summaryrefslogtreecommitdiff
path: root/templates/vhosts/webdav
diff options
context:
space:
mode:
Diffstat (limited to 'templates/vhosts/webdav')
-rw-r--r--templates/vhosts/webdav/webdav.erb153
1 files changed, 148 insertions, 5 deletions
diff --git a/templates/vhosts/webdav/webdav.erb b/templates/vhosts/webdav/webdav.erb
index 6e66f30..a7dfa37 100644
--- a/templates/vhosts/webdav/webdav.erb
+++ b/templates/vhosts/webdav/webdav.erb
@@ -1,4 +1,7 @@
# <%= servername %>
+<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
+<IfDefine HttpdLocal>
+<%- end -%>
<%- unless ssl_mode.to_s == 'only' then -%>
<VirtualHost *:80>
Include include.d/defaults.inc
@@ -26,16 +29,20 @@
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- end -%>
+
<%- if ssl_mode.to_s == 'force' then -%>
Redirect permanent / https://<%= servername %>/
+
<%- end -%>
<%- if default_charset.to_s != 'absent' then -%>
AddDefaultCharset <%= default_charset %>
+
<%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
+ <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%>
<IfModule mpm_itk_module>
AssignUserId <%= run_uid+" "+run_gid %>
</IfModule>
+
<%- end -%>
<%- if not ssl_mode.to_s == 'force' then -%>
DAVLockDB <%= real_dav_db_dir %>/DAVLock
@@ -66,6 +73,7 @@
</Directory>
<%- end -%>
+ <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<IfModule mod_security2.c>
<%- if mod_security.to_s == 'true' then -%>
SecRuleEngine On
@@ -83,6 +91,7 @@
SecAuditLog <%= logdir %>/mod_security_audit.log
SecDebugLog <%= logdir %>/mod_security_debug.log
</IfModule>
+ <%- end -%>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
@@ -118,13 +127,16 @@
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
+
+ <%- if default_charset.to_s != 'absent' then -%>
+ AddDefaultCharset <%= default_charset %>
+
+ <%- end -%>
+ <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%>
<IfModule mpm_itk_module>
AssignUserId <%= run_uid+" "+run_gid %>
</IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
+
<%- end -%>
DAVLockDB <%= real_dav_db_dir %>/DAVLock
<Directory "<%= documentroot %>/">
@@ -153,6 +165,7 @@
<%- end -%>
</Directory>
+ <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<IfModule mod_security2.c>
<%- if mod_security.to_s == 'true' then -%>
SecRuleEngine On
@@ -170,9 +183,139 @@
SecAuditLog <%= logdir %>/mod_security_audit.log
SecDebugLog <%= logdir %>/mod_security_debug.log
</IfModule>
+ <%- end -%>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<%- end -%>
+<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
+</IfDefine>
+<IfDefine !HttpdLocal>
+<%- unless ssl_mode.to_s == 'only' then -%>
+<VirtualHost *:80>
+ Include include.d/defaults.inc
+
+ ServerName <%= servername %>
+ <%- unless serveralias.to_s.empty? then -%>
+ ServerAlias <%= serveralias %>
+ <%- end -%>
+ <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
+ ServerAdmin <%= server_admin %>
+ <%- end -%>
+
+ <%- case logmode.to_s
+ when 'nologs' -%>
+ ErrorLog /dev/null
+ CustomLog /dev/null
+ <%- when 'semianonym' -%>
+ ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip
+ <%- when 'anonym' -%>
+ ErrorLog /dev/null
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip
+ <%- else -%>
+ ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined
+ <%- end -%>
+
+ ProxyPreserveHost On
+ ProxyRequests off
+ ProxyPass / https://127.0.0.1/
+ ProxyPassReverse / https://127.0.0.1/
+
+ <%- if ssl_mode.to_s == 'force' then -%>
+ Redirect permanent / https://<%= servername %>/
+
+ <%- end -%>
+ <%- if default_charset.to_s != 'absent' then -%>
+ AddDefaultCharset <%= default_charset %>
+
+ <%- end -%>
+ <IfModule mod_security2.c>
+ <%- if mod_security.to_s == 'true' then -%>
+ SecRuleEngine On
+ <%- if mod_security_relevantonly.to_s == 'true' then -%>
+ SecAuditEngine RelevantOnly
+ <%- else -%>
+ SecAuditEngine On
+ <%- end -%>
+ <%- else -%>
+ SecRuleEngine Off
+ SecAuditEngine Off
+ <%- end -%>
+ SecAuditLogType Concurrent
+ SecAuditLogStorageDir <%= logdir %>/
+ SecAuditLog <%= logdir %>/mod_security_audit.log
+ SecDebugLog <%= logdir %>/mod_security_debug.log
+ </IfModule>
+
+ <%- unless additional_options.to_s == 'absent' then -%>
+ <%= additional_options %>
+ <%- end -%>
+</VirtualHost>
+<%- end -%>
+
+<%- unless ssl_mode.to_s == 'false' then -%>
+<VirtualHost *:443>
+ Include include.d/defaults.inc
+ Include include.d/ssl_defaults.inc
+
+ ServerName <%= servername %>
+ <%- unless serveralias.to_s.empty? then -%>
+ ServerAlias <%= serveralias %>
+ <%- end -%>
+ <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
+ ServerAdmin <%= server_admin %>
+ <%- end -%>
+
+ <%- case logmode.to_s
+ when 'nologs' -%>
+ ErrorLog /dev/null
+ CustomLog /dev/null
+ <%- when 'semianonym' -%>
+ ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip
+ <%- when 'anonym' -%>
+ ErrorLog /dev/null
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip
+ <%- else -%>
+ ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log
+ CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined
+ <%- end -%>
+
+ ProxyPreserveHost On
+ ProxyRequests off
+ ProxyPass / http://127.0.0.1/
+ ProxyPassReverse / http://127.0.0.1/
+
+ <%- if default_charset.to_s != 'absent' then -%>
+ AddDefaultCharset <%= default_charset %>
+
+ <%- end -%>
+ <IfModule mod_security2.c>
+ <%- if mod_security.to_s == 'true' then -%>
+ SecRuleEngine On
+ <%- if mod_security_relevantonly.to_s == 'true' then -%>
+ SecAuditEngine RelevantOnly
+ <%- else -%>
+ SecAuditEngine On
+ <%- end -%>
+ <%- else -%>
+ SecRuleEngine Off
+ SecAuditEngine Off
+ <%- end -%>
+ SecAuditLogType Concurrent
+ SecAuditLogStorageDir <%= logdir %>/
+ SecAuditLog <%= logdir %>/mod_security_audit.log
+ SecDebugLog <%= logdir %>/mod_security_debug.log
+ </IfModule>
+
+ <%- unless additional_options.to_s == 'absent' then -%>
+ <%= additional_options %>
+ <%- end -%>
+</VirtualHost>
+<%- end -%>
+</IfDefine>
+<%- end -%>