2 ## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
3 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
7 ServerAdmin debian-admin@debian.org
8 DocumentRoot /srv/ftp.root/debian-security
9 ServerPath /debian-security
10 ServerName security.debian.org
11 ServerAlias security.ipv6.debian.org
12 ServerAlias security.eu.debian.org
13 ServerAlias security.us.debian.org
14 ServerAlias security.na.debian.org
15 ServerAlias security.geo.debian.org
16 ServerAlias security-cdn.debian.org
17 ServerAlias security-cdn1.debian.org
18 ServerAlias security-cdn2.debian.org
19 ServerAlias security-nagios.debian.org
20 <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
21 ServerAlias <%= scope.function_onion_global_service_hostname(['security.debian.org']) %>
23 ServerAlias security.backend.mirrors.debian.org
24 ServerAlias *.security.backend.mirrors.debian.org
25 ServerAlias security.anycast-test.mirrors.debian.org
29 ExpiresDefault "access plus 2 minutes"
31 Alias /debian-security /srv/ftp.root/debian-security
32 Use ftp-archive /srv/ftp.root/debian-security
35 RewriteRule ^/$ https://www.debian.org/security/
37 RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
38 RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
39 <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
40 RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
42 RewriteRule ^/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
43 RewriteCond %{HTTP:Fastly-Client-IP} !. [NV]
44 RewriteCond %{HTTP_USER_AGENT} "!Amazon CloudFront"
45 <% if scope.function_onion_global_service_hostname(['security.debian.org']) -%>
46 RewriteCond %{HTTP_HOST} "!=<%= scope.function_onion_global_service_hostname(['security.debian.org']) %>"
48 RewriteRule ^/debian-security/(pool/updates/main/l/linux/.*) http://security-cdn.debian.org/$1 [L,R=302]
50 CustomLog /var/log/apache2/security.debian.org-access.log privacy