modules/roles/files/debconf_wafer/debconf19.debconf.org

   1 # do not modify - this file is maintained via puppet
   2
   3 AddType application/font-woff2 .woff2
   4
   5 Use common-debian-service-https-redirect * debconf19.debconf.org
   6
   7 WSGIDaemonProcess debconf19 \
   8   processes=3 threads=2 \
   9   user=www-data group=debconf-web maximum-requests=750 umask=0007 display-name=wsgi-debconf19.debconf.org \
  10   python-path=/srv/debconf-web/debconf19.debconf.org/dc19.dc.o/:/srv/debconf-web/debconf19.debconf.org/dc19.dc.o/ve/lib/python3.5/site-packages/
  11
  12 <VirtualHost *:443>
  13   ServerAdmin admin@debconf.org
  14   ServerName debconf19.debconf.org
  15
  16   ErrorLog  /var/log/apache2/debconf19.debconf.org-error.log
  17   CustomLog /var/log/apache2/debconf19.debconf.org-access.log combined
  18
  19   Use common-debian-service-ssl debconf19.debconf.org
  20   Use common-ssl-HSTS
  21
  22   Header always set Referrer-Policy "same-origin"
  23   Header always set X-Content-Type-Options nosniff
  24   Header always set X-XSS-Protection "1; mode=block"
  25 #  Header always set Access-Control-Allow-Origin: "*"
  26
  27   # Debian SSO
  28   SSLCACertificateFile /var/lib/dsa/sso/ca.crt
  29   SSLCARevocationCheck chain
  30   SSLCARevocationFile /var/lib/dsa/sso/ca.crl
  31
  32   WSGIProcessGroup debconf19
  33   WSGIScriptAlias / /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/wsgi.py
  34   WSGIPassAuthorization On
  35
  36   <Directory /srv/debconf-web/debconf19.debconf.org/dc19.dc.o>
  37     <Files wsgi.py>
  38       Require all granted
  39     </Files>
  40   </Directory>
  41
  42   Alias /static/ /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/localstatic/
  43   Alias /favicon.ico /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/localstatic/img/favicon/favicon.ico
  44   <Directory /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/localstatic/>
  45     Require all granted
  46
  47     # A little hacky, but it means we won't accidentally catch non-hashed filenames
  48     <FilesMatch ".*\.[0-9a-f]{12}\.[a-z0-9]{2,5}$">
  49       ExpiresActive on
  50       ExpiresDefault "access plus 1 year"
  51     </FilesMatch>
  52   </Directory>
  53
  54   Alias /media/ /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/media/
  55   <Directory /srv/debconf-web/debconf19.debconf.org/dc19.dc.o/media/>
  56     Require all granted
  57   </Directory>
  58
  59   <Location /accounts/debian-login>
  60     SSLOptions +StdEnvVars
  61     # Allow access if one does not have a valid certificate
  62     SSLVerifyClient optional
  63   </Location>
  64 </VirtualHost>
  65
  66 # vim: set ft=apache: