summaryrefslogtreecommitdiff
path: root/templates/vhosts
diff options
context:
space:
mode:
Diffstat (limited to 'templates/vhosts')
-rw-r--r--templates/vhosts/default.erb42
l---------templates/vhosts/gitweb/CentOS.erb1
l---------templates/vhosts/gitweb/Debian.erb1
-rw-r--r--templates/vhosts/gitweb/gitweb.erb140
-rw-r--r--templates/vhosts/gitweb/partial.erb19
-rw-r--r--templates/vhosts/itk_plus.erb6
-rw-r--r--templates/vhosts/itk_plus/partial.erb32
-rw-r--r--templates/vhosts/partials/authentication.erb6
-rw-r--r--templates/vhosts/partials/header_default.erb20
-rw-r--r--templates/vhosts/partials/logs.erb14
-rw-r--r--templates/vhosts/partials/mod_security.erb27
-rw-r--r--templates/vhosts/partials/php_settings.erb19
-rw-r--r--templates/vhosts/partials/std_override_options.erb4
l---------templates/vhosts/passenger/CentOS.erb1
l---------templates/vhosts/passenger/Debian.erb1
-rw-r--r--templates/vhosts/passenger/partial.erb7
-rw-r--r--templates/vhosts/passenger/passenger.erb118
l---------templates/vhosts/perl/CentOS.erb1
l---------templates/vhosts/perl/Debian.erb1
-rw-r--r--templates/vhosts/perl/partial.erb15
-rw-r--r--templates/vhosts/perl/perl.erb148
-rw-r--r--templates/vhosts/php/CentOS.erb164
-rw-r--r--templates/vhosts/php/Debian.erb164
-rw-r--r--templates/vhosts/php/partial.erb7
l---------templates/vhosts/php_drupal/CentOS.erb1
l---------templates/vhosts/php_drupal/Debian.erb1
-rw-r--r--templates/vhosts/php_drupal/partial.erb26
-rw-r--r--templates/vhosts/php_drupal/php_drupal.erb198
l---------templates/vhosts/php_gallery2/CentOS.erb1
l---------templates/vhosts/php_gallery2/Debian.erb1
-rw-r--r--templates/vhosts/php_gallery2/partial.erb16
-rw-r--r--templates/vhosts/php_gallery2/php_gallery.erb166
l---------templates/vhosts/php_joomla/CentOS.erb1
l---------templates/vhosts/php_joomla/Debian.erb1
-rw-r--r--templates/vhosts/php_joomla/partial.erb32
-rw-r--r--templates/vhosts/php_joomla/php_joomla.erb190
l---------templates/vhosts/php_mediawiki/CentOS.erb1
l---------templates/vhosts/php_mediawiki/Debian.erb1
-rw-r--r--templates/vhosts/php_mediawiki/partial.erb16
-rw-r--r--templates/vhosts/php_mediawiki/php_mediawiki.erb136
l---------templates/vhosts/php_silverstripe/CentOS.erb1
l---------templates/vhosts/php_silverstripe/Debian.erb1
-rw-r--r--templates/vhosts/php_silverstripe/partial.erb16
-rw-r--r--templates/vhosts/php_silverstripe/php_silverstripe.erb191
l---------templates/vhosts/php_simplemachine/CentOS.erb1
l---------templates/vhosts/php_simplemachine/Debian.erb1
-rw-r--r--templates/vhosts/php_simplemachine/php_simplemachine.erb142
l---------templates/vhosts/php_spip/CentOS.erb1
l---------templates/vhosts/php_spip/Debian.erb1
-rw-r--r--templates/vhosts/php_spip/php_spip.erb154
l---------templates/vhosts/php_typo3/CentOS.erb1
l---------templates/vhosts/php_typo3/Debian.erb1
-rw-r--r--templates/vhosts/php_typo3/partial.erb10
-rw-r--r--templates/vhosts/php_typo3/php_typo3.erb171
l---------templates/vhosts/php_wordpress/CentOS.erb1
l---------templates/vhosts/php_wordpress/Debian.erb1
-rw-r--r--templates/vhosts/php_wordpress/partial.erb6
-rw-r--r--templates/vhosts/php_wordpress/php_wordpress.erb146
-rw-r--r--templates/vhosts/proxy/partial.erb8
l---------templates/vhosts/redirect/CentOS.erb1
l---------templates/vhosts/redirect/Debian.erb1
l---------templates/vhosts/redirect/OpenBSD.erb1
-rw-r--r--templates/vhosts/redirect/partial.erb1
-rw-r--r--templates/vhosts/redirect/redirect.erb41
l---------templates/vhosts/static/CentOS.erb1
l---------templates/vhosts/static/Debian.erb1
l---------templates/vhosts/static/OpenBSD.erb1
-rw-r--r--templates/vhosts/static/partial.erb5
-rw-r--r--templates/vhosts/static/static.erb120
l---------templates/vhosts/webdav/CentOS.erb1
l---------templates/vhosts/webdav/Debian.erb1
-rw-r--r--templates/vhosts/webdav/partial.erb21
-rw-r--r--templates/vhosts/webdav/webdav.erb157
73 files changed, 375 insertions, 2578 deletions
diff --git a/templates/vhosts/default.erb b/templates/vhosts/default.erb
new file mode 100644
index 0000000..809cd9b
--- /dev/null
+++ b/templates/vhosts/default.erb
@@ -0,0 +1,42 @@
+<%
+vhost_parts = case ssl_mode
+ when 'only' then [:ssl]
+ when false,'false' then [:normal]
+ else [:normal,:ssl]
+end
+vhost_parts.each do |vhost_part| -%>
+<VirtualHost *:<%= vhost_part == :ssl ? '443' : '80' %> >
+
+<%= scope.function_templatewlv(['apache/vhosts/partials/header_default.erb', {'vhost_part' => vhost_part } ]) %>
+
+<%= scope.function_template(['apache/vhosts/partials/logs.erb']) %>
+
+ <% if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%>
+ <IfModule mpm_itk_module>
+ AssignUserId <%= run_uid+" "+run_gid %>
+ </IfModule>
+
+ <% elsif run_mode.to_s == 'fcgid' && !(ssl_mode == 'force' && vhost_part == :normal) -%>
+ <IfModule mod_fcgid.c>
+ SuexecUserGroup <%= run_uid+" "+run_gid %>
+ FcgidMaxRequestsPerProcess 5000
+ FCGIWrapper /var/www/mod_fcgid-starters/<%= name %>/<%= name %>-starter .<%= passing_extension %>
+ AddHandler fcgid-script .<%= passing_extension %>
+ </IfModule>
+
+ <% end -%>
+ <% if ssl_mode == 'force' && vhost_part == :normal -%>
+ RewriteEngine On
+ RewriteCond %{HTTPS} !=on
+ RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
+ <% else -%>
+<%= scope.function_templatewlv([template_partial, {'vhost_part' => vhost_part } ]) %>
+ <% end -%>
+<%- unless template_partial == 'apache/vhosts/itk_plus/partial.erb' -%>
+<%= scope.function_template(['apache/vhosts/partials/mod_security.erb']) %>
+<% end -%>
+<% unless additional_options.to_s == 'absent' -%>
+ <%= additional_options %>
+<% end -%>
+</VirtualHost>
+<% end -%>
diff --git a/templates/vhosts/gitweb/CentOS.erb b/templates/vhosts/gitweb/CentOS.erb
deleted file mode 120000
index a3f2135..0000000
--- a/templates/vhosts/gitweb/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-gitweb.erb \ No newline at end of file
diff --git a/templates/vhosts/gitweb/Debian.erb b/templates/vhosts/gitweb/Debian.erb
deleted file mode 120000
index a3f2135..0000000
--- a/templates/vhosts/gitweb/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-gitweb.erb \ No newline at end of file
diff --git a/templates/vhosts/gitweb/gitweb.erb b/templates/vhosts/gitweb/gitweb.erb
deleted file mode 100644
index 23b723f..0000000
--- a/templates/vhosts/gitweb/gitweb.erb
+++ /dev/null
@@ -1,140 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
-
- SetEnv GITWEB_CONFIG <%= gitweb_config %>
- DirectoryIndex gitweb.cgi
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%><%- unless options.include?('+ExecCGI') then -%> +ExecCGI<%- end -%>
- <%- end -%>
-
- AddHandler cgi-script .cgi
- <Files gitweb.cgi>
- Options ExecCGI FollowSymLinks
- SetHandler cgi-script
- </Files>
- RewriteEngine on
- RewriteRule ^[a-zA-Z0-9_-]+.git/?(\?.)?$ /gitweb.cgi%{REQUESTURI} [L,PT]
-
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
-
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
-
- SetEnv GITWEB_CONFIG <%= gitweb_config %>
- DirectoryIndex gitweb.cgi
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%><%- unless options.include?('+ExecCGI') then -%> +ExecCGI<%- end -%>
- <%- end -%>
-
- AddHandler cgi-script .cgi
- <Files gitweb.cgi>
- Options ExecCGI FollowSymLinks
- SetHandler cgi-script
- </Files>
- RewriteEngine on
- RewriteRule ^[a-zA-Z0-9_-]+.git/?(\?.)?$ /gitweb.cgi%{REQUESTURI} [L,PT]
-
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
-
- <%- end %>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/gitweb/partial.erb b/templates/vhosts/gitweb/partial.erb
new file mode 100644
index 0000000..7238ebe
--- /dev/null
+++ b/templates/vhosts/gitweb/partial.erb
@@ -0,0 +1,19 @@
+ <% unless ssl_mode.to_s == 'force' -%>
+ SetEnv GITWEB_CONFIG <%= gitweb_config %>
+ DirectoryIndex gitweb.cgi
+ <Directory "<%= documentroot %>/">
+ <% if options.to_s != 'absent' or do_includes.to_s == 'true'-%>
+ Options <% unless options.to_s == 'absent' -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% unless options.include?('+ExecCGI') -%> +ExecCGI<% end -%>
+ <% end -%>
+
+ AddHandler cgi-script .cgi
+ <Files gitweb.cgi>
+ Options ExecCGI FollowSymLinks
+ SetHandler cgi-script
+ </Files>
+ RewriteEngine on
+ RewriteRule ^[a-zA-Z0-9_-]+.git/?(\?.)?$ /gitweb.cgi%{REQUESTURI} [L,PT]
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
+ <% end -%>
diff --git a/templates/vhosts/itk_plus.erb b/templates/vhosts/itk_plus.erb
new file mode 100644
index 0000000..b546196
--- /dev/null
+++ b/templates/vhosts/itk_plus.erb
@@ -0,0 +1,6 @@
+<IfDefine HttpdLocal>
+<%= scope.function_template(['apache/vhost/default.erb']) %>
+</IfDefine>
+<IfDefine !HttpdLocal>
+<%= scope.function_templatewlv(['apache/vhost/default.erb', {'template_partial' => 'apache/vhosts/itk_plus/partial.erb' }]) %>
+</IfDefine>
diff --git a/templates/vhosts/itk_plus/partial.erb b/templates/vhosts/itk_plus/partial.erb
new file mode 100644
index 0000000..5b05dd8
--- /dev/null
+++ b/templates/vhosts/itk_plus/partial.erb
@@ -0,0 +1,32 @@
+
+ ProxyPreserveHost On
+ ProxyRequests off
+<% if vhost_part == :ssl -%>
+ SSLProxyEngine On
+ <%- if run_mode.to_s == 'static-itk' -%>
+ ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ https://127.0.0.1/$1
+ <%- else -%>
+ ProxyPass / https://127.0.0.1/
+ <%- end -%>
+ ProxyPassReverse / https://127.0.0.1/
+<% else -%>
+ <% if run_mode.to_s == 'static-itk' -%>
+ ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ http://127.0.0.1/$1
+ <% else -%>
+ ProxyPass / http://127.0.0.1/
+ <% end -%>
+ ProxyPassReverse / http://127.0.0.1/
+<% end %>
+
+ <% if run_mode.to_s == 'static-itk' && (ssl_mode.to_s != 'force' || vhost_part == :ssl) -%>
+ <Directory "<%= documentroot %>/">
+ AllowOverride <%= allow_override %>
+ <% if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
+ Options <% unless options.to_s == 'absent' then -%><%= options %><% end -%><% if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<% end -%>
+
+ <% end -%>
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
+ <% end -%>
+
+
diff --git a/templates/vhosts/partials/authentication.erb b/templates/vhosts/partials/authentication.erb
new file mode 100644
index 0000000..6ca1b03
--- /dev/null
+++ b/templates/vhosts/partials/authentication.erb
@@ -0,0 +1,6 @@
+<% unless htpasswd_file.to_s == 'absent' -%>
+ AuthType Basic
+ AuthName "Access fuer <%= servername %>"
+ AuthUserFile <%= real_htpasswd_path %>
+ require valid-user
+<% end -%> \ No newline at end of file
diff --git a/templates/vhosts/partials/header_default.erb b/templates/vhosts/partials/header_default.erb
new file mode 100644
index 0000000..d6d8c86
--- /dev/null
+++ b/templates/vhosts/partials/header_default.erb
@@ -0,0 +1,20 @@
+ Include include.d/defaults.inc
+<% if vhost_part == :ssl -%>
+ Include include.d/ssl_defaults.inc
+<% end -%>
+ ServerName <%= servername %>
+<% unless serveralias.empty? || (serveralias == 'absent') -%>
+ ServerAlias <%= serveralias %>
+<% end -%>
+<% unless server_admin.empty? || (server_admin == 'absent') -%>
+ ServerAdmin <%= server_admin %>
+<% end -%>
+<% unless documentroot == 'really_absent' -%>
+ DocumentRoot <%= documentroot %>/
+<% end -%>
+<% if default_charset != 'absent' then -%>
+ AddDefaultCharset <%= default_charset %>
+<% end -%>
+<% if passing_extension != 'absent' -%>
+ DirectoryIndex index.htm index.html index.<%= passing_extension %>
+<% end -%>
diff --git a/templates/vhosts/partials/logs.erb b/templates/vhosts/partials/logs.erb
new file mode 100644
index 0000000..68403a8
--- /dev/null
+++ b/templates/vhosts/partials/logs.erb
@@ -0,0 +1,14 @@
+<% case logmode.to_s
+ when 'nologs' -%>
+ ErrorLog /dev/null
+ CustomLog /dev/null
+<% when 'semianonym' -%>
+ ErrorLog <%= logdir %>/<%= logprefix %>error_log
+ CustomLog <%= logdir %>/<%= logprefix %>access_log noip
+<% when 'anonym' -%>
+ ErrorLog /dev/null
+ CustomLog <%= logdir %>/<%= logprefix %>access_log noip
+<% else -%>
+ ErrorLog <%= logdir %>/<%= logprefix %>error_log
+ CustomLog <%= logdir %>/<%= logprefix %>access_log combined
+<% end -%>
diff --git a/templates/vhosts/partials/mod_security.erb b/templates/vhosts/partials/mod_security.erb
new file mode 100644
index 0000000..5b4fca8
--- /dev/null
+++ b/templates/vhosts/partials/mod_security.erb
@@ -0,0 +1,27 @@
+ <IfModule mod_security2.c>
+<% if mod_security.to_s == 'true' then -%>
+ SecRuleEngine On
+<% if mod_security_relevantonly.to_s == 'true' then -%>
+ SecAuditEngine RelevantOnly
+<% else -%>
+ SecAuditEngine On
+<% end -%>
+<% else -%>
+ SecRuleEngine Off
+ SecAuditEngine Off
+<% end -%>
+ SecAuditLogType Concurrent
+ SecAuditLogStorageDir <%= logdir %>/
+ SecAuditLog <%= logdir %>/mod_security_audit.log
+ SecDebugLog <%= logdir %>/mod_security_debug.log
+<% unless mod_security_rules_to_disable.to_a.empty? -%>
+
+<% mod_security_rules_to_disable.to_a.each do |rule| -%>
+ SecRuleRemoveById "<%= rule %>"
+<% end -%>
+<% end -%>
+<% unless mod_security_additional_options.to_s == 'absent' -%>
+
+ <%= mod_security_additional_options %>
+<% end -%>
+ </IfModule>
diff --git a/templates/vhosts/partials/php_settings.erb b/templates/vhosts/partials/php_settings.erb
new file mode 100644
index 0000000..7840987
--- /dev/null
+++ b/templates/vhosts/partials/php_settings.erb
@@ -0,0 +1,19 @@
+<% if run_mode != 'fcgid'
+ php_settings.reject{|k,v| v == :undef }.keys.sort.each do |key|
+ dvalue = php_settings[key].to_s.downcase
+ munged_value = if dvalue == 'true'
+ 'on'
+ elsif dvalue == 'false'
+ 'off'
+ elsif ['on','off'].include?(dvalue)
+ dvalue
+ else
+ php_settings[key]
+ end
+ if ['on','off' ].include?(munged_value) -%>
+ php_admin_flag <%= key %> <%= munged_value %>
+<% else -%>
+ php_admin_value <%= key %> <%= munged_value %>
+<% end -%>
+<% end -%>
+<% end -%>
diff --git a/templates/vhosts/partials/std_override_options.erb b/templates/vhosts/partials/std_override_options.erb
new file mode 100644
index 0000000..95a5e6a
--- /dev/null
+++ b/templates/vhosts/partials/std_override_options.erb
@@ -0,0 +1,4 @@
+ AllowOverride <%= allow_override %>
+ <% if options.to_s != 'absent' || do_includes.to_s == 'true' || run_mode == 'fcgid' -%>
+ Options <%- unless options.to_s == 'absent' then -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% if run_mode == 'fcgid' && !options.include?('+ExecCGI') -%> +ExecCGI<% end -%>
+ <% end -%>
diff --git a/templates/vhosts/passenger/CentOS.erb b/templates/vhosts/passenger/CentOS.erb
deleted file mode 120000
index c5062da..0000000
--- a/templates/vhosts/passenger/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-passenger.erb \ No newline at end of file
diff --git a/templates/vhosts/passenger/Debian.erb b/templates/vhosts/passenger/Debian.erb
deleted file mode 120000
index c5062da..0000000
--- a/templates/vhosts/passenger/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-passenger.erb \ No newline at end of file
diff --git a/templates/vhosts/passenger/partial.erb b/templates/vhosts/passenger/partial.erb
new file mode 100644
index 0000000..490649e
--- /dev/null
+++ b/templates/vhosts/passenger/partial.erb
@@ -0,0 +1,7 @@
+ SetEnv GEM_HOME <%= gempath %>
+ <Directory <%= documentroot %>/>
+ AllowOverride <%= allow_override %>
+ Options <%- unless options.to_s == 'absent' -%><%= options %><%- end -%><%- unless !options.to_s.include?('MultiViews') -%>-MultiViews<%- end -%>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
diff --git a/templates/vhosts/passenger/passenger.erb b/templates/vhosts/passenger/passenger.erb
deleted file mode 100644
index 2c23dce..0000000
--- a/templates/vhosts/passenger/passenger.erb
+++ /dev/null
@@ -1,118 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/public
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/public
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/perl/CentOS.erb b/templates/vhosts/perl/CentOS.erb
deleted file mode 120000
index c721da2..0000000
--- a/templates/vhosts/perl/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-perl.erb \ No newline at end of file
diff --git a/templates/vhosts/perl/Debian.erb b/templates/vhosts/perl/Debian.erb
deleted file mode 120000
index c721da2..0000000
--- a/templates/vhosts/perl/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-perl.erb \ No newline at end of file
diff --git a/templates/vhosts/perl/partial.erb b/templates/vhosts/perl/partial.erb
new file mode 100644
index 0000000..a8c30c3
--- /dev/null
+++ b/templates/vhosts/perl/partial.erb
@@ -0,0 +1,15 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
+
+ <% unless htpasswd_file.to_s == 'absent' -%>
+ <Directory "<%= cgi_binpath %>/">
+ AuthType Basic
+ AuthName "Access fuer <%= servername %>"
+ AuthUserFile <%= real_htpasswd_path %>
+ require valid-user
+ </Directory>
+ <% end -%>
+ ScriptAlias /cgi-bin/ <%= cgi_binpath %>/
diff --git a/templates/vhosts/perl/perl.erb b/templates/vhosts/perl/perl.erb
deleted file mode 100644
index 0582e73..0000000
--- a/templates/vhosts/perl/perl.erb
+++ /dev/null
@@ -1,148 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
-
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- <Directory "<%= cgi_binpath %>/">
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- </Directory>
- <%- end -%>
- ScriptAlias /cgi-bin/ <%= cgi_binpath %>/
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
-
- ScriptAlias /cgi-bin/ <%= cgi_binpath %>/
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- <Directory "<%= cgi_binpath %>/">
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php/CentOS.erb b/templates/vhosts/php/CentOS.erb
deleted file mode 100644
index bb88741..0000000
--- a/templates/vhosts/php/CentOS.erb
+++ /dev/null
@@ -1,164 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/Smarty:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- <%- unless php_additional_options.to_s == 'absent' then -%>
- <%- php_additional_options.each do |php_additional_option| -%>
- <%= php_additional_option %>
- <%- end -%>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- <%- unless php_additional_options.to_s == 'absent' then -%>
- <%- php_additional_options.each do |php_additional_option| -%>
- <%= php_additional_option %>
- <%- end -%>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php/Debian.erb b/templates/vhosts/php/Debian.erb
deleted file mode 100644
index 1f24fec..0000000
--- a/templates/vhosts/php/Debian.erb
+++ /dev/null
@@ -1,164 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' || php_use_pear.to_s == 'true' -%>/usr/share/php:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- <%- unless php_additional_options.to_s == 'absent' then -%>
- <%- php_additional_options.each do |php_additional_option| -%>
- <%= php_additional_option %>
- <%- end -%>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' || php_use_pear.to_s == 'true' -%>/usr/share/php:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %><% unless php_additional_open_basedirs.to_s == 'absent' %><%- php_additional_open_basedirs.each do |php_additional_open_basedir| -%>:<%= php_additional_open_basedir %><%- end -%><%- end %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- <%- unless php_additional_options.to_s == 'absent' then -%>
- <%- php_additional_options.each do |php_additional_option| -%>
- <%= php_additional_option %>
- <%- end -%>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php/partial.erb b/templates/vhosts/php/partial.erb
new file mode 100644
index 0000000..f8e5c53
--- /dev/null
+++ b/templates/vhosts/php/partial.erb
@@ -0,0 +1,7 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
diff --git a/templates/vhosts/php_drupal/CentOS.erb b/templates/vhosts/php_drupal/CentOS.erb
deleted file mode 120000
index 5e933a5..0000000
--- a/templates/vhosts/php_drupal/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_drupal.erb \ No newline at end of file
diff --git a/templates/vhosts/php_drupal/Debian.erb b/templates/vhosts/php_drupal/Debian.erb
deleted file mode 120000
index 5e933a5..0000000
--- a/templates/vhosts/php_drupal/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_drupal.erb \ No newline at end of file
diff --git a/templates/vhosts/php_drupal/partial.erb b/templates/vhosts/php_drupal/partial.erb
new file mode 100644
index 0000000..3c420b1
--- /dev/null
+++ b/templates/vhosts/php_drupal/partial.erb
@@ -0,0 +1,26 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+ # Protect files and directories from prying eyes.
+ <FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">
+ Order allow,deny
+ </FilesMatch>
+
+ # Customized error messages.
+ ErrorDocument 404 /index.php
+
+ RewriteEngine on
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_FILENAME} !-d
+ RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
+ </Directory>
+ <Directory "<%= documentroot %>/files/">
+ SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
+ Options None
+ Options +FollowSymLinks
+ </Directory>
diff --git a/templates/vhosts/php_drupal/php_drupal.erb b/templates/vhosts/php_drupal/php_drupal.erb
deleted file mode 100644
index 0367a53..0000000
--- a/templates/vhosts/php_drupal/php_drupal.erb
+++ /dev/null
@@ -1,198 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
-
- php_value magic_quotes_gpc 0
- php_value register_globals 0
- php_value session.auto_start 0
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_value mbstring.encoding_translation 0
-
- # Protect files and directories from prying eyes.
- <FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">
- Order allow,deny
- </FilesMatch>
-
- # Customized error messages.
- ErrorDocument 404 /index.php
-
- RewriteEngine on
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
- </Directory>
- <Directory "<%= documentroot %>/files/">
- SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
- Options None
- Options +FollowSymLinks
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
-
- php_value magic_quotes_gpc 0
- php_value register_globals 0
- php_value session.auto_start 0
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_value mbstring.encoding_translation 0
-
- # Protect files and directories from prying eyes.
- <FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$">
- Order allow,deny
- </FilesMatch>
-
- # Customized error messages.
- ErrorDocument 404 /index.php
-
- RewriteEngine on
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
- </Directory>
- <Directory "<%= documentroot %>/files/">
- SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
- Options None
- Options +FollowSymLinks
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_gallery2/CentOS.erb b/templates/vhosts/php_gallery2/CentOS.erb
deleted file mode 120000
index 99be70b..0000000
--- a/templates/vhosts/php_gallery2/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_gallery.erb \ No newline at end of file
diff --git a/templates/vhosts/php_gallery2/Debian.erb b/templates/vhosts/php_gallery2/Debian.erb
deleted file mode 120000
index 99be70b..0000000
--- a/templates/vhosts/php_gallery2/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_gallery.erb \ No newline at end of file
diff --git a/templates/vhosts/php_gallery2/partial.erb b/templates/vhosts/php_gallery2/partial.erb
new file mode 100644
index 0000000..448f720
--- /dev/null
+++ b/templates/vhosts/php_gallery2/partial.erb
@@ -0,0 +1,16 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+
+<% if vhost_part != :ssl -%>
+ # Always rewrite login's
+ # Source: http://gallery.menalto.com/node/30558
+ RewriteEngine On
+ RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR]
+ RewriteCond %{QUERY_STRING} subView=core\.UserLogin
+ RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L]
+<% end -%>
+ </Directory>
diff --git a/templates/vhosts/php_gallery2/php_gallery.erb b/templates/vhosts/php_gallery2/php_gallery.erb
deleted file mode 100644
index 522b53c..0000000
--- a/templates/vhosts/php_gallery2/php_gallery.erb
+++ /dev/null
@@ -1,166 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- php_admin_flag safe_mode Off
- php_admin_value output_buffering Off
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- # Always rewrite login's
- # Source: http://gallery.menalto.com/node/30558
- RewriteEngine On
- RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR]
- RewriteCond %{QUERY_STRING} subView=core\.UserLogin
- RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L]
- # https -> see below
- # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS):
- # $gallery->setConfig('baseUri', '');
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- php_admin_flag safe_mode Off
- php_admin_value output_buffering Off
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- # turn allow_url_fopen on for the extension manager fetch
- php_admin_value allow_url_fopen On
-
- # Always rewrite login's (see above)
- RewriteEngine On
- RewriteCond %{HTTP_COOKIE} =""
- RewriteCond %{REQUEST_METHOD} =GET
- RewriteCond %{QUERY_STRING} !subView=core\.UserLogin
- RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L]
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- SecAuditEngine On
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_joomla/CentOS.erb b/templates/vhosts/php_joomla/CentOS.erb
deleted file mode 120000
index 307fc29..0000000
--- a/templates/vhosts/php_joomla/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_joomla.erb \ No newline at end of file
diff --git a/templates/vhosts/php_joomla/Debian.erb b/templates/vhosts/php_joomla/Debian.erb
deleted file mode 120000
index 307fc29..0000000
--- a/templates/vhosts/php_joomla/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_joomla.erb \ No newline at end of file
diff --git a/templates/vhosts/php_joomla/partial.erb b/templates/vhosts/php_joomla/partial.erb
new file mode 100644
index 0000000..3046129
--- /dev/null
+++ b/templates/vhosts/php_joomla/partial.erb
@@ -0,0 +1,32 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+
+ Include include.d/joomla.inc
+ </Directory>
+
+ <Directory "<%= documentroot %>/administrator/">
+ RewriteEngine on
+
+ # Rewrite URLs to https that go for the admin area
+ RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
+ RewriteCond %{HTTPS} !=on
+ RewriteCond %{REQUEST_URI} (.*/administrator/.*)
+ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
+ </Directory>
+
+ # Deny various directories that
+ # shouldn't be webaccessible
+ <Directory "<%= documentroot %>/tmp/">
+ Deny From All
+ </Directory>
+ <Directory "<%= documentroot %>/logs/">
+ Deny From All
+ </Directory>
+ <Directory "<%= documentroot %>/cli/">
+ Deny From All
+ </Directory>
+
diff --git a/templates/vhosts/php_joomla/php_joomla.erb b/templates/vhosts/php_joomla/php_joomla.erb
deleted file mode 100644
index 18caff8..0000000
--- a/templates/vhosts/php_joomla/php_joomla.erb
+++ /dev/null
@@ -1,190 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- Include include.d/joomla.inc
-
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <Directory "<%= documentroot %>/administrator/">
- RewriteEngine on
-
- # Rewrite URLs to https that go for the admin area
- RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
- RewriteCond %{HTTPS} !=on
- RewriteCond %{REQUEST_URI} (.*/administrator/.*)
- RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- # Exceptions for Joomla Root Directory
- <LocationMatch '^/'>
- SecRuleRemoveById 950013
- </LocationMatch>
-
- # Exceptions for Joomla Administration Panel
- SecRule REQUEST_FILENAME "/administrator/index2.php" \
- "allow,phase:1,nolog,ctl:ruleEngine=Off"
-
- # Exceptions for Joomla Component Expose
- <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'>
- SecRuleRemoveById 960010
- </LocationMatch>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- Include include.d/joomla.inc
-
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- # Exceptions for Joomla Root Directory
- <LocationMatch '^/'>
- SecRuleRemoveById 950013
- </LocationMatch>
-
- # Exceptions for Joomla Administration Panel
- SecRule REQUEST_FILENAME "/administrator/index2.php" \
- "allow,phase:1,nolog,ctl:ruleEngine=Off"
-
- # Exceptions for Joomla Component Expose
- <LocationMatch '^/components/com_expose/expose/manager/amfphp/gateway.php'>
- SecRuleRemoveById 960010
- </LocationMatch>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_mediawiki/CentOS.erb b/templates/vhosts/php_mediawiki/CentOS.erb
deleted file mode 120000
index 8080262..0000000
--- a/templates/vhosts/php_mediawiki/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_mediawiki.erb \ No newline at end of file
diff --git a/templates/vhosts/php_mediawiki/Debian.erb b/templates/vhosts/php_mediawiki/Debian.erb
deleted file mode 120000
index 8080262..0000000
--- a/templates/vhosts/php_mediawiki/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_mediawiki.erb \ No newline at end of file
diff --git a/templates/vhosts/php_mediawiki/partial.erb b/templates/vhosts/php_mediawiki/partial.erb
new file mode 100644
index 0000000..cf30f5f
--- /dev/null
+++ b/templates/vhosts/php_mediawiki/partial.erb
@@ -0,0 +1,16 @@
+<% if run_mode == 'fcgid' -%>
+ RewriteEngine On
+ RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
+ RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d
+ RewriteRule ^/?index.php/(.*)$ /index.php?title=$1 [PT,L,QSA]
+<% end -%>
+<%= scope.function_template(['apache/vhosts/php/partial.erb']) %>
+ <Directory "<%= documentroot %>/typo3/">
+ RewriteEngine on
+
+ # Rewrite URLs to https that go for the admin area
+ RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
+ RewriteCond %{HTTPS} !=on
+ RewriteCond %{REQUEST_URI} (.*/typo3/.*)
+ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
+ </Directory>
diff --git a/templates/vhosts/php_mediawiki/php_mediawiki.erb b/templates/vhosts/php_mediawiki/php_mediawiki.erb
deleted file mode 100644
index cabe0c5..0000000
--- a/templates/vhosts/php_mediawiki/php_mediawiki.erb
+++ /dev/null
@@ -1,136 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%><%- unless options.to_s.include?('+FollowSymLinks') -%> +FollowSymLinks<% end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- php_admin_value safe_mode off
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir /var/www/mediawiki/:<%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- SecAuditEngine On
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- php_admin_value safe_mode off
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir /var/www/mediawiki/:<%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- SecAuditEngine On
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_silverstripe/CentOS.erb b/templates/vhosts/php_silverstripe/CentOS.erb
deleted file mode 120000
index 9ac244f..0000000
--- a/templates/vhosts/php_silverstripe/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_silverstripe.erb \ No newline at end of file
diff --git a/templates/vhosts/php_silverstripe/Debian.erb b/templates/vhosts/php_silverstripe/Debian.erb
deleted file mode 120000
index 9ac244f..0000000
--- a/templates/vhosts/php_silverstripe/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_silverstripe.erb \ No newline at end of file
diff --git a/templates/vhosts/php_silverstripe/partial.erb b/templates/vhosts/php_silverstripe/partial.erb
new file mode 100644
index 0000000..89a6052
--- /dev/null
+++ b/templates/vhosts/php_silverstripe/partial.erb
@@ -0,0 +1,16 @@
+<% if vhost_part != :ssl && ![false,'false'].include?(ssl_mode) -%>
+ # silverstripe
+ RedirectMatch /admin(.*) https://<%= servername %>/admin$1
+ RedirectMatch /Security(.*) https://<%= servername %>/Security$1
+
+<% end -%>
+ <Directory "<%= documentroot %>/">
+
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+
+ Include include.d/silverstripe.inc
+ </Directory>
diff --git a/templates/vhosts/php_silverstripe/php_silverstripe.erb b/templates/vhosts/php_silverstripe/php_silverstripe.erb
deleted file mode 100644
index 671fc5c..0000000
--- a/templates/vhosts/php_silverstripe/php_silverstripe.erb
+++ /dev/null
@@ -1,191 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- # silverstripe
- RedirectMatch /admin(.*) https://<%= servername %>/admin$1
- RedirectMatch /Security(.*) https://<%= servername %>/Security$1
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
-
- # silverstripe .htaccess
- <Files *.ss>
- Order deny,allow
- Deny from all
- #Allow from 127.0.0.1
- </Files>
- <IfModule mod_rewrite.c>
- RewriteEngine On
- #RewriteBase /
-
- RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
-
- RewriteCond %{REQUEST_URI} ^(.*)$
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
- </IfModule>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- # turn allow_url_fopen on for the extension manager fetch
- php_admin_value allow_url_fopen On
-
- # silverstripe .htaccess
- <Files *.ss>
- Order deny,allow
- Deny from all
- #Allow from 127.0.0.1
- </Files>
- <IfModule mod_rewrite.c>
- RewriteEngine On
- #RewriteBase /
-
- RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
-
- RewriteCond %{REQUEST_URI} ^(.*)$
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
- </IfModule>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_simplemachine/CentOS.erb b/templates/vhosts/php_simplemachine/CentOS.erb
deleted file mode 120000
index de3c614..0000000
--- a/templates/vhosts/php_simplemachine/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_simplemachine.erb \ No newline at end of file
diff --git a/templates/vhosts/php_simplemachine/Debian.erb b/templates/vhosts/php_simplemachine/Debian.erb
deleted file mode 120000
index de3c614..0000000
--- a/templates/vhosts/php_simplemachine/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_simplemachine.erb \ No newline at end of file
diff --git a/templates/vhosts/php_simplemachine/php_simplemachine.erb b/templates/vhosts/php_simplemachine/php_simplemachine.erb
deleted file mode 100644
index ddb59ed..0000000
--- a/templates/vhosts/php_simplemachine/php_simplemachine.erb
+++ /dev/null
@@ -1,142 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_spip/CentOS.erb b/templates/vhosts/php_spip/CentOS.erb
deleted file mode 120000
index 1ca4aec..0000000
--- a/templates/vhosts/php_spip/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_spip.erb \ No newline at end of file
diff --git a/templates/vhosts/php_spip/Debian.erb b/templates/vhosts/php_spip/Debian.erb
deleted file mode 120000
index 1ca4aec..0000000
--- a/templates/vhosts/php_spip/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_spip.erb \ No newline at end of file
diff --git a/templates/vhosts/php_spip/php_spip.erb b/templates/vhosts/php_spip/php_spip.erb
deleted file mode 100644
index 4a6c829..0000000
--- a/templates/vhosts/php_spip/php_spip.erb
+++ /dev/null
@@ -1,154 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- if php_safe_mode.to_s == 'false' -%>
- php_admin_flag safe_mode Off
- <%- end -%>
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%- if php_use_smarty.to_s == 'true' -%>/usr/share/php/Smarty/:<%- end -%><%- if php_use_pear.to_s == 'true' -%>/usr/share/pear/:<%- end -%><%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_typo3/CentOS.erb b/templates/vhosts/php_typo3/CentOS.erb
deleted file mode 120000
index 398f400..0000000
--- a/templates/vhosts/php_typo3/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_typo3.erb \ No newline at end of file
diff --git a/templates/vhosts/php_typo3/Debian.erb b/templates/vhosts/php_typo3/Debian.erb
deleted file mode 120000
index 398f400..0000000
--- a/templates/vhosts/php_typo3/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_typo3.erb \ No newline at end of file
diff --git a/templates/vhosts/php_typo3/partial.erb b/templates/vhosts/php_typo3/partial.erb
new file mode 100644
index 0000000..5c06570
--- /dev/null
+++ b/templates/vhosts/php_typo3/partial.erb
@@ -0,0 +1,10 @@
+<%= scope.function_template(['apache/vhosts/php/partial.erb']) %>
+ <Directory "<%= documentroot %>/typo3/">
+ RewriteEngine on
+
+ # Rewrite URLs to https that go for the admin area
+ RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
+ RewriteCond %{HTTPS} !=on
+ RewriteCond %{REQUEST_URI} (.*/typo3/.*)
+ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
+ </Directory>
diff --git a/templates/vhosts/php_typo3/php_typo3.erb b/templates/vhosts/php_typo3/php_typo3.erb
deleted file mode 100644
index fbdde07..0000000
--- a/templates/vhosts/php_typo3/php_typo3.erb
+++ /dev/null
@@ -1,171 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <Directory "<%= documentroot %>/typo3/">
- RewriteEngine on
-
- # Rewrite URLs to https that go for the admin area
- RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
- RewriteCond %{HTTPS} !=on
- RewriteCond %{REQUEST_URI} (.*/typo3/.*)
- RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
- </Directory>
-
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- # turn allow_url_fopen on for the extension manager fetch
- php_admin_value allow_url_fopen On
- </Directory>
-
- <Location "/typo3">
- <IfModule mod_security2.c>
- SecRuleEngine Off
- </IfModule>
- </Location>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/php_wordpress/CentOS.erb b/templates/vhosts/php_wordpress/CentOS.erb
deleted file mode 120000
index 36dc938..0000000
--- a/templates/vhosts/php_wordpress/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_wordpress.erb \ No newline at end of file
diff --git a/templates/vhosts/php_wordpress/Debian.erb b/templates/vhosts/php_wordpress/Debian.erb
deleted file mode 120000
index 36dc938..0000000
--- a/templates/vhosts/php_wordpress/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-php_wordpress.erb \ No newline at end of file
diff --git a/templates/vhosts/php_wordpress/partial.erb b/templates/vhosts/php_wordpress/partial.erb
new file mode 100644
index 0000000..972ab99
--- /dev/null
+++ b/templates/vhosts/php_wordpress/partial.erb
@@ -0,0 +1,6 @@
+<%= scope.function_template(['apache/vhosts/php/partial.erb']) %>
+
+# fixes: http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh
+<Directory "<%= documentroot %>/wp-content/w3tc/dbcache">
+ Deny From All
+</Directory>
diff --git a/templates/vhosts/php_wordpress/php_wordpress.erb b/templates/vhosts/php_wordpress/php_wordpress.erb
deleted file mode 100644
index 72f4907..0000000
--- a/templates/vhosts/php_wordpress/php_wordpress.erb
+++ /dev/null
@@ -1,146 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- SecAuditEngine On
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- SecRuleRemoveById "950018"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- php_admin_flag engine on
- <%- unless php_default_charset.to_s == 'absent' then -%>
- php_admin_value default_charset <%= php_default_charset %>
- <%- end -%>
- php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
- php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
- php_admin_value session.save_path <%= real_php_session_save_path %>
- <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
- php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- SecAuditEngine On
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- SecRuleRemoveById "960010"
- SecRuleRemoveById "950018"
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/proxy/partial.erb b/templates/vhosts/proxy/partial.erb
new file mode 100644
index 0000000..bbf3c64
--- /dev/null
+++ b/templates/vhosts/proxy/partial.erb
@@ -0,0 +1,8 @@
+ <Proxy *>
+ Order deny,allow
+ Allow from all
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Proxy>
+ ProxyRequests Off
+ ProxyPass / <%= options %>/
+ ProxyPassReverse / <%= options %>/
diff --git a/templates/vhosts/redirect/CentOS.erb b/templates/vhosts/redirect/CentOS.erb
deleted file mode 120000
index 12a8583..0000000
--- a/templates/vhosts/redirect/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-redirect.erb \ No newline at end of file
diff --git a/templates/vhosts/redirect/Debian.erb b/templates/vhosts/redirect/Debian.erb
deleted file mode 120000
index 12a8583..0000000
--- a/templates/vhosts/redirect/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-redirect.erb \ No newline at end of file
diff --git a/templates/vhosts/redirect/OpenBSD.erb b/templates/vhosts/redirect/OpenBSD.erb
deleted file mode 120000
index 12a8583..0000000
--- a/templates/vhosts/redirect/OpenBSD.erb
+++ /dev/null
@@ -1 +0,0 @@
-redirect.erb \ No newline at end of file
diff --git a/templates/vhosts/redirect/partial.erb b/templates/vhosts/redirect/partial.erb
new file mode 100644
index 0000000..3b7af7a
--- /dev/null
+++ b/templates/vhosts/redirect/partial.erb
@@ -0,0 +1 @@
+ Redirect permanent / https://<%= options %>
diff --git a/templates/vhosts/redirect/redirect.erb b/templates/vhosts/redirect/redirect.erb
deleted file mode 100644
index 4fdd8c2..0000000
--- a/templates/vhosts/redirect/redirect.erb
+++ /dev/null
@@ -1,41 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
-
- ErrorLog logs/redirect_<%= servername %>_error.log
- CustomLog logs/redirect_<%= servername %>_access.log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <% else -%>
- Redirect permanent / http://<%= options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
-
- ErrorLog logs/redirect_<%= servername %>_error.log
- CustomLog logs/redirect_<%= servername %>_access.log combined
-
- Redirect permanent / https://<%= options %>
-
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/static/CentOS.erb b/templates/vhosts/static/CentOS.erb
deleted file mode 120000
index f10517f..0000000
--- a/templates/vhosts/static/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-static.erb \ No newline at end of file
diff --git a/templates/vhosts/static/Debian.erb b/templates/vhosts/static/Debian.erb
deleted file mode 120000
index f10517f..0000000
--- a/templates/vhosts/static/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-static.erb \ No newline at end of file
diff --git a/templates/vhosts/static/OpenBSD.erb b/templates/vhosts/static/OpenBSD.erb
deleted file mode 120000
index f10517f..0000000
--- a/templates/vhosts/static/OpenBSD.erb
+++ /dev/null
@@ -1 +0,0 @@
-static.erb \ No newline at end of file
diff --git a/templates/vhosts/static/partial.erb b/templates/vhosts/static/partial.erb
new file mode 100644
index 0000000..f2cc46b
--- /dev/null
+++ b/templates/vhosts/static/partial.erb
@@ -0,0 +1,5 @@
+ <Directory "<%= documentroot %>/">
+<%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %>
+
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ </Directory>
diff --git a/templates/vhosts/static/static.erb b/templates/vhosts/static/static.erb
deleted file mode 100644
index 05354d6..0000000
--- a/templates/vhosts/static/static.erb
+++ /dev/null
@@ -1,120 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
-
- <%- if not ssl_mode.to_s == 'force' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
-
- <%- if options.to_s != 'absent' or htpasswd_file.to_s != 'absent' then -%>
- <Directory "<%= documentroot %>/">
- AllowOverride <%= allow_override %>
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%= options %><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- </Directory>
- <%- end %>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
diff --git a/templates/vhosts/webdav/CentOS.erb b/templates/vhosts/webdav/CentOS.erb
deleted file mode 120000
index 872843a..0000000
--- a/templates/vhosts/webdav/CentOS.erb
+++ /dev/null
@@ -1 +0,0 @@
-webdav.erb \ No newline at end of file
diff --git a/templates/vhosts/webdav/Debian.erb b/templates/vhosts/webdav/Debian.erb
deleted file mode 120000
index 872843a..0000000
--- a/templates/vhosts/webdav/Debian.erb
+++ /dev/null
@@ -1 +0,0 @@
-webdav.erb \ No newline at end of file
diff --git a/templates/vhosts/webdav/partial.erb b/templates/vhosts/webdav/partial.erb
new file mode 100644
index 0000000..d89da50
--- /dev/null
+++ b/templates/vhosts/webdav/partial.erb
@@ -0,0 +1,21 @@
+ DAVLockDB <%= real_dav_db_dir %>/DAVLock
+ <Directory "<%= documentroot %>/">
+ Dav on
+ AllowOverride None
+ <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
+ Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- unless options.include?('Indexes') then -%> Indexes<%- end -%>
+
+ <%- else -%>
+ Options Indexes
+
+ <%- end -%>
+<%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %>
+ <%- if ldap_auth.to_s == 'true' then -%>
+ Include include.d/ldap_auth.inc
+ <%- unless ldap_user.to_s == 'any' -%>
+ Require ldap-user <%= ldap_user.to_s %>
+ <%- else -%>
+ Require valid-user
+ <%- end -%>
+ <%- end -%>
+ </Directory>
diff --git a/templates/vhosts/webdav/webdav.erb b/templates/vhosts/webdav/webdav.erb
deleted file mode 100644
index e24cb31..0000000
--- a/templates/vhosts/webdav/webdav.erb
+++ /dev/null
@@ -1,157 +0,0 @@
-# <%= servername %>
-<%- unless ssl_mode.to_s == 'only' then -%>
-<VirtualHost *:80>
- Include include.d/defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if ssl_mode.to_s == 'force' then -%>
- Redirect permanent / https://<%= servername %>/
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if not ssl_mode.to_s == 'force' then -%>
- DAVLockDB <%= real_dav_db_dir %>/DAVLock
- <Directory "<%= documentroot %>/">
- Dav on
- AllowOverride None
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- unless options.include?('Indexes') then -%> Indexes<%- end -%>
-
- <%- else -%>
- Options Indexes
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- <%- if ldap_auth.to_s == 'true' then -%>
- Include include.d/ldap_auth.inc
- <%- unless ldap_user.to_s == 'any' -%>
- Require ldap-user <%= ldap_user.to_s %>
- <%- else -%>
- Require valid-user
- <%- end -%>
- <%- end -%>
- </Directory>
- <%- end -%>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>
-
-<%- unless ssl_mode.to_s == 'false' then -%>
-<VirtualHost *:443>
- Include include.d/defaults.inc
- Include include.d/ssl_defaults.inc
-
- ServerName <%= servername %>
- <%- unless serveralias.to_s.empty? then -%>
- ServerAlias <%= serveralias %>
- <%- end -%>
- <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
- ServerAdmin <%= server_admin %>
- <%- end -%>
- DocumentRoot <%= documentroot %>/
-
- ErrorLog <%= logdir %>/error_log
- CustomLog <%= logdir %>/access_log combined
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- <%- if run_mode.to_s == 'itk' -%>
- <IfModule mpm_itk_module>
- AssignUserId <%= run_uid+" "+run_gid %>
- </IfModule>
- <%- end -%>
- <%- if default_charset.to_s != 'absent' then -%>
- AddDefaultCharset <%= default_charset %>
- <%- end -%>
- DAVLockDB <%= real_dav_db_dir %>/DAVLock
- <Directory "<%= documentroot %>/">
- Dav on
- AllowOverride None
- <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
- Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- unless options.include?('Indexes') then -%> Indexes<%- end -%>
-
- <%- else -%>
- Options Indexes
-
- <%- end -%>
- <%- unless htpasswd_file.to_s == 'absent' then -%>
- AuthType Basic
- AuthName "Access fuer <%= servername %>"
- AuthUserFile <%= real_htpasswd_path %>
- require valid-user
- <%- end -%>
- <%- if ldap_auth.to_s == 'true' then -%>
- Include include.d/ldap_auth.inc
- <%- unless ldap_user.to_s == 'any' -%>
- Require ldap-user <%= ldap_user.to_s %>
- <%- else -%>
- Require valid-user
- <%- end -%>
- <%- end -%>
- </Directory>
-
- <IfModule mod_security2.c>
- <%- if mod_security.to_s == 'true' then -%>
- SecRuleEngine On
- <%- if mod_security_relevantonly.to_s == 'true' then -%>
- SecAuditEngine RelevantOnly
- <%- else -%>
- SecAuditEngine On
- <%- end -%>
- <%- else -%>
- SecRuleEngine Off
- SecAuditEngine Off
- <%- end -%>
- SecAuditLogType Concurrent
- SecAuditLogStorageDir <%= logdir %>/
- SecAuditLog <%= logdir %>/mod_security_audit.log
- SecDebugLog <%= logdir %>/mod_security_debug.log
- </IfModule>
-
- <%- unless additional_options.to_s == 'absent' then -%>
- <%= additional_options %>
- <%- end -%>
-</VirtualHost>
-<%- end -%>