# puppet maintained
+<Macro common-dsa-vhost-https-redirect $name>
+ <VirtualHost <%= vhost_listen %> >
+ ServerName $name
+ ServerAdmin debian-admin@lists.debian.org
+
+ CustomLog /var/log/apache2/$name-access.log privacy
+ ErrorLog /var/log/apache2/$name-error.log
+
+ Redirect permanent / https://$name/
+ </VirtualHost>
+</Macro>
+
+<Macro common-dsa-vhost-https-redirect-temp $name>
+ <VirtualHost <%= vhost_listen %> >
+ ServerName $name
+ ServerAdmin debian-admin@lists.debian.org
+
+ CustomLog /var/log/apache2/$name-access.log privacy
+ ErrorLog /var/log/apache2/$name-error.log
+
+ Redirect / https://$name/
+ </VirtualHost>
+</Macro>
<Macro common-static-base $name>
<IfModule mod_userdir.c>
DocumentRoot /srv/static.debian.org/mirrors/$name/cur
<Directory /srv/static.debian.org/mirrors/$name/cur>
- AllowOverride FileInfo
- Options Multiviews Indexes FollowSymLinks
+ AllowOverride FileInfo Indexes Options=Multiviews
+ Options Indexes SymLinksIfOwnerMatch
IndexOptions FancyIndexing NameWidth=*
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
- DefaultType text/plain
+ Header set Surrogate-Key <%= hostname %>
+
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
</Macro>
-<Macro common-static-vhost-with-extra $name $extra>
+
+
+<Macro common-static-vhost-with-extra $name $onion>
<Virtualhost <%= vhost_listen %> >
ServerName $name
+ ServerAlias $onion
ServerAdmin debian-admin@lists.debian.org
ErrorLog /var/log/apache2/$name-error.log
CustomLog /var/log/apache2/$name-access.log privacy
Use common-static-base $name
- $extra
+ Use vhost-$name-extra
</VirtualHost>
</Macro>
-<Macro common-static-vhost-publiclog $name>
- <Virtualhost <%= vhost_listen %> >
+<Macro common-static-vhost $name $onion>
+ <Macro vhost-$name-extra>
+ # mod macro does not like empty macros, so here's some content:
+ <Directory /non-existant>
+ </Directory>
+ </Macro>
+ Use common-static-vhost-with-extra $name $onion
+</Macro>
+
+
+<Macro common-static-vhost-ssl $name $onion>
+ Use common-dsa-vhost-https-redirect $name
+
+ <Virtualhost <%= vhost_listen_443 %> >
ServerName $name
ServerAdmin debian-admin@lists.debian.org
ErrorLog /var/log/apache2/$name-error.log
- CustomLog /var/log/apache2/$name-access.log privacy
- <IfModule mod_geoip.c>
- CustomLog /var/log/apache2/$name-public-access.log privacy+geo
- </IfModule>
+ CustomLog /var/log/apache2/$name-access.log privacyssl
+
+ Use common-debian-service-ssl $name
+ Use common-ssl-HSTS
Use common-static-base $name
</VirtualHost>
-</Macro>
-<Macro common-static-vhost $name>
- Use common-static-vhost-with-extra $name "# nada"
-</Macro>
+ <Virtualhost <%= vhost_listen %> >
+ ServerName $onion
+ ServerAdmin debian-admin@lists.debian.org
+ ErrorLog /var/log/apache2/$name-error.log
+ CustomLog /var/log/apache2/$name-access.log privacyssl
+
+ Use common-static-base $name
+ </VirtualHost>
+</Macro>
# vim:ft=apache:
projects / mirror / dsa-puppet.git / blobdiff