--- /dev/null
+<VirtualHost 127.0.0.1:80 {{ virtual_host }}:80>
+ServerName {{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+</VirtualHost>
+
+<VirtualHost 127.0.0.1:80 {{ virtual_host }}:80>
+ServerName www.{{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+</VirtualHost>
+
+<VirtualHost 127.0.0.1:443 {{ virtual_host }}:443>
+ServerName {{ virtual_host }}
+
+DocumentRoot /home/phd/Internet/WWW/htdocs/{{ virtual_host }}
+ScriptAlias /cgi-bin /home/phd/Internet/WWW/cgi-bin/{{ virtual_host }}
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+
+<Directory /home/phd/Internet/WWW/htdocs/{{ virtual_host }}>
+Require all granted
+</Directory>
+
+<Directory /home/phd/Internet/WWW/cgi-bin/{{ virtual_host }}>
+Require all granted
+</Directory>
+
+<Location /Bookmarks>
+ErrorDocument 404 http://{{ virtual_host }}/Bookmarks/notfound.html
+</Location>
+
+<Location /Software/Python/m_librarian/docs>
+AddDefaultCharset utf-8
+</Location>
+
+<IfModule mod_proxy.c>
+<Proxy *>
+ Require all denied
+</Proxy>
+
+ProxyRequests Off
+</IfModule>
+
+SSLEngine on
+#Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
+#Header always set X-Content-Type-Options nosniff
+#Header always set X-Frame-Options DENY
+#SSLCipherSuite HIGH:MEDIUM:RSA:!EXP:!aNULL:!NULL:+SHA1:+HIGH:+MEDIUM:-LOW
+SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
+SSLCompression off
+SSLHonorCipherOrder On
+SSLOptions +StrictRequire
+SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+SSLProxyEngine off
+#SSLRandomSeed connect file:/dev/urandom 1024
+#SSLRandomSeed startup file:/dev/urandom 1024
+#SSLSessionCache shm:/var/log/apache2/ssl_cache_shm
+#SSLSessionCacheTimeout 600
+#SSLSessionTickets Off
+#SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
+#SSLUseStapling on
+SSLVerifyClient none
+
+SSLCACertificateFile /etc/apache2/ssl/CA.crt
+SSLCertificateFile /etc/apache2/ssl/{{ virtual_host }}.crt
+SSLCertificateKeyFile /etc/apache2/ssl/{{ virtual_host }}.key
+
+<Directory />
+ SSLRequireSSL
+</Directory>
+
+<Directory /home/phd/Internet/WWW/cgi-bin/{{ virtual_host }}>
+ SSLOptions +StdEnvVars
+</Directory>
+
+#<IfModule mime.c>
+# AddType application/x-x509-ca-cert .crt
+# AddType application/x-pkcs7-crl .crl
+#</IfModule>
+
+BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+# MSIE 7 and newer should be able to use keepalive
+BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+</VirtualHost>
+
+<VirtualHost 127.0.0.1:443 {{ virtual_host }}:443>
+ServerName www.{{ virtual_host }}
+Redirect permanent / https://{{ virtual_host }}/
+ErrorLog /var/log/apache2/{{ virtual_host }}/error_log
+CustomLog /var/log/apache2/{{ virtual_host }}/access_log common
+</VirtualHost>
--- /dev/null
+ServerAdmin phd@{{ inventory_hostname }}
+MaxConnectionsPerChild 10
+
+<IfModule prefork.c>
+StartServers 2
+MinSpareServers 2
+MaxSpareServers 5
+MaxRequestWorkers 20
+</IfModule>
+
+<IfModule threaded.c>
+StartServers 2
+MaxRequestWorkers 5
+MinSpareThreads 2
+MaxSpareThreads 10
+ThreadsPerChild 25
+</IfModule>
+
+<IfModule perchild.c>
+NumServers 2
+StartThreads 2
+MinSpareThreads 2
+MaxSpareThreads 10
+MaxThreadsPerChild 25
+</IfModule>
+
+User www-data
+Group www-data
+
+AddDefaultCharset koi8-r
+
+<Location /cgi-bin/printenv>
+ AuthType Basic
+ AuthName Apache
+ AuthUserFile /usr/local/apache2/data/apache.passwd
+ <RequireAll>
+ Require ip 127.0.0.1 {{ inventory_hostname }}
+ Require user phd
+ </RequireAll>
+</Location>
+
+<IfModule mod_cgid.c>
+Scriptsock data/cgisock
+</IfModule>
+
+<IfModule mod_dir.c>
+ DirectoryIndex index.shtml index.html index.htm
+</IfModule>
+
+<IfModule mod_mime.c>
+ AddHandler cgi-script .cgi
+</IfModule>
+
+<IfModule mod_include.c>
+ <Files *.shtml>
+ Options +IncludesNOEXEC
+ </Files>
+ AddType text/html .shtml
+ AddOutputFilter INCLUDES .shtml
+</IfModule>
+
+<IfModule mod_info.c>
+<Location /server-info>
+ SetHandler server-info
+ Require ip 127.0.0.1 {{ inventory_hostname }}
+</Location>
+</IfModule>
+
+<IfModule mod_status.c>
+<Location /server-status>
+ SetHandler server-status
+ Require ip 127.0.0.1 {{ inventory_hostname }}
+</Location>
+
+ExtendedStatus On
+</IfModule>
+
+<Location /printenv.shtml>
+ Require ip 127.0.0.1 {{ inventory_hostname }}
+</Location>
+
+<IfModule mod_env.c>
+SetEnv LC_CTYPE ru_RU.KOI8-R
+SetEnv LC_COLLATE ru_RU.KOI8-R
+</IfModule>
+
+<IfModule mod_proxy.c>
+<Proxy *>
+ Require ip 127.0.0.1
+</Proxy>
+
+ProxyRequests Off
+</IfModule>
+
+LanguagePriority ru en
+
+<IfModule mod_userdir.c>
+UserDir public_html
+</IfModule>
+
+<Directory /home>
+Options Indexes FollowSymLinks
+RemoveHandler .py
+</Directory>
+
+<Location /~phd/Bookmarks>
+ErrorDocument 404 /~phd/Bookmarks/notfound.html
+</Location>
+
+<VirtualHost {{ inventory_hostname }}:80>
+ServerName unknown.invalid
+DocumentRoot /home/phd/Internet/WWW/htdocs/_default_/
+ErrorDocument 404 /nothing.html
+
+<Directory /home/phd/Internet/WWW/htdocs/_default_/>
+Require all granted
+</Directory>
+</VirtualHost>
+
+<VirtualHost _default_:*>
+DocumentRoot /home/phd/Internet/WWW/htdocs/_default_/
+ErrorDocument 404 /nothing.html
+
+<Directory /home/phd/Internet/WWW/htdocs/_default_/>
+Require all granted
+</Directory>
+</VirtualHost>
+
+# non-SNI clients
+SSLStrictSNIVHostCheck off
projects / ansible.git / commitdiff