X-Git-Url: https://git.phdru.name/?a=blobdiff_plain;ds=inline;f=playbooks%2Fdebian%2Froles%2Fadd_apache_vhost%2Ftemplates%2Fvhost.conf;fp=playbooks%2Fdebian%2Froles%2Fadd_apache_vhost%2Ftemplates%2Fvhost.conf;h=2f3dd5b054efac6c798f6db48ce4c08ce47437e5;hb=64f279e592bc291ea76ff9e2246f1fc1760c6e83;hp=0000000000000000000000000000000000000000;hpb=98b5772b5f281a610dad37a8c4d45c63fa6ebcb8;p=ansible.git
diff --git a/playbooks/debian/roles/add_apache_vhost/templates/vhost.conf b/playbooks/debian/roles/add_apache_vhost/templates/vhost.conf
new file mode 100644
index 0000000..2f3dd5b
--- /dev/null
+++ b/playbooks/debian/roles/add_apache_vhost/templates/vhost.conf
@@ -0,0 +1,96 @@
+
+ServerName {{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+
+
+
+ServerName www.{{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+
+
+
+ServerName {{ virtual_host }}
+
+DocumentRoot /home/phd/Internet/WWW/htdocs/{{ virtual_host }}
+ScriptAlias /cgi-bin /home/phd/Internet/WWW/cgi-bin/{{ virtual_host }}
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+
+
+Require all granted
+
+
+
+Require all granted
+
+
+
+ErrorDocument 404 http://{{ virtual_host }}/Bookmarks/notfound.html
+
+
+
+AddDefaultCharset utf-8
+
+
+
+
+ Require all denied
+
+
+ProxyRequests Off
+
+
+SSLEngine on
+#Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+#Header always set X-Content-Type-Options nosniff
+#Header always set X-Frame-Options DENY
+#SSLCipherSuite HIGH:MEDIUM:RSA:!EXP:!aNULL:!NULL:+SHA1:+HIGH:+MEDIUM:-LOW
+SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
+SSLCompression off
+SSLHonorCipherOrder On
+SSLOptions +StrictRequire
+SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLProxyEngine off
+#SSLRandomSeed connect file:/dev/urandom 1024
+#SSLRandomSeed startup file:/dev/urandom 1024
+#SSLSessionCache shm:/var/log/apache2/ssl_cache_shm
+#SSLSessionCacheTimeout 600
+#SSLSessionTickets Off
+#SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
+#SSLUseStapling on
+SSLVerifyClient none
+
+SSLCACertificateFile /etc/apache2/ssl/CA.crt
+SSLCertificateFile /etc/apache2/ssl/{{ virtual_host }}.crt
+SSLCertificateKeyFile /etc/apache2/ssl/{{ virtual_host }}.key
+
+
+ SSLRequireSSL
+
+
+
+ SSLOptions +StdEnvVars
+
+
+#
+# AddType application/x-x509-ca-cert .crt
+# AddType application/x-pkcs7-crl .crl
+#
+
+BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+# MSIE 7 and newer should be able to use keepalive
+BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+
+
+ServerName www.{{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+