diff options
Diffstat (limited to 'templates/vhosts')
-rw-r--r-- | templates/vhosts/gitweb/partial.erb | 24 | ||||
-rw-r--r-- | templates/vhosts/itk_plus/partial.erb | 26 | ||||
-rw-r--r-- | templates/vhosts/partials/authentication.erb | 8 | ||||
-rw-r--r-- | templates/vhosts/partials/std_override_options.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/passenger/partial.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/perl/partial.erb | 22 | ||||
-rw-r--r-- | templates/vhosts/php/partial.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/php_drupal/partial.erb | 35 | ||||
-rw-r--r-- | templates/vhosts/php_gallery2/partial.erb | 16 | ||||
-rw-r--r-- | templates/vhosts/php_joomla/partial.erb | 44 | ||||
-rw-r--r-- | templates/vhosts/php_silverstripe/partial.erb | 18 | ||||
-rw-r--r-- | templates/vhosts/php_typo3/partial.erb | 14 | ||||
-rw-r--r-- | templates/vhosts/php_wordpress/partial.erb | 8 | ||||
-rw-r--r-- | templates/vhosts/proxy/partial.erb | 14 | ||||
-rw-r--r-- | templates/vhosts/redirect/partial.erb | 2 | ||||
-rw-r--r-- | templates/vhosts/static/partial.erb | 4 | ||||
-rw-r--r-- | templates/vhosts/webdav/partial.erb | 36 |
17 files changed, 141 insertions, 142 deletions
diff --git a/templates/vhosts/gitweb/partial.erb b/templates/vhosts/gitweb/partial.erb index c04f1c3..35c574e 100644 --- a/templates/vhosts/gitweb/partial.erb +++ b/templates/vhosts/gitweb/partial.erb @@ -1,17 +1,17 @@ - SetEnv GITWEB_CONFIG <%= gitweb_config %> - DirectoryIndex gitweb.cgi - <Directory "<%= documentroot %>/"> + SetEnv GITWEB_CONFIG <%= gitweb_config %> + DirectoryIndex gitweb.cgi + <Directory "<%= documentroot %>/"> <% if options.to_s != 'absent' || do_includes.to_s == 'true'-%> - Options <% unless options.to_s == 'absent' -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% unless options.include?('+ExecCGI') -%> +ExecCGI<% end -%> + Options <% unless options.to_s == 'absent' -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% unless options.include?('+ExecCGI') -%> +ExecCGI<% end -%> <% end -%> - AddHandler cgi-script .cgi - <Files gitweb.cgi> - Options ExecCGI FollowSymLinks - SetHandler cgi-script - </Files> - RewriteEngine on - RewriteRule ^[a-zA-Z0-9_-]+.git/?(\?.)?$ /gitweb.cgi%{REQUESTURI} [L,PT] + AddHandler cgi-script .cgi + <Files gitweb.cgi> + Options ExecCGI FollowSymLinks + SetHandler cgi-script + </Files> + RewriteEngine on + RewriteRule ^[a-zA-Z0-9_-]+.git/?(\?.)?$ /gitweb.cgi%{REQUESTURI} [L,PT] <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Directory> + </Directory> diff --git a/templates/vhosts/itk_plus/partial.erb b/templates/vhosts/itk_plus/partial.erb index 9c5a1ac..39aa6c8 100644 --- a/templates/vhosts/itk_plus/partial.erb +++ b/templates/vhosts/itk_plus/partial.erb @@ -1,32 +1,32 @@ - ProxyPreserveHost On - ProxyRequests off + ProxyPreserveHost On + ProxyRequests off <% if vhost_part == :ssl -%> - SSLProxyEngine On + SSLProxyEngine On <% if run_mode.to_s == 'static-itk' -%> - ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ https://127.0.0.1/$1 + ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ https://127.0.0.1/$1 <% else -%> - ProxyPass / https://127.0.0.1/ + ProxyPass / https://127.0.0.1/ <% end -%> - ProxyPassReverse / https://127.0.0.1/ + ProxyPassReverse / https://127.0.0.1/ <% else -%> <% if run_mode.to_s == 'static-itk' -%> - ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ http://127.0.0.1/$1 + ProxyPassMatch ^/(.*\.<%= passing_extension %>/?.*)$ http://127.0.0.1/$1 <% else -%> - ProxyPass / http://127.0.0.1/ + ProxyPass / http://127.0.0.1/ <% end -%> - ProxyPassReverse / http://127.0.0.1/ + ProxyPassReverse / http://127.0.0.1/ <% end -%> <% if run_mode.to_s == 'static-itk' && (ssl_mode.to_s != 'force' || vhost_part == :ssl) -%> - <Directory "<%= documentroot %>/"> - AllowOverride <%= allow_override %> + <Directory "<%= documentroot %>/"> + AllowOverride <%= allow_override %> <% if options.to_s != 'absent' or do_includes.to_s == 'true' -%> - Options <% unless options.to_s == 'absent' -%><%= options %><% end -%><% if do_includes.to_s == 'true' and not options.include?('+Includes') -%> +Includes<% end -%> + Options <% unless options.to_s == 'absent' -%><%= options %><% end -%><% if do_includes.to_s == 'true' and not options.include?('+Includes') -%> +Includes<% end -%> <% end -%> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Directory> + </Directory> <% end -%> diff --git a/templates/vhosts/partials/authentication.erb b/templates/vhosts/partials/authentication.erb index a6ebf3e..76f7870 100644 --- a/templates/vhosts/partials/authentication.erb +++ b/templates/vhosts/partials/authentication.erb @@ -1,6 +1,6 @@ <% unless htpasswd_file.to_s == 'absent' -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user <% end -%> diff --git a/templates/vhosts/partials/std_override_options.erb b/templates/vhosts/partials/std_override_options.erb index a69250d..f35354d 100644 --- a/templates/vhosts/partials/std_override_options.erb +++ b/templates/vhosts/partials/std_override_options.erb @@ -1,4 +1,4 @@ - AllowOverride <%= allow_override %> + AllowOverride <%= allow_override %> <% if options.to_s != 'absent' || do_includes.to_s == 'true' || run_mode == 'fcgid' -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% if run_mode == 'fcgid' && !options.include?('+ExecCGI') -%> +ExecCGI<% end -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><% end -%><% if do_includes.to_s == 'true' && !options.include?('+Includes') -%> +Includes<% end -%><% if run_mode == 'fcgid' && !options.include?('+ExecCGI') -%> +ExecCGI<% end -%> <% end -%> diff --git a/templates/vhosts/passenger/partial.erb b/templates/vhosts/passenger/partial.erb index 490649e..2f4a068 100644 --- a/templates/vhosts/passenger/partial.erb +++ b/templates/vhosts/passenger/partial.erb @@ -1,7 +1,7 @@ SetEnv GEM_HOME <%= gempath %> <Directory <%= documentroot %>/> - AllowOverride <%= allow_override %> - Options <%- unless options.to_s == 'absent' -%><%= options %><%- end -%><%- unless !options.to_s.include?('MultiViews') -%>-MultiViews<%- end -%> + AllowOverride <%= allow_override %> + Options <%- unless options.to_s == 'absent' -%><%= options %><%- end -%><%- unless !options.to_s.include?('MultiViews') -%>-MultiViews<%- end -%> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> </Directory> diff --git a/templates/vhosts/perl/partial.erb b/templates/vhosts/perl/partial.erb index a8c30c3..888c268 100644 --- a/templates/vhosts/perl/partial.erb +++ b/templates/vhosts/perl/partial.erb @@ -1,15 +1,15 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Directory> + </Directory> - <% unless htpasswd_file.to_s == 'absent' -%> - <Directory "<%= cgi_binpath %>/"> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - </Directory> - <% end -%> - ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ +<% unless htpasswd_file.to_s == 'absent' -%> + <Directory "<%= cgi_binpath %>/"> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + </Directory> +<% end -%> + ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ diff --git a/templates/vhosts/php/partial.erb b/templates/vhosts/php/partial.erb index f8e5c53..1c75d48 100644 --- a/templates/vhosts/php/partial.erb +++ b/templates/vhosts/php/partial.erb @@ -1,7 +1,7 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> <%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Directory> + </Directory> diff --git a/templates/vhosts/php_drupal/partial.erb b/templates/vhosts/php_drupal/partial.erb index 10f1a30..959e9d1 100644 --- a/templates/vhosts/php_drupal/partial.erb +++ b/templates/vhosts/php_drupal/partial.erb @@ -1,26 +1,25 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> - <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> <%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %> - # Protect files and directories from prying eyes. - <FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$"> - Order allow,deny - </FilesMatch> + # Protect files and directories from prying eyes. + <FilesMatch "\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$"> + Order allow,deny + </FilesMatch> - # Customized error messages. - ErrorDocument 404 /index.php + # Customized error messages. + ErrorDocument 404 /index.php - RewriteEngine on - RewriteCond %{REQUEST_FILENAME} !-f - RewriteCond %{REQUEST_FILENAME} !-d - RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] - </Directory> - <Directory "<%= documentroot %>/files/"> - SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 - Options None - Options +FollowSymLinks - </Directory> + RewriteEngine on + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] + </Directory> + <Directory "<%= documentroot %>/files/"> + SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 + Options None + Options +FollowSymLinks + </Directory> diff --git a/templates/vhosts/php_gallery2/partial.erb b/templates/vhosts/php_gallery2/partial.erb index 448f720..26d33ee 100644 --- a/templates/vhosts/php_gallery2/partial.erb +++ b/templates/vhosts/php_gallery2/partial.erb @@ -1,4 +1,4 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> <%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %> @@ -6,11 +6,11 @@ <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> <% if vhost_part != :ssl -%> - # Always rewrite login's - # Source: http://gallery.menalto.com/node/30558 - RewriteEngine On - RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] - RewriteCond %{QUERY_STRING} subView=core\.UserLogin - RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # Always rewrite login's + # Source: http://gallery.menalto.com/node/30558 + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] + RewriteCond %{QUERY_STRING} subView=core\.UserLogin + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] <% end -%> - </Directory> + </Directory> diff --git a/templates/vhosts/php_joomla/partial.erb b/templates/vhosts/php_joomla/partial.erb index 89999e9..64e73a9 100644 --- a/templates/vhosts/php_joomla/partial.erb +++ b/templates/vhosts/php_joomla/partial.erb @@ -1,32 +1,32 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> <%= scope.function_template(['apache/vhosts/partials/php_settings.erb']) %> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - Include include.d/joomla.inc - </Directory> + Include include.d/joomla.inc + </Directory> - <Directory "<%= documentroot %>/administrator/"> - RewriteEngine on + <Directory "<%= documentroot %>/administrator/"> + RewriteEngine on - # Rewrite URLs to https that go for the admin area - RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$ - RewriteCond %{HTTPS} !=on - RewriteCond %{REQUEST_URI} (.*/administrator/.*) - RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R] - </Directory> + # Rewrite URLs to https that go for the admin area + RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$ + RewriteCond %{HTTPS} !=on + RewriteCond %{REQUEST_URI} (.*/administrator/.*) + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R] + </Directory> - # Deny various directories that - # shouldn't be webaccessible - <Directory "<%= documentroot %>/tmp/"> - Deny From All - </Directory> - <Directory "<%= documentroot %>/logs/"> - Deny From All - </Directory> - <Directory "<%= documentroot %>/cli/"> - Deny From All - </Directory> + # Deny various directories that + # shouldn't be webaccessible + <Directory "<%= documentroot %>/tmp/"> + Deny From All + </Directory> + <Directory "<%= documentroot %>/logs/"> + Deny From All + </Directory> + <Directory "<%= documentroot %>/cli/"> + Deny From All + </Directory> diff --git a/templates/vhosts/php_silverstripe/partial.erb b/templates/vhosts/php_silverstripe/partial.erb index 9ff32db..b57fd1e 100644 --- a/templates/vhosts/php_silverstripe/partial.erb +++ b/templates/vhosts/php_silverstripe/partial.erb @@ -1,11 +1,11 @@ - # silverstripe - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteCond %{HTTP:X-Forwarded-Proto} !=https - RewriteRule /admin(.*) https://<%= servername %>/admin$1 [L,R,NE] - RewriteRule /Security(.*) https://<%= servername %>/Security$1 [L,R,NE] + # silverstripe + RewriteEngine On + RewriteCond %{HTTPS} !=on + RewriteCond %{HTTP:X-Forwarded-Proto} !=https + RewriteRule /admin(.*) https://<%= servername %>/admin$1 [L,R,NE] + RewriteRule /Security(.*) https://<%= servername %>/Security$1 [L,R,NE] - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> @@ -13,5 +13,5 @@ <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - Include include.d/silverstripe.inc - </Directory> + Include include.d/silverstripe.inc + </Directory> diff --git a/templates/vhosts/php_typo3/partial.erb b/templates/vhosts/php_typo3/partial.erb index 117869f..89f2f60 100644 --- a/templates/vhosts/php_typo3/partial.erb +++ b/templates/vhosts/php_typo3/partial.erb @@ -1,9 +1,9 @@ <%= scope.function_template(['apache/vhosts/php/partial.erb']) %> - <Directory "<%= documentroot %>/typo3/"> - RewriteEngine on + <Directory "<%= documentroot %>/typo3/"> + RewriteEngine on - # Rewrite URLs to https that go for the admin area - RewriteCond %{HTTPS} !=on - RewriteCond %{REQUEST_URI} (.*/typo3/.*) - RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R] - </Directory> + # Rewrite URLs to https that go for the admin area + RewriteCond %{HTTPS} !=on + RewriteCond %{REQUEST_URI} (.*/typo3/.*) + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R] + </Directory> diff --git a/templates/vhosts/php_wordpress/partial.erb b/templates/vhosts/php_wordpress/partial.erb index 972ab99..00e1fcd 100644 --- a/templates/vhosts/php_wordpress/partial.erb +++ b/templates/vhosts/php_wordpress/partial.erb @@ -1,6 +1,6 @@ <%= scope.function_template(['apache/vhosts/php/partial.erb']) %> -# fixes: http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh -<Directory "<%= documentroot %>/wp-content/w3tc/dbcache"> - Deny From All -</Directory> + # fixes: http://git.zx2c4.com/w3-total-fail/tree/w3-total-fail.sh + <Directory "<%= documentroot %>/wp-content/w3tc/dbcache"> + Deny From All + </Directory> diff --git a/templates/vhosts/proxy/partial.erb b/templates/vhosts/proxy/partial.erb index bbf3c64..ec84dd4 100644 --- a/templates/vhosts/proxy/partial.erb +++ b/templates/vhosts/proxy/partial.erb @@ -1,8 +1,8 @@ - <Proxy *> - Order deny,allow - Allow from all + <Proxy *> + Order deny,allow + Allow from all <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Proxy> - ProxyRequests Off - ProxyPass / <%= options %>/ - ProxyPassReverse / <%= options %>/ + </Proxy> + ProxyRequests Off + ProxyPass / <%= options %>/ + ProxyPassReverse / <%= options %>/ diff --git a/templates/vhosts/redirect/partial.erb b/templates/vhosts/redirect/partial.erb index 3b7af7a..f6b76e6 100644 --- a/templates/vhosts/redirect/partial.erb +++ b/templates/vhosts/redirect/partial.erb @@ -1 +1 @@ - Redirect permanent / https://<%= options %> + Redirect permanent / https://<%= options %> diff --git a/templates/vhosts/static/partial.erb b/templates/vhosts/static/partial.erb index f2cc46b..3b40a96 100644 --- a/templates/vhosts/static/partial.erb +++ b/templates/vhosts/static/partial.erb @@ -1,5 +1,5 @@ - <Directory "<%= documentroot %>/"> + <Directory "<%= documentroot %>/"> <%= scope.function_template(['apache/vhosts/partials/std_override_options.erb']) %> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - </Directory> + </Directory> diff --git a/templates/vhosts/webdav/partial.erb b/templates/vhosts/webdav/partial.erb index d89da50..b97e128 100644 --- a/templates/vhosts/webdav/partial.erb +++ b/templates/vhosts/webdav/partial.erb @@ -1,21 +1,21 @@ - DAVLockDB <%= real_dav_db_dir %>/DAVLock - <Directory "<%= documentroot %>/"> - Dav on - AllowOverride None - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- unless options.include?('Indexes') then -%> Indexes<%- end -%> + DAVLockDB <%= real_dav_db_dir %>/DAVLock + <Directory "<%= documentroot %>/"> + Dav on + AllowOverride None +<% if options.to_s != 'absent' or do_includes.to_s == 'true' -%> + Options <%- unless options.to_s == 'absent' -%><%= options %><%- end -%><%- unless options.include?('Indexes') -%> Indexes<%- end -%> - <%- else -%> - Options Indexes +<% else -%> + Options Indexes - <%- end -%> +<% end -%> <%= scope.function_template(['apache/vhosts/partials/authentication.erb']) %> - <%- if ldap_auth.to_s == 'true' then -%> - Include include.d/ldap_auth.inc - <%- unless ldap_user.to_s == 'any' -%> - Require ldap-user <%= ldap_user.to_s %> - <%- else -%> - Require valid-user - <%- end -%> - <%- end -%> - </Directory> +<% if ldap_auth.to_s == 'true' then -%> + Include include.d/ldap_auth.inc +<% unless ldap_user.to_s == 'any' -%> + Require ldap-user <%= ldap_user.to_s %> +<% else -%> + Require valid-user +<% end + end -%> + </Directory> |