summaryrefslogtreecommitdiff
path: root/templates/vhosts/php_silverstripe
diff options
context:
space:
mode:
Diffstat (limited to 'templates/vhosts/php_silverstripe')
l---------templates/vhosts/php_silverstripe/CentOS.erb1
l---------templates/vhosts/php_silverstripe/Debian.erb1
-rw-r--r--templates/vhosts/php_silverstripe/partial.erb16
-rw-r--r--templates/vhosts/php_silverstripe/php_silverstripe.erb191
4 files changed, 16 insertions, 193 deletions
diff --git a/templates/vhosts/php_silverstripe/CentOS.erb b/templates/vhosts/php_silverstripe/CentOS.erb
deleted file mode 120000
index 9ac244f..0000000
--- a/templates/vhosts/php_silverstripe/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_silverstripe.erb \ No newline at end of file
diff --git a/templates/vhosts/php_silverstripe/Debian.erb b/templates/vhosts/php_silverstripe/Debian.erb
deleted file mode 120000
index 9ac244f..0000000
--- a/templates/vhosts/php_silverstripe/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_silverstripe.erb \ No newline at end of file
diff --git a/templates/vhosts/php_silverstripe/partial.erb b/templates/vhosts/php_silverstripe/partial.erb
new file mode 100644
index 0000000..89a6052
--- /dev/null
+++ b/templates/vhosts/php_silverstripe/partial.erb
@@ -0,0 +1,16 @@
+<% if vhost_part != :ssl && ![false,'false'].include?(ssl_mode) -%>
+ # silverstripe
+ RedirectMatch /admin(.*) https://<%= servername %>/admin$1
+ RedirectMatch /Security(.*) https://<%= servername %>/Security$1
+
+<% end -%>
+ <Directory "<%= documentroot %>/">
+
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+
+ Include include.d/silverstripe.inc
+ </Directory>
diff --git a/templates/vhosts/php_silverstripe/php_silverstripe.erb b/templates/vhosts/php_silverstripe/php_silverstripe.erb
deleted file mode 100644
index 671fc5c..0000000
--- a/templates/vhosts/php_silverstripe/php_silverstripe.erb
+++ /dev/null
@@ -1,191 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- # silverstripe
- RedirectMatch /admin(.*) https://<%= servername %>/admin$1
- RedirectMatch /Security(.*) https://<%= servername %>/Security$1
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
-
- # silverstripe .htaccess
- <Files *.ss>
- Order deny,allow
- Deny from all
- #Allow from 127.0.0.1
- </Files>
- <IfModule mod_rewrite.c>
- RewriteEngine On
- #RewriteBase /
-
- RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
-
- RewriteCond %{REQUEST_URI} ^(.*)$
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
- </IfModule>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- # turn allow_url_fopen on for the extension manager fetch
- php_admin_value allow_url_fopen On
-
- # silverstripe .htaccess
- <Files *.ss>
- Order deny,allow
- Deny from all
- #Allow from 127.0.0.1
- </Files>
- <IfModule mod_rewrite.c>
- RewriteEngine On
- #RewriteBase /
-
- RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
-
- RewriteCond %{REQUEST_URI} ^(.*)$
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
- </IfModule>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>