ServerName {{ ansible_fqdn }} ServerAdmin webmaster@localhost DocumentRoot /var/www/ SSLEngine on SSLCertificateFile /etc/ssl/certs/{{ ansible_fqdn }}.crt SSLCertificateKeyFile /etc/ssl/private/{{ ansible_fqdn }}.key SSLProtocol all -SSLv2 -SSLv3 # Redirect to HTTPS, execpt for server-status, because Munin plugin # can't handle HTTPS! :( RewriteEngine on RewriteCond %{REQUEST_URI} !^/server-status.*$ [NC] RewriteCond %{REQUEST_URI} !^/munin_opcache.php$ [NC] RewriteRule ^/(.*) https://{{ ansible_fqdn }}/$1 [L,R=permanent] Options FollowSymLinks AllowOverride None Deny from all Include /etc/apache2/private_ipaddr_whitelist.conf Options Indexes FollowSymLinks MultiViews AllowOverride None Deny from all Allow from 127.0.0.1 Include /etc/apache2/private_ipaddr_whitelist.conf ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch ErrorDocument 403 {{ evolinux_default_www_redirect_url }} CustomLog /var/log/apache2/access.log vhost_combined ErrorLog /var/log/apache2/error.log LogLevel warn Alias /munin /var/cache/munin/www Alias /phpmyadmin-SED_RANDOM /usr/share/phpmyadmin/ IncludeOptional /etc/apache2/conf-available/phpmyadmin* deny from all