diff options
author | Micah Anderson <micah@riseup.net> | 2013-04-12 13:23:29 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-04-12 14:37:28 -0400 |
commit | 115691c87bad3f5863f088e73603133b67c9f828 (patch) | |
tree | bbfd7b5c0d0c220ef3e52eb25acd4595a46b85d0 /templates/vhosts/php_silverstripe | |
parent | 2401aae6c4785c1e6a777756bebe70c38b889727 (diff) | |
parent | 5ec141dfbf218dd9b2f2611d788db98f74e65073 (diff) |
Merge remote-tracking branch 'immerda/master'
Fixed apache_no_default_site variable to be a parameter to the apache
class (no_default_site = false)
Conflicts:
files/include.d/Debian/ssl_defaults.inc
manifests/base.pp
manifests/config/file.pp
manifests/vhost.pp
manifests/vhost/php/standard.pp
manifests/vhost/template.pp
templates/vhosts/php/CentOS.erb
templates/vhosts/php/Debian.erb
Diffstat (limited to 'templates/vhosts/php_silverstripe')
l--------- | templates/vhosts/php_silverstripe/CentOS.erb | 1 | ||||
l--------- | templates/vhosts/php_silverstripe/Debian.erb | 1 | ||||
-rw-r--r-- | templates/vhosts/php_silverstripe/partial.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/php_silverstripe/php_silverstripe.erb | 191 |
4 files changed, 16 insertions, 193 deletions
diff --git a/templates/vhosts/php_silverstripe/CentOS.erb b/templates/vhosts/php_silverstripe/CentOS.erb deleted file mode 120000 index 9ac244f..0000000 --- a/templates/vhosts/php_silverstripe/CentOS.erb +++ /dev/null @@ -1 +0,0 @@ -php_silverstripe.erb
\ No newline at end of file diff --git a/templates/vhosts/php_silverstripe/Debian.erb b/templates/vhosts/php_silverstripe/Debian.erb deleted file mode 120000 index 9ac244f..0000000 --- a/templates/vhosts/php_silverstripe/Debian.erb +++ /dev/null @@ -1 +0,0 @@ -php_silverstripe.erb
\ No newline at end of file diff --git a/templates/vhosts/php_silverstripe/partial.erb b/templates/vhosts/php_silverstripe/partial.erb new file mode 100644 index 0000000..89a6052 --- /dev/null +++ b/templates/vhosts/php_silverstripe/partial.erb @@ -0,0 +1,16 @@ +<% if vhost_part != :ssl && ![false,'false'].include?(ssl_mode) -%> + # silverstripe + RedirectMatch /admin(.*) https://<%= servername %>/admin$1 + RedirectMatch /Security(.*) https://<%= servername %>/Security$1 + +<% end -%> + <Directory "<%= documentroot %>/"> + +<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> + +<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %> + +<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> + + Include include.d/silverstripe.inc + </Directory> diff --git a/templates/vhosts/php_silverstripe/php_silverstripe.erb b/templates/vhosts/php_silverstripe/php_silverstripe.erb deleted file mode 100644 index 671fc5c..0000000 --- a/templates/vhosts/php_silverstripe/php_silverstripe.erb +++ /dev/null @@ -1,191 +0,0 @@ -# <%= servername %> -<%- unless ssl_mode.to_s == 'only' then -%> -<VirtualHost *:80> - Include include.d/defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- if ssl_mode.to_s == 'force' then -%> - Redirect permanent / https://<%= servername %>/ - <%- end -%> - # silverstripe - RedirectMatch /admin(.*) https://<%= servername %>/admin$1 - RedirectMatch /Security(.*) https://<%= servername %>/Security$1 - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - <%- if run_mode.to_s == 'itk' -%> - <IfModule mpm_itk_module> - AssignUserId <%= run_uid+" "+run_gid %> - </IfModule> - <%- end -%> - <%- if not ssl_mode.to_s == 'force' then -%> - <Directory "<%= documentroot %>/"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - - # silverstripe .htaccess - <Files *.ss> - Order deny,allow - Deny from all - #Allow from 127.0.0.1 - </Files> - <IfModule mod_rewrite.c> - RewriteEngine On - #RewriteBase / - - RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$) - - RewriteCond %{REQUEST_URI} ^(.*)$ - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L] - </IfModule> - </Directory> - <%- end -%> - - <IfModule mod_security2.c> - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html - SecRuleRemoveById "960010" - </IfModule> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> -</VirtualHost> -<%- end -%> - -<%- unless ssl_mode.to_s == 'false' then -%> -<VirtualHost *:443> - Include include.d/defaults.inc - Include include.d/ssl_defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- if run_mode.to_s == 'itk' -%> - <IfModule mpm_itk_module> - AssignUserId <%= run_uid+" "+run_gid %> - </IfModule> - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - <Directory "<%= documentroot %>/"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - # turn allow_url_fopen on for the extension manager fetch - php_admin_value allow_url_fopen On - - # silverstripe .htaccess - <Files *.ss> - Order deny,allow - Deny from all - #Allow from 127.0.0.1 - </Files> - <IfModule mod_rewrite.c> - RewriteEngine On - #RewriteBase / - - RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$) - - RewriteCond %{REQUEST_URI} ^(.*)$ - RewriteCond %{REQUEST_FILENAME} !-f - RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L] - </IfModule> - </Directory> - - <IfModule mod_security2.c> - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html - SecRuleRemoveById "960010" - </IfModule> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> -</VirtualHost> -<%- end -%> |