# <%= servername %> <%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> <%- end -%> <%- unless ssl_mode.to_s == 'only' then -%> Include include.d/defaults.inc ServerName <%= servername %> <%- unless serveralias.to_s.empty? then -%> ServerAlias <%= serveralias %> <%- end -%> <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> ServerAdmin <%= server_admin %> <%- end -%> DocumentRoot <%= documentroot %>/ <%- case logmode.to_s when 'nologs' -%> ErrorLog /dev/null CustomLog /dev/null <%- when 'semianonym' -%> ErrorLog <%= logdir %>/error_log CustomLog <%= logdir %>/access_log noip <%- when 'anonym' -%> ErrorLog /dev/null CustomLog <%= logdir %>/access_log noip <%- else -%> ErrorLog <%= logdir %>/error_log CustomLog <%= logdir %>/access_log combined <%- end -%> <%- if ssl_mode.to_s == 'force' then -%> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] <%- end -%> <%- if default_charset.to_s != 'absent' then -%> AddDefaultCharset <%= default_charset %> <%- end -%> <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> AssignUserId <%= run_uid+" "+run_gid %> <%- end -%> <%- if not ssl_mode.to_s == 'force' then -%> /"> AllowOverride <%= allow_override %> <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> /"> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ <%- end -%> <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On <%- if mod_security_relevantonly.to_s == 'true' then -%> SecAuditEngine RelevantOnly <%- else -%> SecAuditEngine On <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log <%- end -%> <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> <%- end -%> <%- unless ssl_mode.to_s == 'false' then -%> Include include.d/defaults.inc Include include.d/ssl_defaults.inc ServerName <%= servername %> <%- unless serveralias.to_s.empty? then -%> ServerAlias <%= serveralias %> <%- end -%> <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> ServerAdmin <%= server_admin %> <%- end -%> DocumentRoot <%= documentroot %>/ <%- case logmode.to_s when 'nologs' -%> ErrorLog /dev/null CustomLog /dev/null <%- when 'semianonym' -%> ErrorLog <%= logdir %>/error_log CustomLog <%= logdir %>/access_log noip <%- when 'anonym' -%> ErrorLog /dev/null CustomLog <%= logdir %>/access_log noip <%- else -%> ErrorLog <%= logdir %>/error_log CustomLog <%= logdir %>/access_log combined <%- end -%> <%- if default_charset.to_s != 'absent' then -%> AddDefaultCharset <%= default_charset %> <%- end -%> <%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%> AssignUserId <%= run_uid+" "+run_gid %> <%- end -%> /"> AllowOverride <%= allow_override %> <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ <%- unless htpasswd_file.to_s == 'absent' then -%> /"> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> <%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On <%- if mod_security_relevantonly.to_s == 'true' then -%> SecAuditEngine RelevantOnly <%- else -%> SecAuditEngine On <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log <%- end -%> <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> <%- end -%> <%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%> <%- unless ssl_mode.to_s == 'only' then -%> Include include.d/defaults.inc ServerName <%= servername %> <%- unless serveralias.to_s.empty? then -%> ServerAlias <%= serveralias %> <%- end -%> <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> ServerAdmin <%= server_admin %> <%- end -%> <%- if run_mode.to_s == 'static-itk' -%> DocumentRoot <%= documentroot %>/ DirectoryIndex index.htm index.html index.pl <%- end -%> <%- case logmode.to_s when 'nologs' -%> ErrorLog /dev/null CustomLog /dev/null <%- when 'semianonym' -%> ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip <%- when 'anonym' -%> ErrorLog /dev/null CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip <%- else -%> ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined <%- end -%> ProxyPreserveHost On ProxyRequests off <%- if run_mode.to_s == 'static-itk' -%> ProxyPassMatch ^/(.*\.pl/?.*)$ http://127.0.0.1/$1 <%- else -%> ProxyPass / http://127.0.0.1/ <%- end -%> ProxyPassReverse / http://127.0.0.1/ <%- if ssl_mode.to_s == 'force' then -%> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] <%- end -%> <%- if default_charset.to_s != 'absent' then -%> AddDefaultCharset <%= default_charset %> <%- end -%> <%- if run_mode.to_s == 'static-itk' then -%> <%- if not ssl_mode.to_s == 'force' then -%> /"> AllowOverride <%= allow_override %> <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> /"> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ <%- end -%> <%- end -%> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On <%- if mod_security_relevantonly.to_s == 'true' then -%> SecAuditEngine RelevantOnly <%- else -%> SecAuditEngine On <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> <%- end -%> <%- unless ssl_mode.to_s == 'false' then -%> Include include.d/defaults.inc Include include.d/ssl_defaults.inc ServerName <%= servername %> <%- unless serveralias.to_s.empty? then -%> ServerAlias <%= serveralias %> <%- end -%> <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> ServerAdmin <%= server_admin %> <%- end -%> <%- if run_mode.to_s == 'static-itk' -%> DocumentRoot <%= documentroot %>/ DirectoryIndex index.htm index.html index.pl <%- end -%> ProxyPreserveHost On ProxyRequests off SSLProxyEngine On <%- if run_mode.to_s == 'static-itk' -%> ProxyPassMatch ^/(.*\.pl/?.*)$ https://127.0.0.1/$1 <%- else -%> ProxyPass / https://127.0.0.1/ <%- end -%> ProxyPassReverse / https://127.0.0.1/ <%- case logmode.to_s when 'nologs' -%> ErrorLog /dev/null CustomLog /dev/null <%- when 'semianonym' -%> ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip <%- when 'anonym' -%> ErrorLog /dev/null CustomLog <%= logdir %>/<%= logfileprefix %>-access_log noip <%- else -%> ErrorLog <%= logdir %>/<%= logfileprefix %>-error_log CustomLog <%= logdir %>/<%= logfileprefix %>-access_log combined <%- end -%> <%- if default_charset.to_s != 'absent' then -%> AddDefaultCharset <%= default_charset %> <%- end -%> <%- unless run_mode.to_s == 'static-itk' -%> /"> AllowOverride <%= allow_override %> <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> <%- end -%> <%- unless htpasswd_file.to_s == 'absent' then -%> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> <%- if htpasswd_file.to_s == 'absent' then -%> /"> AuthType Basic AuthName "Access fuer <%= servername %>" AuthUserFile <%= real_htpasswd_path %> require valid-user <%- end -%> ScriptAlias /cgi-bin/ <%= cgi_binpath %>/ <%- end -%> <%- if mod_security.to_s == 'true' then -%> SecRuleEngine On <%- if mod_security_relevantonly.to_s == 'true' then -%> SecAuditEngine RelevantOnly <%- else -%> SecAuditEngine On <%- end -%> <%- else -%> SecRuleEngine Off SecAuditEngine Off <%- end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= logdir %>/ SecAuditLog <%= logdir %>/mod_security_audit.log SecDebugLog <%= logdir %>/mod_security_debug.log <%- unless additional_options.to_s == 'absent' then -%> <%= additional_options %> <%- end -%> <%- end -%> <%- end -%>