blob: 885bce36a8856ffd90a39f9b86d61aa1ff39065e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
# <%= servername %>
<%- unless ssl_mode.to_s == 'only' then -%>
<VirtualHost *:80>
Include include.d/defaults.inc
ServerName <%= servername %>
<%- unless serveralias.to_s.empty? then -%>
ServerAlias <%= serveralias %>
<%- end -%>
<%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
ServerAdmin <%= server_admin %>
<%- end -%>
<%- case logmode.to_s
when 'nologs' -%>
ErrorLog /dev/null
CustomLog /dev/null
<%- when 'semianonym' -%>
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log noip
<%- when 'anonym' -%>
ErrorLog /dev/null
CustomLog <%= logdir %>/access_log noip
<%- else -%>
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- end -%>
<%- if ssl_mode.to_s == 'force' then -%>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
<% else -%>
<Proxy *>
Order deny,allow
Allow from all
<%- unless htpasswd_file.to_s == 'absent' then -%>
AuthType Basic
AuthName "Access fuer <%= servername %>"
AuthUserFile <%= real_htpasswd_path %>
require valid-user
<%- end -%>
</Proxy>
ProxyRequests Off
ProxyPass / <%= options %>/
ProxyPassReverse / <%= options %>/
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<%- end -%>
<%- unless ssl_mode.to_s == 'false' then -%>
<VirtualHost *:443>
Include include.d/defaults.inc
Include include.d/ssl_defaults.inc
ServerName <%= servername %>
<%- unless serveralias.to_s.empty? then -%>
ServerAlias <%= serveralias %>
<%- end -%>
<%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
ServerAdmin <%= server_admin %>
<%- end -%>
<%- case logmode.to_s
when 'nologs' -%>
ErrorLog /dev/null
CustomLog /dev/null
<%- when 'semianonym' -%>
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log noip
<%- when 'anonym' -%>
ErrorLog /dev/null
CustomLog <%= logdir %>/access_log noip
<%- else -%>
ErrorLog <%= logdir %>/error_log
CustomLog <%= logdir %>/access_log combined
<%- end -%>
Header add Strict-Transport-Security "max-age=15768000"
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<Proxy *>
Order deny,allow
Allow from all
<%- unless htpasswd_file.to_s == 'absent' then -%>
AuthType Basic
AuthName "Access fuer <%= servername %>"
AuthUserFile <%= real_htpasswd_path %>
require valid-user
<%- end -%>
</Proxy>
ProxyRequests Off
ProxyPass / <%= options %>/
ProxyPassReverse / <%= options %>/
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
</VirtualHost>
<%- end -%>
|
