ServerName {{ ansible_fqdn }}
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
SSLEngine on
SSLCertificateFile /etc/ssl/certs/{{ ansible_fqdn }}.crt
SSLCertificateKeyFile /etc/ssl/private/{{ ansible_fqdn }}.key
SSLProtocol all -SSLv2 -SSLv3
# Redirect to HTTPS, execpt for server-status, because Munin plugin
# can't handle HTTPS! :(
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/server-status.*$ [NC]
RewriteCond %{REQUEST_URI} !^/munin_opcache.php$ [NC]
RewriteRule ^/(.*) https://{{ ansible_fqdn }}/$1 [L,R=permanent]
Options FollowSymLinks
AllowOverride None
Deny from all
Include /etc/apache2/private_ipaddr_whitelist.conf
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Deny from all
Allow from 127.0.0.1
Include /etc/apache2/private_ipaddr_whitelist.conf
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
ErrorDocument 403 {{ evolinux_default_www_redirect_url }}
CustomLog /var/log/apache2/access.log vhost_combined
ErrorLog /var/log/apache2/error.log
LogLevel warn
Alias /munin /var/cache/munin/www
Alias /phpmyadmin-SED_RANDOM /usr/share/phpmyadmin/
IncludeOptional /etc/apache2/conf-available/phpmyadmin*
deny from all