blob: 3e75fea1f921d6e880c4613d82fdfbae28b48287 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
# <%= servername %>
<VirtualHost *:80>
Include conf.d/defaults.inc
ServerName <%= servername %>
<%- unless serveralias.to_s.empty? then -%>
ServerAlias <%= serveralias %>
<%- end -%>
DocumentRoot <%= documentroot %>/
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- if ssl_mode.to_s == 'force' then -%>
Redirect permanent / https://<%= servername %>/
<%- end -%>
<%- if default_charset.to_s != 'absent' then -%>
AddDefaultCharset <%= default_charset %>
<%- end -%>
<%- if run_mode.to_s == 'itk' -%>
<IfModule mpm_itk_module>
AssignUserId <%= run_uid+" "+run_gid %>
</IfModule>
<%- end -%>
<%- if not ssl_mode.to_s == 'force' then -%>
<Directory "<%= documentroot %>/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%>
<%- end -%>
<%- unless htpasswd_file.to_s == 'absent' then -%>
AuthType Basic
AuthName "Access fuer <%= servername %>"
AuthUserFile <%= real_htpasswd_path %>
require valid-user
<%- end -%>
php_admin_flag engine on
php_admin_value open_basedir <%= documentroot %>:<%= php_upload_tmp_dir %>:<%= php_session_save_path %>
php_admin_value upload_tmp_dir <%= php_upload_tmp_dir %>
php_admin_value session.save_path <%= php_session_save_path %>
</Directory>
<%- end -%>
<Directory "<%= documentroot %>/administrator/">
RewriteEngine on
# Rewrite URLs to https that go for the admin area
RewriteCond %{REMOTE_ADDR} !^127\.[0-9]+\.[0-9]+\.[0-9]+$
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} (.*/administrator/.*)
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R]
</Directory>
<IfModule mod_security2.c>
SecRuleEngine <%= if mod_security.to_s == 'true' then "On" else "Off" end %>
# http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
SecRuleRemoveById "960010"
</IfModule>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<%- unless ssl_mode.to_s == 'false' then -%>
<VirtualHost *:443>
Include conf.d/defaults.inc
Include conf.d/ssl_defaults.inc
ServerName <%= servername %>
<%- unless serveralias.to_s.empty? then -%>
ServerAlias <%= serveralias %>
<%- end -%>
DocumentRoot <%= documentroot %>/
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- if default_charset.to_s != 'absent' then -%>
AddDefaultCharset <%= default_charset %>
<%- end -%>
<%- if run_mode.to_s == 'itk' -%>
<IfModule mpm_itk_module>
AssignUserId <%= run_uid+" "+run_gid %>
</IfModule>
<%- end -%>
<%- if ssl_mode.to_s == 'force' then -%>
Redirect permanent / https://<%= servername %>/
<%- end -%>
<%- if default_charset.to_s != 'absent' then -%>
AddDefaultCharset <%= default_charset %>
<%- end -%>
<Directory "<%= documentroot %>/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%> <%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%>+Includes<%- end -%>
<%- end -%>
<%- unless htpasswd_file.to_s == 'absent' then -%>
AuthType Basic
AuthName "Access fuer <%= servername %>"
AuthUserFile <%= real_htpasswd_path %>
require valid-user
<%- end -%>
php_admin_flag engine on
php_admin_value open_basedir <%= documentroot %>:<%= php_upload_tmp_dir %>:<%= php_session_save_path %>
php_admin_value upload_tmp_dir <%= php_upload_tmp_dir %>
php_admin_value session.save_path <%= php_session_save_path %>
</Directory>
<IfModule mod_security2.c>
SecRuleEngine <%= if mod_security.to_s == 'true' then "On" else "Off" end %>
</IfModule>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<%- end -%>
|