modules/roles/templates/apache-security-tracker.debian.org.conf.erb

   1 Use common-debian-service-https-redirect * security-tracker.debian.org
   2
   3 <VirtualHost *:443>
   4         ServerAdmin team@security.debian.org
   5         ServerName security-tracker.debian.org
   6
   7         Use common-debian-service-ssl security-tracker.debian.org
   8         Use common-ssl-HSTS
   9         Use http-pkp-security-tracker.debian.org
  10
  11         <IfModule mod_userdir.c>
  12                 UserDir disabled
  13         </IfModule>
  14
  15         <IfModule mod_cache_disk.c>
  16                 CacheEnable disk /
  17                 # Keep serving stale entities for up to 10 seconds while
  18                 # they're being refreshed
  19                 CacheLock on
  20                 CacheLockPath /var/lock/apache2/mod_cache
  21                 CacheLockMaxAge 10
  22         </IfModule>
  23
  24         LogLevel warn
  25         ErrorLog /var/log/apache2/security-tracker.debian.org-error.log
  26         CustomLog /var/log/apache2/security-tracker.debian.org-access.log privacyssl
  27         ServerSignature On
  28
  29         RewriteEngine on
  30         RewriteRule ^/tracker(?:/|$)                    -                               [L]
  31         # The next rule matches favicon.ico, robots.txt etc.
  32         RewriteRule ^/[^./]+[.][a-z]{3}$                -                               [L]
  33         RewriteRule ^/((?:TEMP|CVE)[^/]+)$              /tracker/$1                     [R]
  34         RewriteRule ^/((?:old|un)?stable|testing)$      /tracker/status/release/$1      [R]
  35         RewriteRule ^/((?:old)?stable-backports)$       /tracker/status/release/$1      [R]
  36         RewriteRule ^/([a-z0-9.+-]+)$                   /tracker/$1                     [R]
  37         RewriteRule ^/+$                                /tracker/                       [R]
  38
  39         DocumentRoot /srv/security-tracker.debian.org/htdocs/security-tracker
  40         <Directory /srv/security-tracker.debian.org/htdocs/security-tracker>
  41                 AllowOverride none
  42                 Options +Indexes
  43                 Require all granted
  44         </Directory>
  45
  46         <DirectoryMatch "\.svn" >
  47                 Require all denied
  48         </DirectoryMatch>
  49
  50         # can't handle this CPU wise
  51         #<Location /tracker/data/json>
  52         #       SetOutputFilter DEFLATE
  53         #</Location>
  54
  55         ProxyRequests off
  56         ProxyPass /tracker http://localhost:25648/tracker retry=1
  57         ProxyPassReverse /tracker http://localhost:25648/tracker
  58
  59         ExpiresActive On
  60         ExpiresDefault "access plus 1 hour"
  61 </VirtualHost>
  62 # vim: set filetype=apache: