AnsibleRoles/ensure_apache
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ensure_apache/templates/Fedora/34/etc/httpd/conf.d/vhost.conf

73 lines
1.8 KiB
Plaintext
Raw Blame History

MDBaseServer on
MDCertificateAgreement accepted
MDCertificateAuthority {{ lets_encrypt_url }}
MDContactEmail {{ lets_encrypt_admin }}
MDPrivateKeys secp384r1 secp256r1 RSA 4096
MDRequireHttps temporary
MDStoreDir md
<Directory "/srv/http">
AllowOverride None
Require all granted
</Directory>
{% for item in http_vhost %}
<Directory "/srv/http/{{ item.fqdn }}">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<VirtualHost *:80>
ServerName {{ item.fqdn }}
{% if item.aliases is defined %}
{% for item_alias in item.aliases %}
ServerAlias {{ item_alias }}
{% endfor %}
{% endif %}
ServerAdmin webmaster@{{ item.fqdn }}
DocumentRoot /srv/http/{{ item.fqdn }}
{% if item.redirect is defined %}
RedirectMatch "^(?!/\.well-known/).*" {{ item.redirect }}
{% endif %}
</VirtualHost>
MDomain {{ item.fqdn }}
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -TLSv1.1
SSLProxyProtocol all -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
ServerName {{ item.fqdn }}
{% if item.aliases is defined %}
{% for item_alias in item.aliases %}
ServerAlias {{ item_alias }}
{% endfor %}
{% endif %}
ServerAdmin webmaster@{{ item.fqdn }}
DocumentRoot /srv/http/{{ item.fqdn }}
Alias /error/ "/var/www/error/"
{% if item.proxy is defined %}
ProxyPass "/.well-known" "!"
ProxyPass "/phpMyAdmin" "!"
ProxyPass "/phpmyadmin" "!"
ProxyPass "/" "{{ item.proxy }}"
ProxyPassReverse "/" "{{ item.proxy }}"
ProxyTimeout 300
{% endif %}
{% if item.redirect is defined %}
RedirectMatch "^(?!/\.well-known/).*" {{ item.redirect }}
{% endif %}
<Location /.env>
Require all denied
</Location>
<Location /.git>
Require all denied
</Location>
</VirtualHost>
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink