modules/roles/templates/apache-security-tracker.debian.org.conf.erb

   1 Use common-debian-service-https-redirect * security-tracker.debian.org
   2
   3 <VirtualHost *:443>
   4         ServerAdmin team@security.debian.org
   5         ServerName security-tracker.debian.org
   6
   7         Use common-debian-service-ssl security-tracker.debian.org
   8         Use common-ssl-HSTS
   9         Use http-pkp-security-tracker.debian.org
  10
  11         <IfModule mod_userdir.c>
  12                 UserDir disabled
  13         </IfModule>
  14
  15         <IfModule mod_cache_disk.c>
  16                 CacheEnable disk /
  17                 CacheMinExpire 600
  18                 # Keep serving stale entities for up to 10 seconds while
  19                 # they're being refreshed
  20                 CacheLock on
  21                 CacheLockPath /var/lock/apache2/mod_cache
  22                 CacheLockMaxAge 10
  23         </IfModule>
  24
  25         LogLevel warn
  26         ErrorLog /var/log/apache2/security-tracker.debian.org-error.log
  27         CustomLog /var/log/apache2/security-tracker.debian.org-access.log privacyssl
  28         ServerSignature On
  29
  30         RewriteEngine on
  31         RewriteRule ^/tracker(?:/|$)                    -                               [L]
  32         # The next rule matches favicon.ico, robots.txt etc.
  33         RewriteRule ^/[^./]+[.][a-z]{3}$                -                               [L]
  34         RewriteRule ^/((?:TEMP|CVE)[^/]+)$              /tracker/$1                     [R]
  35         RewriteRule ^/((?:old|un)?stable|testing)$      /tracker/status/release/$1      [R]
  36         RewriteRule ^/((?:old)?stable-backports)$       /tracker/status/release/$1      [R]
  37         RewriteRule ^/([a-z0-9.+-]+)$                   /tracker/$1                     [R]
  38         RewriteRule ^/+$                                /tracker/                       [R]
  39
  40         DocumentRoot /srv/security-tracker.debian.org/htdocs/security-tracker
  41         <Directory /srv/security-tracker.debian.org/htdocs/security-tracker>
  42                 AllowOverride none
  43                 Options +Indexes
  44                 Require all granted
  45         </Directory>
  46
  47         <DirectoryMatch "\.svn" >
  48                 Require all denied
  49         </DirectoryMatch>
  50
  51         # can't handle this CPU wise
  52         #<Location /tracker/data/json>
  53         #       SetOutputFilter DEFLATE
  54         #</Location>
  55
  56         ProxyRequests off
  57         ProxyPass /tracker http://localhost:25648/tracker retry=1
  58         ProxyPassReverse /tracker http://localhost:25648/tracker
  59
  60         ExpiresActive On
  61         ExpiresDefault "access plus 1 hour"
  62 </VirtualHost>
  63 # vim: set filetype=apache: