73 lines
2.1 KiB
Django/Jinja
73 lines
2.1 KiB
Django/Jinja
<VirtualHost *:80>
|
|
ServerName {{ evoadmin_host }}
|
|
Redirect permanent / https://{{ evoadmin_host }}/
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
|
|
# FQDN principal
|
|
ServerName {{ evoadmin_host }}
|
|
#ServerAlias {{ evoadmin_host }}
|
|
|
|
# Repertoire principal
|
|
DocumentRoot {{ evoadmin_document_root }}/htdocs/
|
|
|
|
# SSL
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/certs/{{ evoadmin_host }}.crt
|
|
SSLCertificateKeyFile /etc/ssl/private/{{ evoadmin_host }}.key
|
|
SSLProtocol all -SSLv2 -SSLv3
|
|
|
|
# Propriete du repertoire
|
|
<Directory {{ evoadmin_document_root }}/htdocs/>
|
|
#Options Indexes SymLinksIfOwnerMatch
|
|
Options SymLinksIfOwnerMatch
|
|
AllowOverride AuthConfig Limit FileInfo
|
|
{% if evoadmin_htpasswd %}
|
|
Require all denied
|
|
Include /etc/apache2/ipaddr_whitelist.conf
|
|
AuthType Basic
|
|
AuthName "Restricted"
|
|
AuthUserFile "/var/www/.ansible_evoadmin_htpasswd"
|
|
Require valid-user
|
|
<IfModule security2_module>
|
|
SecRuleEngine Off
|
|
</IfModule>
|
|
{% else %}
|
|
Require all granted
|
|
{% endif %}
|
|
|
|
</Directory>
|
|
|
|
# user - group (thanks to sesse@debian.org)
|
|
AssignUserID www-evoadmin evoadmin
|
|
|
|
# LOG
|
|
CustomLog /var/log/apache2/access.log combined
|
|
CustomLog {{ evoadmin_log_dir }}/access.log combined
|
|
ErrorLog {{ evoadmin_log_dir }}/error.log
|
|
|
|
# AWSTATS
|
|
SetEnv AWSTATS_FORCE_CONFIG evoadmin
|
|
|
|
# REWRITE
|
|
UseCanonicalName On
|
|
RewriteEngine On
|
|
RewriteCond %{HTTP_HOST} !^{{ evoadmin_host }}$
|
|
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [L,R]
|
|
|
|
# PHP
|
|
#php_admin_flag engine off
|
|
#AddType text/html .html
|
|
#php_admin_flag display_errors On
|
|
#php_flag short_open_tag On
|
|
#php_flag register_globals On
|
|
#php_admin_value memory_limit 256M
|
|
#php_admin_value max_execution_time 60
|
|
#php_admin_value upload_max_filesize 8M
|
|
#php_admin_flag allow_url_fopen Off
|
|
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f www-evoadmin"
|
|
php_admin_value error_log "{{ evoadmin_home_dir }}/log/php.log"
|
|
php_admin_value open_basedir "none"
|
|
</VirtualHost>
|