MDBaseServer on MDCertificateAgreement accepted MDCertificateAuthority {{ lets_encrypt_url }} MDContactEmail {{ lets_encrypt_admin }} MDPrivateKeys secp384r1 secp256r1 RSA 4096 MDRequireHttps temporary MDStoreDir md AllowOverride None Require all granted {% for item in http_vhost %} Options Indexes FollowSymLinks AllowOverride None Require all granted ServerName {{ item.fqdn }} {% if item.aliases is defined %} {% for item_alias in item.aliases %} ServerAlias {{ item_alias }} {% endfor %} {% endif %} ServerAdmin webmaster@{{ item.fqdn }} DocumentRoot /srv/http/{{ item.fqdn }} MDomain {{ item.fqdn }} SSLEngine on SSLProtocol all -TLSv1.1 SSLProxyProtocol all -TLSv1.1 SSLHonorCipherOrder on SSLCipherSuite PROFILE=SYSTEM SSLProxyCipherSuite PROFILE=SYSTEM ServerName {{ item.fqdn }} {% if item.aliases is defined %} {% for item_alias in item.aliases %} ServerAlias {{ item_alias }} {% endfor %} {% endif %} ServerAdmin webmaster@{{ item.fqdn }} DocumentRoot /srv/http/{{ item.fqdn }} Alias /error/ "/var/www/error/" {% if item.proxy is defined %} ProxyPass "/.well-known" "!" ProxyPass "/phpMyAdmin" "!" ProxyPass "/phpmyadmin" "!" ProxyPass "/" "{{ item.proxy }}" ProxyPassReverse "/" "{{ item.proxy }}" ProxyTimeout 300 {% endif %} Require all denied {% endfor %}