1 | ### Master template |
---|
2 | <%! |
---|
3 | from invirt.config import structs as cfg |
---|
4 | from invirt.config import safestructs as safecfg |
---|
5 | %> |
---|
6 | <%def name="invirt_ssl()"> |
---|
7 | DocumentRoot /var/www/invirt-web |
---|
8 | <Directory /var/www/invirt-web> |
---|
9 | Options Indexes FollowSymLinks MultiViews ExecCGI |
---|
10 | AllowOverride None |
---|
11 | Order allow,deny |
---|
12 | allow from all |
---|
13 | </Directory> |
---|
14 | <Location /> |
---|
15 | ${caller.body()} |
---|
16 | </Location> |
---|
17 | |
---|
18 | RewriteEngine On |
---|
19 | RewriteRule ^/favicon.ico - [L] |
---|
20 | RewriteRule ^/static(.*) - [L] |
---|
21 | RewriteRule ^/overlord/static(.*) /static/$1 [L] |
---|
22 | RewriteRule ^/admin/static(.*) /static/$1 [L] |
---|
23 | |
---|
24 | % for rewrite in safecfg.web.ssl.rewriterules: |
---|
25 | RewriteRule ^/${rewrite.rule} ${rewrite.target} [${rewrite.type}] |
---|
26 | % endfor |
---|
27 | RewriteRule ^/(.*) /var/www/invirt-web/auth.fcgi/$1 [L] |
---|
28 | |
---|
29 | RewriteLog /var/log/apache2/rewrite.log |
---|
30 | RewriteLogLevel 0 |
---|
31 | |
---|
32 | ErrorLog /var/log/apache2/error.log |
---|
33 | |
---|
34 | # Possible values include: debug, info, notice, warn, error, crit, |
---|
35 | # alert, emerg. |
---|
36 | LogLevel warn |
---|
37 | |
---|
38 | CustomLog /var/log/apache2/ssl_access.log combined |
---|
39 | ServerSignature On |
---|
40 | |
---|
41 | SSLEngine on |
---|
42 | |
---|
43 | SSLCertificateFile ${cfg.web.ssl.cert} |
---|
44 | SSLCertificateKeyFile ${cfg.web.ssl.key} |
---|
45 | |
---|
46 | SSLCACertificateFile ${cfg.web.ssl.ca} |
---|
47 | SSLVerifyDepth 10 |
---|
48 | |
---|
49 | SSLOptions +StdEnvVars |
---|
50 | |
---|
51 | SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 |
---|
52 | % for redirect in safecfg.web.ssl.redirects: |
---|
53 | Redirect /${redirect.rule} ${redirect.target} |
---|
54 | % endfor |
---|
55 | </%def> |
---|
56 | |
---|
57 | % for site in cfg.web.sites: |
---|
58 | <%include file="../conf.invirt/${site}.mako" args="cfg=cfg, invirt_ssl=invirt_ssl" /> |
---|
59 | % endfor |
---|