Merge branch 'feature/webapp' into develop

2 files changed, 77 insertions, 0 deletions

diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
new file mode 100644
index 00000000..37c4a727
--- /dev/null
+++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
@@ -0,0 +1,37 @@
+<VirtualHost *:80>
+  ServerName <%= api_domain %>
+  RewriteEngine On
+  RewriteRule ^.*$ https://<%= api_domain -%>%{REQUEST_URI} [R=permanent,L]
+</VirtualHost>
+
+<VirtualHost *:443>
+  ServerName <%= api_domain %>
+
+  SSLEngine on
+  SSLProtocol -all +SSLv3 +TLSv1
+  SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH
+  SSLHonorCipherOrder on
+
+  SSLCACertificatePath /etc/ssl/certs
+  SSLCertificateChainFile /etc/ssl/certs/leap_api.pem
+  SSLCertificateKeyFile /etc/x509/keys/leap_api.key
+  SSLCertificateFile /etc/x509/certs/leap_api.crt
+
+  RequestHeader set X_FORWARDED_PROTO 'https'
+
+  DocumentRoot /srv/leap_webapp/public
+  Alias /1 /srv/leap_webapp/public
+
+  # Check for maintenance file and redirect all requests
+  RewriteEngine On
+  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
+  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
+  RewriteCond %{REQUEST_URI} !/images/maintenance.jpg
+  RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L]
+
+  # http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt
+  AllowEncodedSlashes on
+  PassengerAllowEncodedSlashes on
+  PassengerFriendlyErrorPages off
+  SetEnv TMPDIR /var/tmp
+</VirtualHost>
diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
new file mode 100644
index 00000000..85e7289b
--- /dev/null
+++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
@@ -0,0 +1,40 @@
+<VirtualHost *:80>
+  ServerName <%= domain %>
+  ServerAlias www.<%= domain %>
+  RewriteEngine On
+  RewriteRule ^.*$ https://<%= domain -%>%{REQUEST_URI} [R=permanent,L]
+</VirtualHost>
+
+<VirtualHost *:443>
+  ServerName <%= domain %>
+  ServerAlias www.<%= domain %>
+
+  SSLEngine on
+  SSLProtocol -all +SSLv3 +TLSv1
+  SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH
+  SSLHonorCipherOrder on
+
+  SSLCACertificatePath /etc/ssl/certs
+  SSLCertificateChainFile /etc/ssl/certs/leap_webapp.pem
+  SSLCertificateKeyFile /etc/x509/keys/leap_webapp.key
+  SSLCertificateFile /etc/x509/certs/leap_webapp.crt
+
+  RequestHeader set X_FORWARDED_PROTO 'https'
+
+  DocumentRoot /srv/leap_webapp/public
+  Alias /1 /srv/leap_webapp/public
+
+  RewriteEngine On
+  # Check for maintenance file and redirect all requests
+  RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
+  RewriteCond %{SCRIPT_FILENAME} !maintenance.html
+  RewriteCond %{REQUEST_URI} !/images/maintenance.jpg
+  RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L]
+
+  # http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt
+  AllowEncodedSlashes on
+  PassengerAllowEncodedSlashes on
+  PassengerFriendlyErrorPages off
+  SetEnv TMPDIR /var/tmp
+</VirtualHost>
+