From 6a9fd8470b18c8b9b16f7b517004a09cbf9c9247 Mon Sep 17 00:00:00 2001 From: mh Date: Mon, 25 Oct 2010 23:02:09 +0200 Subject: unify naming --- templates/vhosts/php_gallery2/CentOS.erb | 2 +- templates/vhosts/php_gallery2/Debian.erb | 2 +- templates/vhosts/php_gallery2/php_gallery.erb | 400 ------------------------- templates/vhosts/php_gallery2/php_gallery2.erb | 400 +++++++++++++++++++++++++ 4 files changed, 402 insertions(+), 402 deletions(-) delete mode 100644 templates/vhosts/php_gallery2/php_gallery.erb create mode 100644 templates/vhosts/php_gallery2/php_gallery2.erb (limited to 'templates') diff --git a/templates/vhosts/php_gallery2/CentOS.erb b/templates/vhosts/php_gallery2/CentOS.erb index 99be70b..33f1633 120000 --- a/templates/vhosts/php_gallery2/CentOS.erb +++ b/templates/vhosts/php_gallery2/CentOS.erb @@ -1 +1 @@ -php_gallery.erb \ No newline at end of file +php_gallery2.erb \ No newline at end of file diff --git a/templates/vhosts/php_gallery2/Debian.erb b/templates/vhosts/php_gallery2/Debian.erb index 99be70b..33f1633 120000 --- a/templates/vhosts/php_gallery2/Debian.erb +++ b/templates/vhosts/php_gallery2/Debian.erb @@ -1 +1 @@ -php_gallery.erb \ No newline at end of file +php_gallery2.erb \ No newline at end of file diff --git a/templates/vhosts/php_gallery2/php_gallery.erb b/templates/vhosts/php_gallery2/php_gallery.erb deleted file mode 100644 index ee2275a..0000000 --- a/templates/vhosts/php_gallery2/php_gallery.erb +++ /dev/null @@ -1,400 +0,0 @@ -# <%= servername %> -<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> - -<%- end -%> -<%- unless ssl_mode.to_s == 'only' then -%> - - Include include.d/defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/access_log noip - <%- else -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- end -%> - - <%- if ssl_mode.to_s == 'force' then -%> - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] - - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - - <%- end -%> - <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> - - AssignUserId <%= run_uid+" "+run_gid %> - - - <%- end -%> - <%- if not ssl_mode.to_s == 'force' then -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - php_admin_flag safe_mode Off - php_admin_value output_buffering Off - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %><%= ":#{real_upload_dir.to_s}" if upload_dir.to_s != 'absent' %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - # Always rewrite login's - # Source: http://gallery.menalto.com/node/30558 - RewriteEngine On - RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] - RewriteCond %{QUERY_STRING} subView=core\.UserLogin - RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] - # https -> see below - # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS): - # $gallery->setConfig('baseUri', ''); - - <%- end -%> - - <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - <%- end -%> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> - -<%- unless ssl_mode.to_s == 'false' then -%> - - Include include.d/defaults.inc - Include include.d/ssl_defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/ - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/access_log noip - <%- else -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- end -%> - - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - - <%- end -%> - <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> - - AssignUserId <%= run_uid+" "+run_gid %> - - - <%- end -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - php_admin_flag engine on - php_admin_flag safe_mode Off - php_admin_value output_buffering Off - <%- unless php_default_charset.to_s == 'absent' then -%> - php_admin_value default_charset <%= php_default_charset %> - <%- end -%> - php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %><%= ":#{real_upload_dir.to_s}" if upload_dir.to_s != 'absent' %> - php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> - php_admin_value session.save_path <%= real_php_session_save_path %> - <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> - php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> - <%- end -%> - # turn allow_url_fopen on for the extension manager fetch - php_admin_value allow_url_fopen On - - # Always rewrite login's (see above) - RewriteEngine On - RewriteCond %{HTTP_COOKIE} ="" - RewriteCond %{REQUEST_METHOD} =GET - RewriteCond %{QUERY_STRING} !subView=core\.UserLogin - RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] - - - <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - SecAuditEngine On - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - <%- end -%> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> -<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> - - -<%- unless ssl_mode.to_s == 'only' then -%> - - Include include.d/defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - <%- if run_mode.to_s == 'static-itk' -%> - DocumentRoot <%= documentroot %>/ - DirectoryIndex index.htm index.html index.php - <%- end -%> - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip - <%- else -%> - ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined - <%- end -%> - - ProxyPreserveHost On - ProxyRequests off - <%- if run_mode.to_s == 'static-itk' -%> - ProxyPassMatch ^/(.*\.php/?.*)$ http://127.0.0.1/$1 - <%- else -%> - ProxyPass / http://127.0.0.1/ - <%- end -%> - ProxyPassReverse / http://127.0.0.1/ - - <%- if ssl_mode.to_s == 'force' then -%> - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] - - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - - <%- end -%> - <%- if run_mode.to_s == 'static-itk' then -%> - <%- if not ssl_mode.to_s == 'force' then -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - - # Always rewrite login's - # Source: http://gallery.menalto.com/node/30558 - RewriteEngine On - RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] - RewriteCond %{QUERY_STRING} subView=core\.UserLogin - RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] - # https -> see below - # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS): - # $gallery->setConfig('baseUri', ''); - - <%- end -%> - <%- end -%> - - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> - -<%- unless ssl_mode.to_s == 'false' then -%> - - Include include.d/defaults.inc - Include include.d/ssl_defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - <%- if run_mode.to_s == 'static-itk' -%> - DocumentRoot <%= documentroot %>/ - DirectoryIndex index.htm index.html index.php - <%- end -%> - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip - <%- else -%> - ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log - CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined - <%- end -%> - - ProxyPreserveHost On - ProxyRequests off - SSLProxyEngine On - <%- if run_mode.to_s == 'static-itk' -%> - ProxyPassMatch ^/(.*\.php/?.*)$ https://127.0.0.1/$1 - <%- else -%> - ProxyPass / https://127.0.0.1/ - <%- end -%> - ProxyPassReverse / https://127.0.0.1/ - - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - - <%- end -%> - <%- if run_mode.to_s == 'static-itk' -%> - /"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - # Always rewrite login's (see above) - RewriteEngine On - RewriteCond %{HTTP_COOKIE} ="" - RewriteCond %{REQUEST_METHOD} =GET - RewriteCond %{QUERY_STRING} !subView=core\.UserLogin - RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] - - <%- end -%> - - - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - SecAuditEngine On - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> - -<%- end -%> - -<%- end -%> diff --git a/templates/vhosts/php_gallery2/php_gallery2.erb b/templates/vhosts/php_gallery2/php_gallery2.erb new file mode 100644 index 0000000..ee2275a --- /dev/null +++ b/templates/vhosts/php_gallery2/php_gallery2.erb @@ -0,0 +1,400 @@ +# <%= servername %> +<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> + +<%- end -%> +<%- unless ssl_mode.to_s == 'only' then -%> + + Include include.d/defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/access_log noip + <%- else -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- end -%> + + <%- if ssl_mode.to_s == 'force' then -%> + RewriteEngine On + RewriteCond %{HTTPS} !=on + RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] + + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + + <%- end -%> + <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + + <%- end -%> + <%- if not ssl_mode.to_s == 'force' then -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + php_admin_flag safe_mode Off + php_admin_value output_buffering Off + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %><%= ":#{real_upload_dir.to_s}" if upload_dir.to_s != 'absent' %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + # Always rewrite login's + # Source: http://gallery.menalto.com/node/30558 + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] + RewriteCond %{QUERY_STRING} subView=core\.UserLogin + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # https -> see below + # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS): + # $gallery->setConfig('baseUri', ''); + + <%- end -%> + + <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + <%- end -%> + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> + +<%- unless ssl_mode.to_s == 'false' then -%> + + Include include.d/defaults.inc + Include include.d/ssl_defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + DocumentRoot <%= documentroot %>/ + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/access_log noip + <%- else -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- end -%> + + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + + <%- end -%> + <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> + + AssignUserId <%= run_uid+" "+run_gid %> + + + <%- end -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + php_admin_flag engine on + php_admin_flag safe_mode Off + php_admin_value output_buffering Off + <%- unless php_default_charset.to_s == 'absent' then -%> + php_admin_value default_charset <%= php_default_charset %> + <%- end -%> + php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>:<%= gdatadir %><%= ":#{real_upload_dir.to_s}" if upload_dir.to_s != 'absent' %> + php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %> + php_admin_value session.save_path <%= real_php_session_save_path %> + <%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%> + php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %> + <%- end -%> + # turn allow_url_fopen on for the extension manager fetch + php_admin_value allow_url_fopen On + + # Always rewrite login's (see above) + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ="" + RewriteCond %{REQUEST_METHOD} =GET + RewriteCond %{QUERY_STRING} !subView=core\.UserLogin + RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + + + <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + <%- end -%> + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> +<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> + + +<%- unless ssl_mode.to_s == 'only' then -%> + + Include include.d/defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + <%- if run_mode.to_s == 'static-itk' -%> + DocumentRoot <%= documentroot %>/ + DirectoryIndex index.htm index.html index.php + <%- end -%> + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip + <%- else -%> + ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined + <%- end -%> + + ProxyPreserveHost On + ProxyRequests off + <%- if run_mode.to_s == 'static-itk' -%> + ProxyPassMatch ^/(.*\.php/?.*)$ http://127.0.0.1/$1 + <%- else -%> + ProxyPass / http://127.0.0.1/ + <%- end -%> + ProxyPassReverse / http://127.0.0.1/ + + <%- if ssl_mode.to_s == 'force' then -%> + RewriteEngine On + RewriteCond %{HTTPS} !=on + RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] + + <%- end -%> + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + + <%- end -%> + <%- if run_mode.to_s == 'static-itk' then -%> + <%- if not ssl_mode.to_s == 'force' then -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + + # Always rewrite login's + # Source: http://gallery.menalto.com/node/30558 + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ^GALLERYSID= [OR] + RewriteCond %{QUERY_STRING} subView=core\.UserLogin + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # https -> see below + # Then, unset baseUri in config.php (to keep Gallery from trying to redirect users to either HTTP or HTTPS): + # $gallery->setConfig('baseUri', ''); + + <%- end -%> + <%- end -%> + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + <%- if mod_security_relevantonly.to_s == 'true' then -%> + SecAuditEngine RelevantOnly + <%- else -%> + SecAuditEngine On + <%- end -%> + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> + +<%- unless ssl_mode.to_s == 'false' then -%> + + Include include.d/defaults.inc + Include include.d/ssl_defaults.inc + + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + <%- if run_mode.to_s == 'static-itk' -%> + DocumentRoot <%= documentroot %>/ + DirectoryIndex index.htm index.html index.php + <%- end -%> + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip + <%- else -%> + ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log + CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined + <%- end -%> + + ProxyPreserveHost On + ProxyRequests off + SSLProxyEngine On + <%- if run_mode.to_s == 'static-itk' -%> + ProxyPassMatch ^/(.*\.php/?.*)$ https://127.0.0.1/$1 + <%- else -%> + ProxyPass / https://127.0.0.1/ + <%- end -%> + ProxyPassReverse / https://127.0.0.1/ + + <%- if default_charset.to_s != 'absent' then -%> + AddDefaultCharset <%= default_charset %> + + <%- end -%> + <%- if run_mode.to_s == 'static-itk' -%> + /"> + AllowOverride <%= allow_override %> + <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> + Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> + + <%- end -%> + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%> + # Always rewrite login's (see above) + RewriteEngine On + RewriteCond %{HTTP_COOKIE} ="" + RewriteCond %{REQUEST_METHOD} =GET + RewriteCond %{QUERY_STRING} !subView=core\.UserLogin + RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + + <%- end -%> + + + <%- if mod_security.to_s == 'true' then -%> + SecRuleEngine On + SecAuditEngine On + <%- else -%> + SecRuleEngine Off + SecAuditEngine Off + <%- end -%> + SecAuditLogType Concurrent + SecAuditLogStorageDir <%= logdir %>/ + SecAuditLog <%= logdir %>/mod_security_audit.log + SecDebugLog <%= logdir %>/mod_security_debug.log + + + <%- unless additional_options.to_s == 'absent' then -%> + <%= additional_options %> + <%- end -%> + +<%- end -%> + +<%- end -%> -- cgit v1.2.3