X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ftemplates%2Fstatic-mirroring%2Fvhost%2Fstatic-vhosts-simple.erb;h=b9df97509ff7decf223ecf959dcdc4dc4916e4e8;hb=b529b139a60ea8355089511737c8264185d8d074;hp=7517f19d26ed58bb2594158c6a33cee913c31d14;hpb=11156c791adec21b9f4938e7ad49694a1b6d306b;p=mirror%2Fdsa-puppet.git
diff --git a/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb b/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb
index 7517f19d2..b9df97509 100644
--- a/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb
+++ b/modules/roles/templates/static-mirroring/vhost/static-vhosts-simple.erb
@@ -4,13 +4,17 @@
# deb.debian.org
<% if scope.function_has_static_component(['deb.debian.org']) -%>
+ ServerAlias httpredir.debian.org
+ ServerAlias cdn.debian.net
+ ServerAlias http.debian.net
+
Redirect /debian/ http://cdn-fastly.deb.debian.org/debian/
Redirect /debian-debug/ http://cdn-fastly.deb.debian.org/debian-debug/
Redirect /debian-ports/ http://cdn-fastly.deb.debian.org/debian-ports/
Redirect /debian-security/ http://cdn-fastly.deb.debian.org/debian-security/
- >
+ >
ServerName deb.debian.org
ErrorLog /var/log/apache2/deb.debian.org-error.log
@@ -29,11 +33,10 @@
AllowOverride FileInfo Indexes Options=Multiviews
Options Indexes SymLinksIfOwnerMatch
- IndexOptions FancyIndexing NameWidth=*
Require all granted
- Header set Surrogate-Key <%= hostname %>
+ Header set Surrogate-Key <%= @hostname %>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css
@@ -79,7 +82,6 @@
Require all granted
Options Indexes SymLinksIfOwnerMatch MultiViews
- IndexOptions FancyIndexing NameWidth=*
AddEncoding gzip .gz
FilterDeclare gzip CONTENT_SET
@@ -89,6 +91,10 @@
ForceType text/plain
AddDefaultCharset utf-8
+
+ ForceType text/html
+ AddDefaultCharset utf-8
+
@@ -96,7 +102,6 @@
AllowOverride FileInfo Indexes Options=Multiviews
Options Multiviews Indexes FollowSymLinks Includes
- IndexOptions FancyIndexing NameWidth=*
Require all granted
@@ -142,6 +147,11 @@
RewriteRule ^/source/([a-z0-9-]+)/?$ /${source-map:$1} [L,R,NE]
# Versioned request
RewriteRule ^/source/([a-z0-9-]+)/([a-zA-Z0-9.+:~-]+)$ /${source-map:$1/$2} [L,R,NE]
+
+ Header always set Content-Security-Policy "default-src 'self'; media-src 'none'; object-src 'none';"
+
+ Header always set Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline';"
+
<%=
@@ -191,9 +201,13 @@ vhost(lines, "wnpp-by-tags.debian.net" , :ssl => true)
vhost(lines, "security-team.debian.org" , :ssl => true)
vhost(lines, "d-i.debian.org" , :ssl => true)
vhost(lines, "appstream.debian.org" , :ssl => true)
+vhost(lines, "apt.buildd.debian.org" , :ssl => true)
+vhost(lines, "dpl.debian.org" , :ssl => true)
vhost(lines, "dsa.debian.org" , :ssl => true)
vhost(lines, "rtc.debian.org" , :ssl => true)
+vhost(lines, "mirror-master.debian.org" , :ssl => true)
vhost(lines, "onion.debian.org" , :ssl => true)
+vhost(lines, "manpages.debian.org" , :ssl => true, :extra => true)
vhost(lines, "bits.debian.org" , :ssl => true, :extra => true)
vhost(lines, "micronews.debian.org" , :ssl => true)
@@ -226,7 +240,7 @@ lines.join("\n")
# www.backports.org is the historical place for the backports
# website and archive. It is now a CNAME to backports.debian.org:
# redirect http requests.
- >
+ >
ServerName www.backports.org
ServerAlias lists.backports.org
ServerAdmin debian-admin@debian.org
@@ -234,27 +248,27 @@ lines.join("\n")
######################
- >
+ >
ServerName www.debian-ports.org
ServerAlias debian-ports.org
ServerAdmin debian-admin@debian.org
RedirectPermanent / https://www.ports.debian.org/
- >
+ >
ServerName ports.debian.org
ServerAlias ports.debian.net
ServerAdmin debian-admin@debian.org
RedirectPermanent / https://www.ports.debian.org/
- >
+ >
ServerName incoming.debian-ports.org
ServerAdmin debian-admin@debian.org
RedirectPermanent / http://incoming.ports.debian.org/
- >
+ >
ServerName ftp.debian-ports.org
ServerAdmin debian-admin@debian.org
RedirectPermanent /archive http://www.ports.debian.org
@@ -263,7 +277,7 @@ lines.join("\n")
RedirectPermanent / http://ftp.ports.debian.org/
- >
+ >
ServerName video.debian.net
ServerAdmin debian-admin@debian.org
Redirect / http://meetings-archive.debian.net/pub/debian-meetings/
@@ -272,7 +286,7 @@ lines.join("\n")
# historical sites
##################
# now only redirects remain
- >
+ >
ServerName women.debian.org
ServerAdmin debian-admin@debian.org
@@ -289,17 +303,29 @@ lines.join("\n")
RedirectPermanent /profiles/ http://www.debian.org/women/profiles/
- >
+ >
ServerName volatile.debian.org
ServerAlias volatile-master.debian.org
ServerAdmin debian-admin@debian.org
RedirectPermanent / http://www.debian.org/volatile/
- >
+ >
ServerName ftp-master.metadata.debian.org
ServerAdmin debian-admin@debian.org
RedirectPermanent / http://metadata.ftp-master.debian.org/
+ >
+ ServerName backports-master.debian.org
+ ServerAdmin debian-admin@debian.org
+ RedirectPermanent / https://backports.debian.org/
+
+
+ >
+ ServerName manpages.debian.net
+ ServerAdmin debian-admin@debian.org
+ Redirect / https://manpages.debian.org/
+
+
# vim:ft=apache: