeout' => 120,
                 }
               end
 
@@ -1801,7 +1801,7 @@
             }
           end
           describe 'redirectmatch_*' do
-            let(:params) { super().merge(port: '84') }
+            let(:params) { super().merge(port: 84) }
 
             context 'dest and regexp' do
               let(:params) { super().merge(redirectmatch_dest: 'http://other.example.com$1.jpg', redirectmatch_regexp: "(.*)\.gif$") }
diff --git a/types/oidcsettings.pp b/types/oidcsettings.pp
index 9c07e42345..e8b4806651 100644
--- a/types/oidcsettings.pp
+++ b/types/oidcsettings.pp
@@ -1,7 +1,7 @@
 # https://github.com/zmartzone/mod_auth_openidc/blob/master/auth_openidc.conf
 type Apache::OIDCSettings = Struct[
   {
-    Optional['RedirectURI']                             => Variant[Stdlib::HTTPSUrl,Stdlib::HttpUrl,Pattern[/^\/[A-Za-z0-9\-\._%\/]*$/]],
+    Optional['RedirectURI']                             => Variant[Stdlib::HTTPSUrl, Stdlib::HttpUrl, Pattern[/^\/[A-Za-z0-9\-\._%\/]*$/]],
     Optional['CryptoPassphrase']                        => String,
     Optional['MetadataDir']                             => String,
     Optional['ProviderMetadataURL']                     => Stdlib::HTTPSUrl,
@@ -9,80 +9,80 @@
     Optional['ProviderAuthorizationEndpoint']           => Stdlib::HTTPSUrl,
     Optional['ProviderJwksUri']                         => Stdlib::HTTPSUrl,
     Optional['ProviderTokenEndpoint']                   => Stdlib::HTTPSUrl,
-    Optional['ProviderTokenEndpointAuth']               => Enum['client_secret_basic','client_secret_post','client_secret_jwt','private_key_jwt','none'],
+    Optional['ProviderTokenEndpointAuth']               => Enum['client_secret_basic', 'client_secret_post', 'client_secret_jwt', 'private_key_jwt', 'none'],
     Optional['ProviderTokenEndpointParams']             => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/],
     Optional['ProviderUserInfoEndpoint']                => Stdlib::HTTPSUrl,
     Optional['ProviderCheckSessionIFrame']              => Stdlib::HTTPSUrl,
     Optional['ProviderEndSessionEndpoint']              => Stdlib::HTTPSUrl,
     Optional['ProviderRevocationEndpoint']              => Stdlib::HTTPSUrl,
-    Optional['ProviderBackChannelLogoutSupported']      => Enum['On','Off'],
+    Optional['ProviderBackChannelLogoutSupported']      => Enum['On', 'Off'],
     Optional['ProviderRegistrationEndpointJson']        => String,
     Optional['Scope']                                   => Pattern[/^[A-Za-z0-9\-\._\s]+$/],
     Optional['AuthRequestParams']                       => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/],
-    Optional['SSLValidateServer']                       => Enum['On','Off'],
+    Optional['SSLValidateServer']                       => Enum['On', 'Off'],
     Optional['UserInfoRefreshInterval']                 => Integer,
     Optional['JWKSRefreshInterval']                     => Integer,
-    Optional['UserInfoTokenMethod']                     => Enum['authz_header','post_param'],
-    Optional['ProviderAuthRequestMethod']               => Enum['GET','POST'],
+    Optional['UserInfoTokenMethod']                     => Enum['authz_header', 'post_param'],
+    Optional['ProviderAuthRequestMethod']               => Enum['GET', 'POST'],
     Optional['PublicKeyFiles']                          => String,
-    Optional['ResponseType']                            => Enum['code','id_token','id_token token','code id_token','code token','code id_token token'],
-    Optional['ResponseMode']                            => Enum['fragment','query','form_post'],
+    Optional['ResponseType']                            => Enum['code', 'id_token', 'id_token token', 'code id_token', 'code token', 'code id_token token'],
+    Optional['ResponseMode']                            => Enum['fragment', 'query', 'form_post'],
     Optional['ClientID']                                => String,
     Optional['ClientSecret']                            => String,
     Optional['ClientTokenEndpointCert']                 => String,
     Optional['ClientTokenEndpointKey']                  => String,
     Optional['ClientName']                              => String,
     Optional['ClientContact']                           => String,
-    Optional['PKCDMethod']                              => Enum['plain','S256','referred_tb'],
-    Optional['TokenBindingPolicy']                      => Enum['disabled','optional','required','enforced'],
+    Optional['PKCDMethod']                              => Enum['plain', 'S256', 'referred_tb'],
+    Optional['TokenBindingPolicy']                      => Enum['disabled', 'optional', 'required', 'enforced'],
     Optional['ClientJwksUri']                           => Stdlib::HTTPSUrl,
-    Optional['IDTokenSignedResponseAlg']                => Enum['RS256','RS384','RS512','PS256','PS384','PS512','HS256','HS384','HS512','ES256','ES384','ES512'],
-    Optional['IDTokenEncryptedResponseAlg']             => Enum['RSA1_5','A128KW','A256KW','RSA-OAEP'],
-    Optional['IDTokenEncryptedResponseAlg']             => Enum['A128CBC-HS256','A256CBC-HS512','A256GCM'],
-    Optional['UserInfoSignedResposeAlg']                => Enum['RS256','RS384','RS512','PS256','PS384','PS512','HS256','HS384','HS512','ES256','ES384','ES512'],
-    Optional['UserInfoEncryptedResponseAlg']            => Enum['RSA1_5','A128KW','A256KW','RSA-OAEP'],
-    Optional['UserInfoEncryptedResponseEnc']            => Enum['A128CBC-HS256','A256CBC-HS512','A256GCM'],
+    Optional['IDTokenSignedResponseAlg']                => Enum['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512', 'HS256', 'HS384', 'HS512', 'ES256', 'ES384', 'ES512'],
+    Optional['IDTokenEncryptedResponseAlg']             => Enum['RSA1_5', 'A128KW', 'A256KW', 'RSA-OAEP'],
+    Optional['IDTokenEncryptedResponseAlg']             => Enum['A128CBC-HS256', 'A256CBC-HS512', 'A256GCM'],
+    Optional['UserInfoSignedResposeAlg']                => Enum['RS256', 'RS384', 'RS512', 'PS256', 'PS384', 'PS512', 'HS256', 'HS384', 'HS512', 'ES256', 'ES384', 'ES512'],
+    Optional['UserInfoEncryptedResponseAlg']            => Enum['RSA1_5', 'A128KW', 'A256KW', 'RSA-OAEP'],
+    Optional['UserInfoEncryptedResponseEnc']            => Enum['A128CBC-HS256', 'A256CBC-HS512', 'A256GCM'],
     Optional['OAuthServerMetadataURL']                  => Stdlib::HTTPSUrl,
     Optional['AuthIntrospectionEndpoint']               => Stdlib::HTTPSUrl,
     Optional['OAuthClientID']                           => String,
     Optional['OAuthClientSecret']                       => String,
-    Optional['OAuthIntrospectionEndpointAuth']          => Enum['client_secret_basic','client_secret_post','client_secret_jwt','private_key_jwt','bearer_access_token','none'],
+    Optional['OAuthIntrospectionEndpointAuth']          => Enum['client_secret_basic', 'client_secret_post', 'client_secret_jwt', 'private_key_jwt', 'bearer_access_token', 'none'],
     Optional['OAuthIntrospectionClientAuthBearerToken'] => String,
     Optional['OAuthIntrospectionEndpointCert']          => String,
     Optional['OAuthIntrospectionEndpointKey']           => String,
-    Optional['OAuthIntrospectionEndpointMethod']        => Enum['POST','GET'],
+    Optional['OAuthIntrospectionEndpointMethod']        => Enum['POST', 'GET'],
     Optional['OAuthIntrospectionEndpointParams']        => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/],
     Optional['OAuthIntrospectionTokenParamName']        => String,
     Optional['OAuthTokenExpiryClaim']                   => Pattern[/^[A-Za-z0-9\-\._]+\s(absolute|relative)\s(mandatory|optional)$/],
-    Optional['OAuthSSLValidateServer']                  => Enum['On','Off'],
+    Optional['OAuthSSLValidateServer']                  => Enum['On', 'Off'],
     Optional['OAuthVerifySharedKeys']                   => String,
     Optional['OAuthVerifyCertFiles']                    => String,
     Optional['OAuthVerifyJwksUri']                      => Stdlib::HTTPSUrl,
     Optional['OAuthRemoteUserClaim']                    => String,
     Optional['OAuthAcceptTokenAs']                      => Pattern[/^((header|post|query|cookie\:[A-Za-z0-9\-\._]+|basic)\s?)+$/],
-    Optional['OAuthAccessTokenBindingPolicy']           => Enum['disabled','optional','required','enforced'],
+    Optional['OAuthAccessTokenBindingPolicy']           => Enum['disabled', 'optional', 'required', 'enforced'],
     Optional['Cookie']                                  => String,
     Optional['SessionCookieChunkSize']                  => Integer,
-    Optional['CookieHTTPOnly']                          => Enum['On','Off'],
-    Optional['CookieSameSite']                          => Enum['On','Off'],
+    Optional['CookieHTTPOnly']                          => Enum['On', 'Off'],
+    Optional['CookieSameSite']                          => Enum['On', 'Off'],
     Optional['PassCookies']                             => String,
     Optional['StripCookies']                            => String,
     Optional['StateMaxNumberOfCookies']                 => Pattern[/^[0-9]+\s(false|true)$/],
     Optional['SessionInactivityTimeout']                => Integer,
     Optional['SessionMaxDuration']                      => Integer,
     Optional['SessionType']                             => Pattern[/^(server-cache(:persistent)?|client-cookie(:persistent)?)$/],
-    Optional['SessionCacheFallbackToCookie']            => Enum['On','Off'],
-    Optional['CacheType']                               => Enum['shm','memcache','file','redis'],
-    Optional['CacheEncrypt']                            => Enum['On','Off'],
+    Optional['SessionCacheFallbackToCookie']            => Enum['On', 'Off'],
+    Optional['CacheType']                               => Enum['shm', 'memcache', 'file', 'redis'],
+    Optional['CacheEncrypt']                            => Enum['On', 'Off'],
     Optional['CacheShmMax']                             => Integer,
     Optional['CacheShmEntrySizeMax']                    => Integer,
     Optional['CacheFileCleanInterval']                  => Integer,
     Optional['MemCacheServers']                         => String,
     Optional['RedisCacheServer']                        => String,
     Optional['RedisCachePassword']                      => String,
-    Optional['DiscoverURL']                             => Variant[Stdlib::HTTPSUrl,Stdlib::HttpUrl],
+    Optional['DiscoverURL']                             => Variant[Stdlib::HTTPSUrl, Stdlib::HttpUrl],
     Optional['HTMLErrorTemplate']                       => String,
-    Optional['DefaultURL']                              => Variant[Stdlib::HTTPSUrl,Stdlib::HttpUrl],
+    Optional['DefaultURL']                              => Variant[Stdlib::HTTPSUrl, Stdlib::HttpUrl],
     Optional['PathScope']                               => Pattern[/^[A-Za-z0-9\-\._\s]+$/],
     Optional['PathAuthRequestParams']                   => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/],
     Optional['IDTokenIatSlack']                         => Integer,
@@ -91,17 +91,17 @@
     Optional['RemoteUserClaim']                         => String,
     Optional['PassIDTokenAs']                           => Pattern[/^((claims|payload|serialized)\s?)+$/],
     Optional['PassUserInfoAs']                          => Pattern[/^((claims|json|jwt)\s?)+$/],
-    Optional['PassClaimsAs']                            => Enum['none','headers','environment','both'],
+    Optional['PassClaimsAs']                            => Enum['none', 'headers', 'environment', 'both'],
     Optional['AuthNHeader']                             => String,
     Optional['HTTPTimeoutLong']                         => Integer,
     Optional['HTTPTimeoutShort']                        => Integer,
     Optional['StateTimeout']                            => Integer,
-    Optional['ScrubRequestHeaders']                     => Enum['On','Off'],
+    Optional['ScrubRequestHeaders']                     => Enum['On', 'Off'],
     Optional['OutgoingProxy']                           => String,
-    Optional['UnAuthAction']                            => Enum['auth','pass','401','410'],
-    Optional['UnAuthzAction']                           => Enum['401','403','auth'],
-    Optional['PreservePost']                            => Enum['On','Off'],
-    Optional['PassRefreshToken']                        => Enum['On','Off'],
+    Optional['UnAuthAction']                            => Enum['auth', 'pass', '401', '410'],
+    Optional['UnAuthzAction']                           => Enum['401', '403', 'auth'],
+    Optional['PreservePost']                            => Enum['On', 'Off'],
+    Optional['PassRefreshToken']                        => Enum['On', 'Off'],
     Optional['RequestObject']                           => String,
     Optional['ProviderMetadataRefreshInterval']         => Integer,
     Optional['InfoHook']                                => Pattern[/^((iat|access_token|access_token_expires|id_token|userinfo|refresh_token|session)\s?)+$/],
diff --git a/types/servertokens.pp b/types/servertokens.pp
new file mode 100644
index 0000000000..4e2171f71e
--- /dev/null
+++ b/types/servertokens.pp
@@ -0,0 +1,4 @@
+# @summary A string that conforms to the Apache `ServerTokens` syntax.
+#
+# @see https://httpd.apache.org/docs/2.4/mod/core.html#servertokens
+type Apache::ServerTokens = Enum['Major', 'Minor', 'Min', 'Minimal', 'Prod', 'ProductOnly', 'OS', 'Full']
diff --git a/types/vhost/proxypass.pp b/types/vhost/proxypass.pp
index d2d9729349..c02ae12821 100644
--- a/types/vhost/proxypass.pp
+++ b/types/vhost/proxypass.pp
@@ -63,7 +63,7 @@
 #
 # @example With mod_proxy environment variables
 #   { 'path' => '/f', 'url' => 'http://backend-f/',
-#     'setenv' => ['proxy-nokeepalive 1','force-proxy-request-1.0 1'], }
+#     'setenv' => ['proxy-nokeepalive 1', 'force-proxy-request-1.0 1'], }
 #
 # @example With ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath
 #   { 'path' => '/g', 'url' => 'http://backend-g/',
@@ -75,18 +75,24 @@
 #
 # @see https://httpd.apache.org/docs/current/mod/mod_proxy.html for additional documentation.
 #
-type Apache::Vhost::ProxyPass = Struct[{
-  path                          => String[1],
-  url                           => String[1],
-  Optional[params]              => Hash[String[1], Variant[String[1], Integer]],
-  Optional[keywords]            => Array[String[1]],
-  Optional[reverse_cookies]     => Array[Struct[{
-    url    => String[1],
-    path   => Optional[String[1]],
-    domain => Optional[String[1]],
-  }]],
-  Optional[reverse_urls]        => Array[String[1]],
-  Optional[setenv]              => Array[String[1]],
-  Optional[no_proxy_uris]       => Array[String[1]],
-  Optional[no_proxy_uris_match] => Array[String[1]],
-}]
+type Apache::Vhost::ProxyPass = Struct[
+  {
+    path                          => String[1],
+    url                           => String[1],
+    Optional[params]              => Hash[String[1], Variant[String[1], Integer]],
+    Optional[keywords]            => Array[String[1]],
+    Optional[reverse_cookies]     => Array[
+      Struct[
+        {
+          url    => String[1],
+          path   => Optional[String[1]],
+          domain => Optional[String[1]],
+        }
+      ]
+    ],
+    Optional[reverse_urls]        => Array[String[1]],
+    Optional[setenv]              => Array[String[1]],
+    Optional[no_proxy_uris]       => Array[String[1]],
+    Optional[no_proxy_uris_match] => Array[String[1]],
+  }
+]