summaryrefslogtreecommitdiff
path: root/templates/vhosts/static/static.erb
blob: 05354d63f1a1455087f05efcf1f66c54d90985d2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# <%= servername %>
<%- unless ssl_mode.to_s == 'only'  then -%>
<VirtualHost *:80>
    Include include.d/defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>
    DocumentRoot <%= documentroot %>/

    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log combined
    <%- if default_charset.to_s != 'absent' then -%>
    AddDefaultCharset <%= default_charset %>
    <%- end -%>
    <%- if ssl_mode.to_s == 'force' then -%>
    Redirect permanent / https://<%= servername %>/
    <%- end -%>

    <%- if not ssl_mode.to_s == 'force' then -%>
    <Directory "<%= documentroot %>/">
        AllowOverride <%= allow_override %>
        <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
        Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>

        <%- end -%>
        <%- unless htpasswd_file.to_s == 'absent' then -%>
        AuthType Basic
        AuthName "Access fuer <%= servername %>"
        AuthUserFile <%= real_htpasswd_path %>
        require valid-user
        <%- end -%>
    </Directory>
    <%- end -%>

    <IfModule mod_security2.c>
        <%- if mod_security.to_s == 'true' then -%>
        SecRuleEngine On
        <%- if mod_security_relevantonly.to_s == 'true' then -%>
        SecAuditEngine RelevantOnly
        <%- else -%>
        SecAuditEngine On
        <%- end -%>
        <%- else -%>
        SecRuleEngine Off
        SecAuditEngine Off
        <%- end -%>
        SecAuditLogType Concurrent
        SecAuditLogStorageDir <%= logdir %>/
        SecAuditLog <%= logdir %>/mod_security_audit.log
        SecDebugLog <%= logdir %>/mod_security_debug.log
    </IfModule>

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>

<%- unless ssl_mode.to_s == 'false'  then -%>
<VirtualHost *:443>
    Include include.d/defaults.inc
    Include include.d/ssl_defaults.inc
    ServerName <%= servername %>
    <%- unless serveralias.to_s.empty? then -%>
    ServerAlias <%= serveralias %>
    <%- end -%>
    <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
    ServerAdmin <%= server_admin %>
    <%- end -%>
    DocumentRoot <%= documentroot %>/

    ErrorLog <%= logdir %>/error_log
    CustomLog <%= logdir %>/access_log combined
    <%- if default_charset.to_s != 'absent' then -%>
    AddDefaultCharset <%= default_charset %>
    <%- end -%>

    <%- if options.to_s != 'absent' or htpasswd_file.to_s != 'absent' then -%>
    <Directory "<%= documentroot %>/">
        AllowOverride <%= allow_override %>
        <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
        Options <%= options %><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>

        <%- end -%>
        <%- unless htpasswd_file.to_s == 'absent' then -%>
        AuthType Basic
        AuthName "Access fuer <%= servername %>"
        AuthUserFile <%= real_htpasswd_path %>
        require valid-user
        <%- end -%>
    </Directory>
    <%- end %>

    <IfModule mod_security2.c>
        <%- if mod_security.to_s == 'true' then -%>
        SecRuleEngine On
        <%- if mod_security_relevantonly.to_s == 'true' then -%>
        SecAuditEngine RelevantOnly
        <%- else -%>
        SecAuditEngine On
        <%- end -%>
        <%- else -%>
        SecRuleEngine Off
        SecAuditEngine Off
        <%- end -%>
        SecAuditLogType Concurrent
        SecAuditLogStorageDir <%= logdir %>/
        SecAuditLog <%= logdir %>/mod_security_audit.log
        SecDebugLog <%= logdir %>/mod_security_debug.log
    </IfModule>

    <%- unless additional_options.to_s == 'absent' then -%>
    <%= additional_options %>
    <%- end -%>
</VirtualHost>
<%- end -%>