diff options
Diffstat (limited to 'files/puppet/modules/pixelated/templates/pixelated-apache.conf.erb')
| -rw-r--r-- | files/puppet/modules/pixelated/templates/pixelated-apache.conf.erb | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/files/puppet/modules/pixelated/templates/pixelated-apache.conf.erb b/files/puppet/modules/pixelated/templates/pixelated-apache.conf.erb new file mode 100644 index 0000000..9f71420 --- /dev/null +++ b/files/puppet/modules/pixelated/templates/pixelated-apache.conf.erb @@ -0,0 +1,60 @@ +<VirtualHost *:80> + ServerName mail.<%= scope.lookupvar('::pixelated::agent::domain') %> + RewriteEngine On + RewriteRule ^.*$ https://mail.<%= scope.lookupvar('::pixelated::agent::domain') %>%{REQUEST_URI} [R=permanent,L] + CustomLog ${APACHE_LOG_DIR}/mail.<%= scope.lookupvar('::pixelated::agent::domain') %>.log common +</VirtualHost> + +<VirtualHost *:443> + ServerName mail.<%= scope.lookupvar('::pixelated::agent::domain') %> + CustomLog ${APACHE_LOG_DIR}/mail.<%= scope.lookupvar('::pixelated::agent::domain') %>.log common + + SSLCACertificatePath /etc/ssl/certs + SSLCertificateChainFile /usr/local/share/ca-certificates/leap_commercial_ca.crt + SSLCertificateKeyFile /etc/x509/keys/leap_commercial.key + SSLCertificateFile /etc/x509/certs/leap_commercial.crt + + Include include.d/ssl_common.inc + + <IfModule mod_headers.c> + Header always unset X-Powered-By + Header always unset X-Runtime + Header set X-Frame-Options SAMEORIGIN + </IfModule> + + DocumentRoot /srv/leap/webapp/public + + SSLProxyEngine on + ProxyPass / https://<%= scope.lookupvar('::pixelated::agent::domain') %>:8080/ + ProxyPassReverse / https://<%= scope.lookupvar('::pixelated::agent::domain') %>:8080/ +</VirtualHost> + + +Listen 8083 +<VirtualHost *:8083> + ServerName mail.<%= scope.lookupvar('::pixelated::agent::domain') %> + CustomLog ${APACHE_LOG_DIR}/mail.<%= scope.lookupvar('::pixelated::agent::domain') %>.log common + + SSLCACertificatePath /etc/ssl/certs + SSLCertificateChainFile /usr/local/share/ca-certificates/leap_commercial_ca.crt + SSLCertificateKeyFile /etc/x509/keys/leap_commercial.key + SSLCertificateFile /etc/x509/certs/leap_commercial.crt + + Include include.d/ssl_common.inc + + <IfModule mod_headers.c> + Header always unset X-Powered-By + Header always unset X-Runtime + </IfModule> + + DocumentRoot /srv/leap/webapp/public + + SSLProxyEngine on + ProxyPass / https://<%= scope.lookupvar('::pixelated::agent::domain') %>:8080/ + ProxyPassReverse / https://<%= scope.lookupvar('::pixelated::agent::domain') %>:8080/ + Header unset Content-Security-Policy + Header unset X-Content-Security-Policy + Header unset X-Webkit-Csp + +</VirtualHost> + |