##
# Need to turn on negotiation_module
-<Directory <%= wwwdo_document_root %>/>
+<Directory <%= @wwwdo_document_root %>/>
Options +MultiViews +FollowSymLinks +Indexes
AddHandler type-map var
# Make sure that the srm.conf directive is commented out.
AddDefaultCharSet Off
AllowOverride AuthConfig FileInfo
+ Require all granted
# Serve icons as image/x-icon
AddType image/x-icon .ico
</Files>
</Directory>
-<VirtualHost <%= vhost_listen %> >
- ServerName www.nl.debian.org
+<Macro common-www-other.d.o>
+ ServerName debian.org
ServerAdmin webmaster@debian.org
- ServerAlias www.debian.com www.debian.de www.*.debian.org newwww.deb.at www.debian.net debian.net debian.org www.debian.at www.debian.eu debian.eu debian.com debian.us www.debian.us debian.gr www.debian.gr
- DocumentRoot <%= wwwdo_document_root %>/
- ErrorLog /var/log/apache2/www-other.debian.org-error.log
- CustomLog /var/log/apache2/www-other.debian.org-access.log privacy
- RewriteLog /var/log/apache2/www-other.debian.org-redirect.log
- RewriteLogLevel 1
- RewriteEngine on
- RewriteRule ^/(.*)$ http://www.debian.org/$1 [R=301,L]
-</VirtualHost>
+ ServerAlias www.debian.net
+ ServerAlias debian.net
+
+ ServerAlias www.debian.eu
+ ServerAlias debian.eu
+
+ ServerAlias www.debian.nl
+ ServerAlias debian.nl
+
+ ServerAlias www.debian.com
+ ServerAlias debian.com
+
+ ServerAlias debian.us
+ ServerAlias www.debian.us
+
+ ServerAlias debian.gr
+ ServerAlias www.debian.gr
+
+ ServerAlias www.debian.es
+ ServerAlias debian.es
+
+ ServerAlias www.debian.at
+
+ DocumentRoot <%= @wwwdo_document_root %>/
+ LogFormat "0.0.0.0 - %u %{[%d/%b/%Y:00:00:00 %z]}t \"%r\" %>s %b \"%{Referer}i\" \"-\" %V" privacy+host
+ ErrorLog /var/log/apache2/www-other.debian.org-error.log
+ CustomLog /var/log/apache2/www-other.debian.org-access.log privacy+host
+</Macro>
-<VirtualHost <%= vhost_listen %> >
- ServerName www.debian.org
+<Macro common-www.d.o-inner>
ServerAdmin webmaster@debian.org
- ServerAlias www-*.debian.org
- DocumentRoot <%= wwwdo_document_root %>/
- ErrorLog /var/log/apache2/www.debian.org-error.log
- CustomLog /var/log/apache2/www.debian.org-access.log privacy
+ DocumentRoot <%= @wwwdo_document_root %>/
# CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each
# document that was negotiated on the basis of content. This asks proxy
# this behavior, and proxies will be allowed to cache the documents.
CacheNegotiatedDocs On
+ # The UI for language selection in browsers is rarely used or known about
+ # by visitors so websites need to provide a way for visitors to influence
+ # content negotiation using the website itself in addition to the browser.
+ # Setting a cookie is the simplest option for us as the URLs don't change.
+ # The GDPR does not apply and to satisfy the EU cookie law we can include
+ # some explanatory text around the form that sets the cookie.
+ # The use of POST requests will ensure each cookie is only set explictly.
+ # Since Apache mod_rewrite cannot inspect POST data, we use URLs instead.
+ RewriteEngine on
+ RewriteCond %{REQUEST_METHOD} ^POST$
+ RewriteRule /intro/cn/setlang/([a-z]{2}(?:-[a-z]{2})?)/(.*) /$2 [last,redirect,cookie=lang:$1:%{HTTP_HOST}:40320:/:secure:]
+ RewriteCond %{REQUEST_METHOD} ^POST$
+ RewriteRule /intro/cn/unsetlang/(.*) /$1 [last,redirect,cookie=lang:invalid:%{HTTP_HOST}:-1:/:secure:]
+ SetEnvIf Cookie "lang=(.+)" prefer-language=$1
+ Header append Vary cookie
+
# Custom Error
ErrorDocument 404 /devel/website/errors/404
RewriteCond %{DOCUMENT_ROOT}/devel/website/errors/404.$2.html -f
RewriteRule ^/(?!devel/website/errors/)(.*/)?404\.(.+)\.html$ /devel/website/errors/404.$2.html [L]
# the joys of backwards compatibility
- RedirectPermanent /cgi-bin/cvsweb http://cvs.debian.org
- RedirectPermanent /Lists-Archives http://lists.debian.org
- RedirectPermanent /search http://search.debian.org
- RedirectPermanent /Packages http://packages.debian.org
- RedirectPermanent /lintian http://lintian.debian.org
+ Redirect /Lists-Archives https://lists.debian.org
+ Redirect /search https://search.debian.org
+ Redirect /Packages https://packages.debian.org
+ Redirect /lintian https://lintian.debian.org
- RedirectPermanent /SPI http://www.spi-inc.org
-# RedirectPermanent /OpenHardware http://www.openhardware.org
- RedirectPermanent /OpenSource http://www.opensource.org
-
- RedirectPermanent /Bugs/db/ix/pseudopackages.html /Bugs/pseudo-packages
- RewriteEngine on
- RewriteRule ^/Bugs/db/pa/l([^/]+).html$ http://bugs.debian.org/$1
- RewriteRule ^/Bugs/db/[[:digit:]][[:digit:]]/([[:digit:]][[:digit:]][[:digit:]]+).html$ http://bugs.debian.org/$1
- RewriteRule ^/Bugs/db/ma/l([^/]+).html$ http://bugs.debian.org/cgi-bin/pkgreport.cgi?maintenc=$1
+ Redirect /SPI https://www.spi-inc.org
+# Redirect /OpenHardware http://www.openhardware.org
+ Redirect /OpenSource https://opensource.org
+ Redirect /Bugs/db/ix/pseudopackages.html /Bugs/pseudo-packages
+ RewriteRule ^/Bugs/db/pa/l([^/]+).html$ https://bugs.debian.org/$1
+ RewriteRule ^/Bugs/db/[[:digit:]][[:digit:]]/([[:digit:]][[:digit:]][[:digit:]]+).html$ https://bugs.debian.org/$1
+ RewriteRule ^/Bugs/db/ma/l([^/]+).html$ https://bugs.debian.org/cgi-bin/pkgreport.cgi?maintenc=$1
<IfModule mod_userdir.c>
UserDir disabled
</IfModule>
- RedirectPermanent /devel/todo/ /devel/wnpp/help_requested_bypop
- RedirectPermanent /doc/FAQ /doc/manuals/debian-faq
- RedirectPermanent /doc/manuals/debian-fr-howto /doc/manuals/fr/debian-fr-howto
- RedirectPermanent /doc/manuals/reference /doc/manuals/debian-reference
- RedirectPermanent /doc/packaging-manuals/developers-reference /doc/manuals/developers-reference
- RedirectPermanent /doc/packaging-manuals/packaging-tutorial /doc/manuals/packaging-tutorial
- RedirectPermanent /doc/prospective-packages /devel/wnpp/
- RedirectPermanent /devel/maintainer_contacts /intro/organization
- RedirectPermanent /devel/debian-installer/gtk-frontend http://wiki.debian.org/DebianInstaller/GUI
- RedirectPermanent /zh/ /international/Chinese/
- RedirectPermanent /chinese/ /international/Chinese/
- RedirectPermanent /devel/help /devel/join/
- RedirectPermanent /distrib/books /doc/books
- RedirectPermanent /distrib/floppyinst /distrib/netinst
- RedirectPermanent /distrib/netboot /distrib/netinst
- RedirectPermanent /distrib/vendors /CD/vendors/
- RedirectPermanent /distrib/cd /CD/
- RedirectPermanent /distrib/cdinfo /CD/vendors/info
- RedirectPermanent /related_links /misc/related_links
- RedirectPermanent /ports/laptops /misc/laptops/
- RedirectPermanent /misc/README.mirrors /mirror/list
- RedirectPermanent /misc/README.non-US /mirror/list.non-US
- RedirectPermanent /intl /international
- RedirectPermanent /ports/armel /ports/arm
- RedirectPermanent /ports/armhf /ports/arm
- RedirectPermanent /ports/mipsel /ports/mips
- RedirectPermanent /ports/kfreebsd-amd64 /ports/kfreebsd-gnu
- RedirectPermanent /ports/kfreebsd-i386 /ports/kfreebsd-gnu
- RedirectPermanent /ports/sparc64 /ports/sparc
- RedirectPermanent /ports/s390x /ports/s390
- RedirectPermanent /mirror/mirrors_full.html /mirror/list-full.html
- RedirectPermanent /mirrors /mirror
- RedirectPermanent /News/project /News/weekly
- RedirectPermanent /releases/2.0 /releases/hamm
- RedirectPermanent /releases/2.1 /releases/slink
- RedirectPermanent /releases/2.2 /releases/potato
- RedirectPermanent /releases/3.0 /releases/woody
- RedirectPermanent /releases/3.1 /releases/sarge
- RedirectPermanent /releases/4.0 /releases/etch
- RedirectPermanent /releases/5.0 /releases/lenny
- RedirectPermanent /releases/6.0 /releases/squeeze
- RedirectPermanent /releases/7 /releases/wheezy
- RedirectPermanent /releases/8 /releases/jessie
- RedirectPermanent /releases/unstable /releases/sid
-
- RewriteRule ^/ports/freebsd(.*) /ports/kfreebsd-gnu/ [R=301]
- RewriteRule ^/devel/debian-installer/report-template(.*) /releases/stable/i386/ch05s04.html#submit-bug [NE,R=301]
- RewriteRule ^/devel/debian-installer/hooks(.*) http://d-i.alioth.debian.org/doc/internals/apb.html [R=301]
- RewriteRule ^/doc/packaging-manuals/mime-policy(.*) /doc/debian-policy/ch-opersys.html#s-mime [NE,R=301]
+ Redirect /devel/todo/ /devel/wnpp/help_requested_bypop
+ Redirect /doc/FAQ /doc/manuals/debian-faq
+ Redirect /doc/manuals/debian-fr-howto /doc/manuals/fr/debian-fr-howto
+ Redirect /doc/manuals/reference /doc/manuals/debian-reference
+ Redirect /doc/packaging-manuals/developers-reference /doc/manuals/developers-reference
+ Redirect /doc/packaging-manuals/packaging-tutorial /doc/manuals/packaging-tutorial
+ Redirect /doc/prospective-packages /devel/wnpp/
+ Redirect /devel/maintainer_contacts /intro/organization
+ Redirect /devel/debian-installer/gtk-frontend https://wiki.debian.org/DebianInstaller/GUI
+ Redirect /zh/ /international/Chinese/
+ Redirect /chinese/ /international/Chinese/
+ Redirect /devel/help /devel/join/
+ Redirect /distrib/books /doc/books
+ Redirect /distrib/floppyinst /distrib/netinst
+ Redirect /distrib/netboot /distrib/netinst
+ Redirect /distrib/vendors /CD/vendors/
+ Redirect /distrib/cd /CD/
+ Redirect /distrib/cdinfo /CD/vendors/info
+ Redirect /related_links /misc/related_links
+ Redirect /ports/laptops /misc/laptops/
+ Redirect /misc/README.mirrors /mirror/list
+ Redirect /misc/README.non-US /mirror/list.non-US
+ Redirect /misc/awards /News/awards
+ Redirect /misc/bsd.license https://opensource.org/licenses/BSD-3-Clause
+ Redirect /misc/laptops https://wiki.debian.org/InstallingDebianOn
+ Redirect /misc/memberships /intro/organization#memberships
+ Redirect /misc/merchandise /events/merchandise
+ Redirect /intl /international
+ Redirect /ports/armel /ports/arm
+ Redirect /ports/armhf /ports/arm
+ Redirect /ports/arm64 /ports/arm
+ Redirect /ports/mipsel /ports/mips
+ Redirect /ports/mips64el /ports/mips
+ Redirect /ports/kfreebsd-amd64 /ports/kfreebsd-gnu
+ Redirect /ports/kfreebsd-i386 /ports/kfreebsd-gnu
+ Redirect /ports/sparc64 /ports/sparc
+ Redirect /ports/s390x /ports/s390
+ Redirect /ports/ppc64 /ports/powerpc
+ Redirect /ports/ppc64el /ports/powerpc
+ Redirect /ports/powerpcspe /ports/powerpc
+ Redirect /ports/riscv64 https://wiki.debian.org/RISC-V
+ Redirect /ports/x32 https://wiki.debian.org/X32Port
+ Redirect /ports/sh4 https://wiki.debian.org/SH4
+ Redirect /mirror/official_sponsors /mirror/sponsors
+ Redirect /mirror/official /mirror/list
+ Redirect /mirror/mirrors_full.html /mirror/list-full.html
+ Redirect /mirrors /mirror
+ Redirect /News/project /News/weekly
+ Redirect /releases/2.0 /releases/hamm
+ Redirect /releases/2.1 /releases/slink
+ Redirect /releases/2.2 /releases/potato
+ Redirect /releases/3.0 /releases/woody
+ Redirect /releases/3.1 /releases/sarge
+ Redirect /releases/4.0 /releases/etch
+ Redirect /releases/5.0 /releases/lenny
+ Redirect /releases/6.0 /releases/squeeze
+ Redirect /releases/7 /releases/wheezy
+ Redirect /releases/8 /releases/jessie
+ Redirect /releases/9 /releases/stretch
+ Redirect /releases/10 /releases/buster
+ Redirect /releases/unstable /releases/sid
+ Redirect /support/ /support
+
+# Upper-case URLs were a bad idea
+ Redirect /bugs /Bugs
+ Redirect /news /News
+ Redirect /mailinglists /MailingLists
+ Redirect /cd /CD
+
+ RewriteRule ^/ports/freebsd(.*) /ports/kfreebsd-gnu/ [R]
+ RewriteRule ^/devel/debian-installer/report-template(.*) /releases/stable/i386/ch05s04.html#submit-bug [NE,R]
+ RewriteRule ^/devel/debian-installer/hooks(.*) https://d-i.alioth.debian.org/doc/internals/apb.html [R]
+ RewriteRule ^/doc/packaging-manuals/mime-policy(.*) /doc/debian-policy/ch-opersys.html#s-mime [NE,R]
RewriteRule ^/volatile/index.* - [S=1]
- RewriteRule ^/volatile/.+ /volatile/ [L,R=301]
- RewriteRule ^/devel/debian-volatile/.* /volatile/ [R=301]
+ RewriteRule ^/volatile/.+ /volatile/ [L,R]
+ RewriteRule ^/devel/debian-volatile/.* /volatile/ [R]
# Offer a Redirect to DSA without knowing year #474730
- RewriteMap dsa txt:<%= wwwdo_document_root %>/security/map-dsa.txt
- RewriteRule ^/security/dsa-(\d+)(\..*)? /security/${dsa:$1}$2 [R=301]
+ RewriteMap dsa txt:<%= @wwwdo_document_root %>/security/map-dsa.txt
+ RewriteRule ^/security/dsa-(\d+)(\..*)? /security/${dsa:$1}$2 [R]
# Compatibility after SGML -> DocBook
# Debian Reference #624239
- RewriteMap reference txt:<%= wwwdo_document_root %>/doc/map-reference.txt
+ RewriteMap reference txt:<%= @wwwdo_document_root %>/doc/map-reference.txt
RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/ch-support$1 !-f
- RewriteRule ^/doc/manuals/debian-reference/ch-support(.*) /support$1 [L,R=301]
+ RewriteRule ^/doc/manuals/debian-reference/ch-support(.*) /support$1 [L,R]
RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/${reference:$1}$2 -f
- RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)(.+) /doc/manuals/debian-reference/${reference:$1}$2 [L,R=301]
- RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)$ /doc/manuals/debian-reference/${reference:$1} [R=301]
+ RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)(.+) /doc/manuals/debian-reference/${reference:$1}$2 [L,R]
+ RewriteRule ^/doc/manuals/debian-reference/ch-([^\.]+)$ /doc/manuals/debian-reference/${reference:$1} [R]
RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/apa$1 -f
- RewriteRule ^/doc/manuals/debian-reference/ap-appendix(.+) /doc/manuals/debian-reference/apa$1 [L,R=301]
- RewriteRule ^/doc/manuals/debian-reference/ap-appendix$ /doc/manuals/debian-reference/apa [R=301]
+ RewriteRule ^/doc/manuals/debian-reference/ap-appendix(.+) /doc/manuals/debian-reference/apa$1 [L,R]
+ RewriteRule ^/doc/manuals/debian-reference/ap-appendix$ /doc/manuals/debian-reference/apa [R]
RewriteCond %{DOCUMENT_ROOT}/doc/manuals/debian-reference/footnotes$1 !-f
- RewriteRule ^/doc/manuals/debian-reference/footnotes(.+) /doc/manuals/debian-reference/index$1 [L,R=301]
- RewriteRule ^/doc/manuals/debian-reference/footnotes$ /doc/manuals/debian-reference/ [R=301]
+ RewriteRule ^/doc/manuals/debian-reference/footnotes(.+) /doc/manuals/debian-reference/index$1 [L,R]
+ RewriteRule ^/doc/manuals/debian-reference/footnotes$ /doc/manuals/debian-reference/ [R]
+
+# DevRef filename changes c2016
+ RedirectMatch ^(/doc/manuals/developers-reference)/scope(\.[a-z]{2})?.html $1/ch01$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/new-maintainer(\.[a-z]{2})?.html $1/ch02$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/developer-duties(\.[a-z]{2})?.html $1/ch03$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/resources(\.[a-z]{2})?.html $1/ch04$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/pkgs(\.[a-z]{2})?.html $1/ch05$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/best-pkging-practices(\.[a-z]{2})?.html $1/ch06$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/beyond-pkging(\.[a-z]{2})?.html $1/ch07$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/l10n(\.[a-z]{2})?.html $1/ch08$2.html
+ RedirectMatch ^(/doc/manuals/developers-reference)/tools(\.[a-z]{2})?.html $1/apa$2.html
+
# New Maintainers' Guide
- RewriteRule ^/doc/(manuals/)?maint-guide/ch-(.*) /doc/manuals/maint-guide/$2 [R=301]
- RewriteRule ^/doc/(manuals/)?maint-guide/footnotes(.*) /doc/manuals/maint-guide/index$2 [R=301]
+ RewriteRule ^/doc/(manuals/)?maint-guide/ch-(.*) /doc/manuals/maint-guide/$2 [R]
+ RewriteRule ^/doc/(manuals/)?maint-guide/footnotes(.*) /doc/manuals/maint-guide/index$2 [R]
+
+# Compatibility after Debian Policy changed to build with Sphinx (bug #877367)
+ RewriteRule ^/doc/debian-policy/footnotes.html(.*) /doc/debian-policy/ [R,L]
# Canonical place for manuals under /doc/manuals/
RewriteCond %{DOCUMENT_ROOT}/doc/manuals/$1 -d
- RewriteRule ^/doc/([^/]+)/?(.*)? /doc/manuals/$1/$2 [L,R=301]
+ RewriteRule ^/doc/([^/]+)/?(.*)? /doc/manuals/$1/$2 [L,R]
+ RewriteRule ^/doc/manuals/?$ /doc/ [L,R]
+
+# Relocation of blends pages
+ RewriteRule ^/devel/hamradio(.*)$ /blends/hamradio$1 [R,L]
+
+# Relocation of derivatives pages
+ RewriteRule ^/misc/children-distros(?:\.html)?$ /derivatives/ [R,L]
+ RewriteRule ^/misc/children-distros(\.[^\.]+(?:\.html)?)$ /derivatives/index$1 [R,L]
+# Relocation of memberships information
+ RewriteRule ^/misc/memberships(?:\.html)?$ /intro/organization$1#memberships [R,L]
+ RewriteRule ^/misc/memberships(\.[^\.]+(?:\.html)?)$ /intro/organization$1#memberships [R,L]
+</Macro>
+
+<Macro common-www.d.o>
+ ServerName <%= @wwwdo_server_name %>
+
+ Use common-www.d.o-inner
+</Macro>
+
+
+<VirtualHost <%= @vhost_listen %> >
+ ErrorLog /var/log/apache2/www.debian.org-error.log
+ CustomLog /var/log/apache2/www.debian.org-access.log privacy
+
+ ServerName <%= @wwwdo_server_name %>
+ Redirect / https://<%= @wwwdo_server_name %>/
</VirtualHost>
+<VirtualHost <%= @vhost_listen_443 %> >
+ ErrorLog /var/log/apache2/www.debian.org-error.log
+ CustomLog /var/log/apache2/www.debian.org-access.log privacyssl
+ Use common-www.d.o
-<VirtualHost <%= vhost_listen %> >
- ServerName volatile.debian.org
- ServerAlias volatile-master.debian.org
- ServerAdmin webmaster@debian.org
- ErrorLog /var/log/apache2/volatile.debian.org-error.log
- CustomLog /var/log/apache2/volatile.debian.org-access.log privacy
- RedirectMatch permanent . http://www.debian.org/volatile/
+ Use common-debian-service-ssl <%= @wwwdo_server_name %>
+ Use common-ssl-HSTS
+</VirtualHost>
+<% if scope.function_onion_global_service_hostname([@wwwdo_server_name]) -%>
+<VirtualHost <%= @vhost_listen %> >
+ ErrorLog /var/log/apache2/www.debian.org-error.log
+ CustomLog /var/log/apache2/www.debian.org-access.log privacy
+
+ ServerName <%= scope.function_onion_global_service_hostname([@wwwdo_server_name]) %>
+
+ Use common-www.d.o-inner
+</VirtualHost>
+<% end %>
+
+
+<%- if @redirect_vhosts -%>
+# www other
+###########
+<VirtualHost <%= @vhost_listen %> >
+ Use common-www-other.d.o
+
+ ErrorLog /var/log/apache2/www-other.debian.org-error.log
+ CustomLog /var/log/apache2/www-other.debian.org-access.log privacy
+
+ Redirect / https://www.debian.org/
+</VirtualHost>
+<VirtualHost <%= @vhost_listen_443 %> >
+ Use common-www-other.d.o
+
+ CustomLog /var/log/apache2/www-other-access.log privacyssl
+ ErrorLog /var/log/apache2/www-other-error.log
+
+ # Legacy GPG versions (including 2.2.12 in buster/Debian 10) use the "direct method" instead
+ # of the "advanced method" which should be tried first according to the draft
+ # https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
+ # also cf. RT#7828
+ Redirect /.well-known/openpgpkey/ https://openpgpkey.debian.org/.well-known/openpgpkey/debian.org/
+
+ Redirect / https://www.debian.org/
+
+ Use common-debian-service-ssl debian.org
+ Use common-ssl-HSTS
</VirtualHost>
+<%- end -%>
+# vim:set syn=apache:
projects / mirror / dsa-puppet.git / blobdiff