# <%= servername %>
<%- unless ssl_mode.to_s == 'only'  then -%>
<VirtualHost *:80>
    Include include.d/defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>
    DocumentRoot <%= documentroot %>/

<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
    <%- if ssl_mode.to_s == 'force' then -%>
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]

    <%- end -%>

    <%- if not ssl_mode.to_s == 'force' then -%>
    <Directory "<%= documentroot %>/">
        AllowOverride <%= allow_override %>
        <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
        Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>

        <%- end -%>
        <%- unless htpasswd_file.to_s == 'absent' then -%>
        AuthType Basic
        AuthName "Access fuer <%= servername %>"
        AuthUserFile <%= real_htpasswd_path %>
        require valid-user
        <%- end -%>
    </Directory>
    <%- end -%>

<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>

<%- unless ssl_mode.to_s == 'false'  then -%>
<VirtualHost *:443>
    Include include.d/defaults.inc
    Include include.d/ssl_defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>
    DocumentRoot <%= documentroot %>/

<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
    <%- if default_charset.to_s != 'absent' then -%>

    AddDefaultCharset <%= default_charset %>
    <%- end -%>

    Header add Strict-Transport-Security "max-age=15768000"

    <%- if options.to_s != 'absent' or htpasswd_file.to_s != 'absent' then -%>
    <Directory "<%= documentroot %>/">
        AllowOverride <%= allow_override %>
        <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
        Options <%= options %><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>

        <%- end -%>
        <%- unless htpasswd_file.to_s == 'absent' then -%>
        AuthType Basic
        AuthName "Access fuer <%= servername %>"
        AuthUserFile <%= real_htpasswd_path %>
        require valid-user
        <%- end -%>
    </Directory>
    <%- end %>

<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>