blob: 41879c8e17b741f6123038bf60bffad95aa42efa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
<%
vhost_parts = case ssl_mode
when 'only' then [:ssl]
when false then [:normal]
when 'false' then [:normal]
else [:normal,:ssl]
end
vhost_parts.each do |vhost_part|
scope.unsetvar('vhost_part')
scope.setvar('vhost_part',vhost_part)
-%>
<VirtualHost *:<%= vhost_part == :ssl ? '443' : '80' %> >
<%= scope.function_template('apache/vhosts/partials/header_default.erb') %>
<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
<% if ssl_mode == 'force' && vhost_part == :normal -%>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
<% else -%>
<%= scope.function_template(template_partial) %>
<% end -%>
<IfModule mod_security2.c>
<%- if mod_security.to_s == 'true' then -%>
SecRuleEngine On
<%- if mod_security_relevantonly.to_s == 'true' then -%>
SecAuditEngine RelevantOnly
<%- else -%>
SecAuditEngine On
<%- end -%>
<%- else -%>
SecRuleEngine Off
SecAuditEngine Off
<%- end -%>
SecAuditLogType Concurrent
SecAuditLogStorageDir <%= logdir %>/
SecAuditLog <%= logdir %>/mod_security_audit.log
SecDebugLog <%= logdir %>/mod_security_debug.log
</IfModule>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<% end -%>
|