1 ## Default vhosts, and custom vhosts
2 # NB: Please see the other vhost_*.pp example files for further
5 # Base class. Declares default vhost on port 80 and default ssl
6 # vhost on port 443 listening on all interfaces and serving
11 apache::vhost { 'first.example.com':
13 docroot => '/var/www/first',
16 # Vhost with different docroot owner/group/mode
17 apache::vhost { 'second.example.com':
19 docroot => '/var/www/second',
20 docroot_owner => 'third',
21 docroot_group => 'third',
22 docroot_mode => '0770',
25 # Vhost with serveradmin
26 apache::vhost { 'third.example.com':
28 docroot => '/var/www/third',
29 serveradmin => 'admin@example.com',
32 # Vhost with ssl (uses default ssl certs)
33 apache::vhost { 'ssl.example.com':
35 docroot => '/var/www/ssl',
39 # Vhost with ssl and specific ssl certs
40 apache::vhost { 'fourth.example.com':
42 docroot => '/var/www/fourth',
44 ssl_cert => '/etc/ssl/fourth.example.com.cert',
45 ssl_key => '/etc/ssl/fourth.example.com.key',
48 # Vhost with english title and servername parameter
49 apache::vhost { 'The fifth vhost':
50 servername => 'fifth.example.com',
52 docroot => '/var/www/fifth',
55 # Vhost with server aliases
56 apache::vhost { 'sixth.example.com':
62 docroot => '/var/www/fifth',
65 # Vhost with alternate options
66 apache::vhost { 'seventh.example.com':
68 docroot => '/var/www/seventh',
75 # Vhost with AllowOverride for .htaccess
76 apache::vhost { 'eighth.example.com':
78 docroot => '/var/www/eighth',
82 # Vhost with access and error logs disabled
83 apache::vhost { 'ninth.example.com':
85 docroot => '/var/www/ninth',
90 # Vhost with custom access and error logs and logroot
91 apache::vhost { 'tenth.example.com':
93 docroot => '/var/www/tenth',
94 access_log_file => 'tenth_vhost.log',
95 error_log_file => 'tenth_vhost_error.log',
96 logroot => '/var/log',
99 # Vhost with a cgi-bin
100 apache::vhost { 'eleventh.example.com':
102 docroot => '/var/www/eleventh',
103 scriptalias => '/usr/lib/cgi-bin',
106 # Vhost with a proxypass configuration
107 apache::vhost { 'twelfth.example.com':
109 docroot => '/var/www/twelfth',
110 proxy_dest => 'http://internal.example.com:8080/twelfth',
111 no_proxy_uris => ['/login','/logout'],
114 # Vhost to redirect /login and /logout
115 apache::vhost { 'thirteenth.example.com':
117 docroot => '/var/www/thirteenth',
123 'http://10.0.0.10/login',
124 'http://10.0.0.10/logout',
128 # Vhost to permamently redirect
129 apache::vhost { 'fourteenth.example.com':
131 docroot => '/var/www/fourteenth',
132 redirect_source => '/blog',
133 redirect_dest => 'http://blog.example.com',
134 redirect_status => 'permanent',
137 # Vhost with a rack configuration
138 apache::vhost { 'fifteenth.example.com':
140 docroot => '/var/www/fifteenth',
141 rack_base_uris => ['/rackapp1', '/rackapp2'],
144 # Vhost to redirect non-ssl to ssl
145 apache::vhost { 'sixteenth.example.com non-ssl':
146 servername => 'sixteenth.example.com',
148 docroot => '/var/www/sixteenth',
151 comment => 'redirect non-SSL traffic to SSL site',
152 rewrite_cond => ['%{HTTPS} off'],
153 rewrite_rule => ['(.*) https://%{HTTPS_HOST}%{REQUEST_URI}'],
158 # Rewrite a URL to lower case
159 apache::vhost { 'sixteenth.example.com non-ssl':
160 servername => 'sixteenth.example.com',
162 docroot => '/var/www/sixteenth',
164 { comment => 'Rewrite to lower case',
165 rewrite_cond => ['%{REQUEST_URI} [A-Z]'],
166 rewrite_map => ['lc int:tolower'],
167 rewrite_rule => ['(.*) ${lc:$1} [R=301,L]'],
172 apache::vhost { 'sixteenth.example.com ssl':
173 servername => 'sixteenth.example.com',
175 docroot => '/var/www/sixteenth',
179 # Vhost to redirect non-ssl to ssl using old rewrite method
180 apache::vhost { 'sixteenth.example.com non-ssl old rewrite':
181 servername => 'sixteenth.example.com',
183 docroot => '/var/www/sixteenth',
184 rewrite_cond => '%{HTTPS} off',
185 rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}',
187 apache::vhost { 'sixteenth.example.com ssl old rewrite':
188 servername => 'sixteenth.example.com',
190 docroot => '/var/www/sixteenth',
194 # Vhost to block repository files
195 apache::vhost { 'seventeenth.example.com':
197 docroot => '/var/www/seventeenth',
201 # Vhost with special environment variables
202 apache::vhost { 'eighteenth.example.com':
204 docroot => '/var/www/eighteenth',
205 setenv => ['SPECIAL_PATH /foo/bin','KILROY was_here'],
208 apache::vhost { 'nineteenth.example.com':
210 docroot => '/var/www/nineteenth',
211 setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1',
214 # Vhost with additional include files
215 apache::vhost { 'twentyieth.example.com':
217 docroot => '/var/www/twelfth',
218 additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'],
221 # Vhost with alias for subdomain mapped to same named directory
222 # http://example.com.loc => /var/www/example.com
223 apache::vhost { 'subdomain.loc':
226 virtual_docroot => '/var/www/%-2+',
227 docroot => '/var/www',
228 serveraliases => ['*.loc',],
231 # Vhost with SSLProtocol,SSLCipherSuite, SSLHonorCipherOrder
232 apache::vhost { 'securedomain.com':
234 vhost_name => 'www.securedomain.com',
236 docroot => '/var/www/secure',
238 ssl_cert => '/etc/ssl/securedomain.cert',
239 ssl_key => '/etc/ssl/securedomain.key',
240 ssl_chain => '/etc/ssl/securedomain.crt',
241 ssl_protocol => '-ALL +SSLv3 +TLSv1',
242 ssl_cipher => 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM',
243 ssl_honorcipherorder => 'On',
247 # Vhost with access log environment variables writing control
248 apache::vhost { 'twentyfirst.example.com':
250 docroot => '/var/www/twentyfirst',
251 access_log_env_var => 'admin',