diff options
Diffstat (limited to 'templates/vhosts/partials')
| -rw-r--r-- | templates/vhosts/partials/authentication.erb | 6 | ||||
| -rw-r--r-- | templates/vhosts/partials/header_default.erb | 20 | ||||
| -rw-r--r-- | templates/vhosts/partials/logs.erb | 14 | ||||
| -rw-r--r-- | templates/vhosts/partials/mod_security.erb | 27 | ||||
| -rw-r--r-- | templates/vhosts/partials/php_settings.erb | 19 | ||||
| -rw-r--r-- | templates/vhosts/partials/std_override_options.erb | 4 |
6 files changed, 90 insertions, 0 deletions
diff --git a/templates/vhosts/partials/authentication.erb b/templates/vhosts/partials/authentication.erb new file mode 100644 index 0000000..6ca1b03 --- /dev/null +++ b/templates/vhosts/partials/authentication.erb @@ -0,0 +1,6 @@ +<% unless htpasswd_file.to_s == 'absent' -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user +<% end -%>
\ No newline at end of file diff --git a/templates/vhosts/partials/header_default.erb b/templates/vhosts/partials/header_default.erb new file mode 100644 index 0000000..d6d8c86 --- /dev/null +++ b/templates/vhosts/partials/header_default.erb @@ -0,0 +1,20 @@ + Include include.d/defaults.inc +<% if vhost_part == :ssl -%> + Include include.d/ssl_defaults.inc +<% end -%> + ServerName <%= servername %> +<% unless serveralias.empty? || (serveralias == 'absent') -%> + ServerAlias <%= serveralias %> +<% end -%> +<% unless server_admin.empty? || (server_admin == 'absent') -%> + ServerAdmin <%= server_admin %> +<% end -%> +<% unless documentroot == 'really_absent' -%> + DocumentRoot <%= documentroot %>/ +<% end -%> +<% if default_charset != 'absent' then -%> + AddDefaultCharset <%= default_charset %> +<% end -%> +<% if passing_extension != 'absent' -%> + DirectoryIndex index.htm index.html index.<%= passing_extension %> +<% end -%> diff --git a/templates/vhosts/partials/logs.erb b/templates/vhosts/partials/logs.erb new file mode 100644 index 0000000..68403a8 --- /dev/null +++ b/templates/vhosts/partials/logs.erb @@ -0,0 +1,14 @@ +<% case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null +<% when 'semianonym' -%> + ErrorLog <%= logdir %>/<%= logprefix %>error_log + CustomLog <%= logdir %>/<%= logprefix %>access_log noip +<% when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/<%= logprefix %>access_log noip +<% else -%> + ErrorLog <%= logdir %>/<%= logprefix %>error_log + CustomLog <%= logdir %>/<%= logprefix %>access_log combined +<% end -%> diff --git a/templates/vhosts/partials/mod_security.erb b/templates/vhosts/partials/mod_security.erb new file mode 100644 index 0000000..5b4fca8 --- /dev/null +++ b/templates/vhosts/partials/mod_security.erb @@ -0,0 +1,27 @@ + <IfModule mod_security2.c> +<% if mod_security.to_s == 'true' then -%> + SecRuleEngine On +<% if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly +<% else -%> + SecAuditEngine On +<% end -%> +<% else -%> + SecRuleEngine Off + SecAuditEngine Off +<% end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log +<% unless mod_security_rules_to_disable.to_a.empty? -%> + +<% mod_security_rules_to_disable.to_a.each do |rule| -%> + SecRuleRemoveById "<%= rule %>" +<% end -%> +<% end -%> +<% unless mod_security_additional_options.to_s == 'absent' -%> + + <%= mod_security_additional_options %> +<% end -%> + </IfModule> diff --git a/templates/vhosts/partials/php_settings.erb b/templates/vhosts/partials/php_settings.erb new file mode 100644 index 0000000..7840987 --- /dev/null +++ b/templates/vhosts/partials/php_settings.erb @@ -0,0 +1,19 @@ +<% if run_mode != 'fcgid' + php_settings.reject{|k,v| v == :undef }.keys.sort.each do |key| + dvalue = php_settings[key].to_s.downcase + munged_value = if dvalue == 'true' + 'on' + elsif dvalue == 'false' + 'off' + elsif ['on','off'].include?(dvalue) + dvalue + else + php_settings[key] + end + if ['on','off' ].include?(munged_value) -%> + php_admin_flag <%= key %> <%= munged_value %> +<% else -%> + php_admin_value <%= key %> <%= munged_value %> +<% end -%> +<% end -%> +<% end -%> diff --git a/templates/vhosts/partials/std_override_options.erb b/templates/vhosts/partials/std_override_options.erb new file mode 100644 index 0000000..95a5e6a --- /dev/null +++ b/templates/vhosts/partials/std_override_options.erb @@ -0,0 +1,4 @@ + AllowOverride <%= allow_override %> + <% if options.to_s != 'absent' || do_includes.to_s == 'true' || run_mode == 'fcgid' -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% if run_mode == 'fcgid' && !options.include?('+ExecCGI') -%> +ExecCGI<% end -%> + <% end -%> |