### Master template
<%!
from invirt.config import structs as cfg
from invirt.config import safestructs as safecfg
%>
<%def name="invirt_ssl()">
DocumentRoot /var/www/invirt-web
Options Indexes FollowSymLinks MultiViews ExecCGI
AllowOverride None
Order allow,deny
allow from all
${caller.body()}
RewriteEngine On
RewriteRule ^/favicon.ico - [L]
RewriteRule ^/static(.*) - [L]
RewriteRule ^/overlord/static(.*) /static/$1 [L]
RewriteRule ^/admin/static(.*) /static/$1 [L]
% for rewrite in safecfg.web.ssl.rewriterules:
RewriteRule ^/${rewrite.rule} ${rewrite.target} [${rewrite.type}]
% endfor
RewriteRule ^/(.*) /var/www/invirt-web/auth.fcgi/$1 [L]
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 0
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
ServerSignature On
SSLEngine on
SSLCertificateFile ${cfg.web.ssl.cert}
SSLCertificateKeyFile ${cfg.web.ssl.key}
SSLCACertificateFile ${cfg.web.ssl.ca}
SSLVerifyDepth 10
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
% for redirect in safecfg.web.ssl.redirects:
Redirect /${redirect.rule} ${redirect.target}
% endfor
%def>
% for site in cfg.web.sites:
<%include file="../conf.invirt/${site}.mako" args="cfg=cfg, invirt_ssl=invirt_ssl" />
% endfor