# <%= servername %>
<%- unless ssl_mode.to_s == 'only'  then -%>
<VirtualHost *:80>
    Include include.d/defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>

    <%- case logmode.to_s
        when 'nologs' -%>
    ErrorLog /dev/null
    CustomLog /dev/null
    <%- when 'semianonym' -%>
    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log noip
    <%- when 'anonym' -%>
    ErrorLog /dev/null
    CustomLog <%= logdir %>/access_log noip
    <%- else -%>
    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log combined
    <%- end -%>
    <%- if ssl_mode.to_s == 'force' then -%>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
    <% else -%>
    <Proxy *>
      Order deny,allow
      Allow from all
      <%- unless htpasswd_file.to_s == 'absent' then -%>
      AuthType Basic
      AuthName "Access fuer <%= servername %>"
      AuthUserFile <%= real_htpasswd_path %>
      require valid-user
      <%- end -%>
    </Proxy>
    ProxyRequests Off
    ProxyPass        /   <%= options %>/
    ProxyPassReverse /   <%= options %>/
    <%- end -%>

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>

<%- unless ssl_mode.to_s == 'false'  then -%>
<VirtualHost *:443>
    Include include.d/defaults.inc
    Include include.d/ssl_defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>

    <%- case logmode.to_s
        when 'nologs' -%>
    ErrorLog /dev/null
    CustomLog /dev/null
    <%- when 'semianonym' -%>
    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log noip
    <%- when 'anonym' -%>
    ErrorLog /dev/null
    CustomLog <%= logdir %>/access_log noip
    <%- else -%>
    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log combined
    <%- end -%>

    Header add Strict-Transport-Security "max-age=15768000"

    <Proxy *>
      Order deny,allow
      Allow from all
      <%- unless htpasswd_file.to_s == 'absent' then -%>
      AuthType Basic
      AuthName "Access fuer <%= servername %>"
      AuthUserFile <%= real_htpasswd_path %>
      require valid-user
      <%- end -%>
    </Proxy>
    ProxyRequests Off
    ProxyPass        /   <%= options %>/
    ProxyPassReverse /   <%= options %>/

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>