projects / mirror / dsa-puppet.git / blob
? search:


e673afdeaa843becc831f0270cd754847cd9a98b
[mirror/dsa-puppet.git] / modules / roles / templates / apache-www.debian.org.erb
1 ##
2 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
3 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
4 ##
5
6 # Need to turn on negotiation_module
7 <Directory <%= @wwwdo_document_root %>/>
8   Options +MultiViews +FollowSymLinks +Indexes
9   AddHandler type-map var
10   # Make sure that the srm.conf directive is commented out.
11   AddDefaultCharSet Off
12   AllowOverride AuthConfig FileInfo
13   Require all granted
14
15   # Serve icons as image/x-icon
16   AddType image/x-icon .ico
17
18   # Serve RSS feeds as application/rss+xml
19   AddType application/rss+xml .rdf
20
21   # Nice caching..
22   ExpiresActive On
23   ExpiresDefault "access plus 1 day"
24   ExpiresByType image/gif "access plus 1 week"
25   ExpiresByType image/jpeg "access plus 1 week"
26   ExpiresByType image/png "access plus 1 week"
27   ExpiresByType image/x-icon "access plus 1 week"
28
29   # FileEtag needs to be the same across mirrors (used for caching, ignore inode)
30   FileEtag MTime Size
31
32   # language stuff, for web site translations
33   # for boot-floppies docs only: sk
34   AddLanguage en .en
35   AddLanguage en-us .en-us
36   AddLanguage en-gb .en-gb
37   AddLanguage ar .ar
38   AddLanguage bg .bg
39   AddLanguage ca .ca
40   AddLanguage cs .cs
41   AddLanguage da .da
42   AddLanguage de .de
43   AddLanguage el .el
44   AddLanguage eo .eo
45   AddLanguage es .es
46   AddLanguage fi .fi
47   AddLanguage fr .fr
48   AddLanguage hr .hr
49   AddLanguage hu .hu
50   AddLanguage hy .hy
51   AddLanguage id .id
52   AddLanguage it .it
53   AddLanguage ja .ja
54   AddLanguage ko .ko
55   AddLanguage lt .lt
56   AddLanguage nl .nl
57   AddLanguage no .no
58   AddLanguage nb .nb
59   AddLanguage pl .pl
60   AddLanguage pt .pt
61   AddLanguage pt-br .pt-br
62   AddLanguage ro .ro
63   AddLanguage ru .ru
64   AddLanguage sk .sk
65   AddLanguage sl .sl
66   AddLanguage sv .sv
67   AddLanguage tr .tr
68   AddLanguage uk .uk
69   AddLanguage vi .vi
70   AddLanguage zh-CN .zh-cn
71   AddLanguage zh-HK .zh-hk
72   AddLanguage zh-TW .zh-tw
73   LanguagePriority en fr de it es ja pl hr da pt pt-br fi zh-cn zh-hk zh-tw cs sv ko no nb ru tr eo ar nl hu ro sk el ca en-us en-gb id lt sl bg uk hy vi
74
75   DirectoryIndex maintenance index index.html index.shtml index.htm
76
77   <Files *.html.es>
78     ForceType text/html
79   </Files>
80
81   <Files *.pdf.es>
82     ForceType application/pdf
83   </Files>
84
85   <Files *.txt.es>
86     ForceType text/plain
87   </Files>
88 </Directory>
89
90 <Macro common-www-other.d.o>
91    ServerName debian.org
92    ServerAdmin webmaster@debian.org
93
94    ServerAlias www.debian.net
95    ServerAlias debian.net
96
97    ServerAlias www.debian.eu
98    ServerAlias debian.eu
99
100    ServerAlias www.debian.nl
101    ServerAlias debian.nl
102
103    ServerAlias www.debian.com
104    ServerAlias debian.com
105
106    ServerAlias debian.us
107    ServerAlias www.debian.us
108
109    ServerAlias debian.gr
110    ServerAlias www.debian.gr
111
112    ServerAlias www.debian.es
113    ServerAlias debian.es
114
115    ServerAlias www.debian.at
116
117    DocumentRoot <%= @wwwdo_document_root %>/
118    LogFormat "0.0.0.0 - %u %{[%d/%b/%Y:00:00:00 %z]}t \"%r\" %>s %b \"%{Referer}i\" \"-\" %V" privacy+host
119    ErrorLog /var/log/apache2/www-other.debian.org-error.log
120    CustomLog /var/log/apache2/www-other.debian.org-access.log privacy+host
121 </Macro>
122
123 <Macro common-www.d.o-inner>
124    ServerAdmin webmaster@debian.org
125    DocumentRoot <%= @wwwdo_document_root %>/
126
127    # CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each
128    # document that was negotiated on the basis of content. This asks proxy
129    # servers not to cache the document. Uncommenting the following line disables
130    # this behavior, and proxies will be allowed to cache the documents.
131    CacheNegotiatedDocs On
132
133    # The UI for language selection in browsers is rarely used or known about
134    # by visitors so websites need to provide a way for visitors to influence
135    # content negotiation using the website itself in addition to the browser.
136    # Setting a cookie is the simplest option for us as the URLs don't change.
137    # The GDPR does not apply and to satisfy the EU cookie law we can include
138    # some explanatory text around the form that sets the cookie.
139    # The use of POST requests will ensure each cookie is only set explictly.
140    # Since Apache mod_rewrite cannot inspect POST data, we use URLs instead.
141    RewriteEngine on
142    RewriteCond %{REQUEST_METHOD} ^POST$
143    RewriteRule /intro/cn/setlang/([a-z]{2}(?:-[a-z]{2})?)/(.*) /$2 [last,redirect,cookie=lang:$1:www.debian.org:40320:/:secure:]
144    RewriteCond %{REQUEST_METHOD} ^POST$
145    RewriteRule /intro/cn/unsetlang/(.*) /$2 [last,redirect,cookie=lang:invalid:www.debian.org:-1:/:secure:]
146    SetEnvIf Cookie "lang=(.+)" prefer-language=$1
147    Header append Vary cookie
148
149 # Custom Error
150    ErrorDocument 404 /devel/website/errors/404
151    RewriteCond %{DOCUMENT_ROOT}/devel/website/errors/404.$2.html -f
152    RewriteRule ^/(?!devel/website/errors/)(.*/)?404\.(.+)\.html$ /devel/website/errors/404.$2.html [L]
153
154 # the joys of backwards compatibility
155    Redirect /Lists-Archives https://lists.debian.org
156    Redirect /search https://search.debian.org
157    Redirect /Packages https://packages.debian.org
158    Redirect /lintian https://lintian.debian.org
159
160    Redirect /SPI https://www.spi-inc.org
161 #   Redirect /OpenHardware http://www.openhardware.org
162    Redirect /OpenSource https://opensource.org
163    Redirect /Bugs/db/ix/pseudopackages.html /Bugs/pseudo-packages
164    RewriteRule ^/Bugs/db/pa/l([^/]+).html$ https://bugs.debian.org/$1
165    RewriteRule ^/Bugs/db/[[:digit:]][[:digit:]]/([[:digit:]][[:digit:]][[:digit:]]+).html$ https://bugs.debian.org/$1
166    RewriteRule ^/Bugs/db/ma/l([^/]+).html$ https://bugs.debian.org/cgi-bin/pkgreport.cgi?maintenc=$1
167
168    <IfModule mod_userdir.c>
169       UserDir disabled
170    </IfModule>
171
172    Redirect /devel/todo/ /devel/wnpp/help_requested_bypop
173    Redirect /doc/FAQ /doc/manuals/debian-faq
174    Redirect /doc/manuals/debian-fr-howto /doc/manuals/fr/debian-fr-howto
175    Redirect /doc/manuals/reference /doc/manuals/debian-reference
176    Redirect /doc/packaging-manuals/developers-reference /doc/manuals/developers-reference
177    Redirect /doc/packaging-manuals/packaging-tutorial /doc/manuals/packaging-tutorial
178    Redirect /doc/prospective-packages /devel/wnpp/
179    Redirect /devel/maintainer_contacts /intro/organization
180    Redirect /devel/debian-installer/gtk-frontend https://wiki.debian.org/DebianInstaller/GUI
181    Redirect /zh/ /international/Chinese/
182    Redirect /chinese/ /international/Chinese/
183    Redirect /devel/help /devel/join/
184    Redirect /distrib/books /doc/books
185    Redirect /distrib/floppyinst /distrib/netinst
186    Redirect /distrib/netboot /distrib/netinst
187    Redirect /distrib/vendors /CD/vendors/
188    Redirect /distrib/cd /CD/
189    Redirect /distrib/cdinfo /CD/vendors/info
190    Redirect /related_links /misc/related_links
191    Redirect /ports/laptops /misc/laptops/
192    Redirect /misc/README.mirrors /mirror/list
193    Redirect /misc/README.non-US /mirror/list.non-US
194    Redirect /misc/awards /News/awards
195    Redirect /misc/bsd.license https://opensource.org/licenses/BSD-3-Clause
196    Redirect /misc/laptops https://wiki.debian.org/InstallingDebianOn
197    Redirect /misc/memberships /intro/organization#memberships
198    Redirect /misc/merchandise /events/merchandise
199    Redirect /intl /international
200    Redirect /ports/armel  /ports/arm
201    Redirect /ports/armhf  /ports/arm
202    Redirect /ports/arm64  /ports/arm
203    Redirect /ports/mipsel /ports/mips
204    Redirect /ports/mips64el /ports/mips
205    Redirect /ports/kfreebsd-amd64 /ports/kfreebsd-gnu
206    Redirect /ports/kfreebsd-i386  /ports/kfreebsd-gnu
207    Redirect /ports/sparc64 /ports/sparc
208    Redirect /ports/s390x   /ports/s390
209    Redirect /ports/ppc64   /ports/powerpc
210    Redirect /ports/ppc64el   /ports/powerpc
211    Redirect /ports/powerpcspe   /ports/powerpc
212    Redirect /ports/riscv64   https://wiki.debian.org/RISC-V
213    Redirect /ports/x32   https://wiki.debian.org/X32Port
214    Redirect /ports/sh4   https://wiki.debian.org/SH4
215    Redirect /mirror/official_sponsors /mirror/sponsors
216    Redirect /mirror/official /mirror/list
217    Redirect /mirror/mirrors_full.html /mirror/list-full.html
218    Redirect /mirrors /mirror
219    Redirect /News/project /News/weekly
220    Redirect /releases/2.0 /releases/hamm
221    Redirect /releases/2.1 /releases/slink
222    Redirect /releases/2.2 /releases/potato
223    Redirect /releases/3.0 /releases/woody
224    Redirect /releases/3.1 /releases/sarge
225    Redirect /releases/4.0 /releases/etch
226    Redirect /releases/5.0 /releases/lenny
227    Redirect /releases/6.0 /releases/squeeze
228    Redirect /releases/7 /releases/wheezy
229    Redirect /releases/8 /releases/jessie
230    Redirect /releases/9 /releases/stretch
231    Redirect /releases/10 /releases/buster
232    Redirect /releases/unstable /releases/sid
233    Redirect /support/ /support
234
235 # Upper-case URLs were a bad idea
236    Redirect /bugs /Bugs
237    Redirect /news /News
238    Redirect /mailinglists /MailingLists
239    Redirect /cd /CD
240
241    RewriteRule ^/ports/freebsd(.*) /ports/kfreebsd-gnu/ [R]
242    RewriteRule ^/devel/debian-installer/report-template(.*) /releases/stable/i386/ch05s04.html#submit-bug [NE,R]
243    RewriteRule ^/devel/debian-installer/hooks(.*) https://d-i.alioth.debian.org/doc/internals/apb.html [R]
244    RewriteRule ^/doc/packaging-manuals/mime-policy(.*) /doc/debian-policy/ch-opersys.html#s-mime [NE,R]
245
246    RewriteRule ^/volatile/index.* - [S=1]
247    RewriteRule ^/volatile/.+ /volatile/ [L,R]
248    RewriteRule ^/devel/debian-volatile/.* /volatile/ [R]
249
250 # Offer a Redirect to DSA without knowing year #474730
251    RewriteMap dsa txt:<%= @wwwdo_document_root %>/security/map-dsa.txt
252    RewriteRule ^/security/dsa-(\d+)(\..*)? /security/${dsa:$1}$2 [R]
253
254 # Compatibility after SGML -> DocBook
255 # Debian Reference #624239
256    RewriteMap reference txt:<%= @wwwdo_document_root %>/doc/map-reference.txt
257    RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/ch-support$1 !-f
258    RewriteRule ^/doc/manuals/debian-reference/ch-support(.*)  /support$1 [L,R]
259    RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/${reference:$1}$2 -f
260    RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)(.+) /doc/manuals/debian-reference/${reference:$1}$2 [L,R]
261    RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)$    /doc/manuals/debian-reference/${reference:$1}     [R]
262    RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/apa$1 -f
263    RewriteRule ^/doc/manuals/debian-reference/ap-appendix(.+) /doc/manuals/debian-reference/apa$1 [L,R]
264    RewriteRule ^/doc/manuals/debian-reference/ap-appendix$    /doc/manuals/debian-reference/apa     [R]
265    RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/footnotes$1 !-f
266    RewriteRule ^/doc/manuals/debian-reference/footnotes(.+)   /doc/manuals/debian-reference/index$1 [L,R]
267    RewriteRule ^/doc/manuals/debian-reference/footnotes$      /doc/manuals/debian-reference/          [R]
268
269 # DevRef filename changes c2016
270    RedirectMatch ^(/doc/manuals/developers-reference)/scope(\.[a-z]{2})?.html                 $1/ch01$2.html
271    RedirectMatch ^(/doc/manuals/developers-reference)/new-maintainer(\.[a-z]{2})?.html        $1/ch02$2.html
272    RedirectMatch ^(/doc/manuals/developers-reference)/developer-duties(\.[a-z]{2})?.html      $1/ch03$2.html
273    RedirectMatch ^(/doc/manuals/developers-reference)/resources(\.[a-z]{2})?.html             $1/ch04$2.html
274    RedirectMatch ^(/doc/manuals/developers-reference)/pkgs(\.[a-z]{2})?.html                  $1/ch05$2.html
275    RedirectMatch ^(/doc/manuals/developers-reference)/best-pkging-practices(\.[a-z]{2})?.html $1/ch06$2.html
276    RedirectMatch ^(/doc/manuals/developers-reference)/beyond-pkging(\.[a-z]{2})?.html         $1/ch07$2.html
277    RedirectMatch ^(/doc/manuals/developers-reference)/l10n(\.[a-z]{2})?.html                  $1/ch08$2.html
278    RedirectMatch ^(/doc/manuals/developers-reference)/tools(\.[a-z]{2})?.html                 $1/apa$2.html
279
280 # New Maintainers' Guide
281    RewriteRule ^/doc/(manuals/)?maint-guide/ch-(.*) /doc/manuals/maint-guide/$2 [R]
282    RewriteRule ^/doc/(manuals/)?maint-guide/footnotes(.*) /doc/manuals/maint-guide/index$2 [R]
283
284 # Compatibility after Debian Policy changed to build with Sphinx (bug #877367)
285    RewriteRule ^/doc/debian-policy/footnotes.html(.*) /doc/debian-policy/ [R,L]
286
287 # Canonical place for manuals under /doc/manuals/
288    RewriteCond %{DOCUMENT_ROOT}/doc/manuals/$1 -d
289    RewriteRule ^/doc/([^/]+)/?(.*)? /doc/manuals/$1/$2 [L,R]
290    RewriteRule ^/doc/manuals/?$ /doc/ [L,R]
291
292 # Relocation of blends pages
293    RewriteRule ^/devel/hamradio(.*)$ /blends/hamradio$1 [R,L]
294
295 # Relocation of derivatives pages
296    RewriteRule ^/misc/children-distros(?:\.html)?$ /derivatives/ [R,L]
297    RewriteRule ^/misc/children-distros(\.[^\.]+(?:\.html)?)$ /derivatives/index$1 [R,L]
298
299 # Relocation of memberships information
300    RewriteRule ^/misc/memberships(?:\.html)?$ /intro/organization$1#memberships [R,L]
301    RewriteRule ^/misc/memberships(\.[^\.]+(?:\.html)?)$ /intro/organization$1#memberships [R,L]
302 </Macro>
303
304 <Macro common-www.d.o>
305    ServerName <%= @wwwdo_server_name %>
306
307    Use common-www.d.o-inner
308 </Macro>
309
310
311 <VirtualHost <%= @vhost_listen %> >
312    ErrorLog /var/log/apache2/www.debian.org-error.log
313    CustomLog /var/log/apache2/www.debian.org-access.log privacy
314
315    ServerName <%= @wwwdo_server_name %>
316    Redirect / https://<%= @wwwdo_server_name %>/
317 </VirtualHost>
318 <VirtualHost <%= @vhost_listen_443 %> >
319    ErrorLog /var/log/apache2/www.debian.org-error.log
320    CustomLog /var/log/apache2/www.debian.org-access.log privacyssl
321
322    Use common-www.d.o
323
324    Use common-debian-service-ssl <%= @wwwdo_server_name %>
325    Use common-ssl-HSTS
326 </VirtualHost>
327 <% if scope.function_onion_global_service_hostname([@wwwdo_server_name]) -%>
328 <VirtualHost <%= @vhost_listen %> >
329    ErrorLog /var/log/apache2/www.debian.org-error.log
330    CustomLog /var/log/apache2/www.debian.org-access.log privacy
331
332    ServerName <%= scope.function_onion_global_service_hostname([@wwwdo_server_name]) %>
333
334    Use common-www.d.o-inner
335 </VirtualHost>
336 <% end %>
337
338
339 <%- if @redirect_vhosts -%>
340 # www other
341 ###########
342 <VirtualHost <%= @vhost_listen %> >
343    Use common-www-other.d.o
344
345    ErrorLog /var/log/apache2/www-other.debian.org-error.log
346    CustomLog /var/log/apache2/www-other.debian.org-access.log privacy
347
348    Redirect / https://www.debian.org/
349 </VirtualHost>
350 <VirtualHost <%= @vhost_listen_443 %> >
351    Use common-www-other.d.o
352
353    CustomLog /var/log/apache2/www-other-access.log privacyssl
354    ErrorLog /var/log/apache2/www-other-error.log
355
356    # Legacy GPG versions (including 2.2.12 in buster/Debian 10) use the "direct method" instead
357    # of the "advanced method" which should be tried first according to the draft
358    # https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
359    # also cf. RT#7828
360    Redirect /.well-known/openpgpkey/ https://openpgpkey.debian.org/.well-known/openpgpkey/debian.org/
361
362    Redirect / https://www.debian.org/
363
364    Use common-debian-service-ssl debian.org
365    Use common-ssl-HSTS
366 </VirtualHost>
367 <%- end -%>
368 # vim:set syn=apache:
Unnamed repository; edit this file 'description' to name the repository.