apache: use mod-macro to reduce the code duplication. This should also fix some redirection issues. Moreover, this cleans the code

1 files changed, 32 insertions, 111 deletions

diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net
index a0f843d5..48feec5a 100644
--- a/etc/apache2/sites-available/jenkins.debian.net
+++ b/etc/apache2/sites-available/jenkins.debian.net
@@ -1,14 +1,23 @@
 NameVirtualHost *:80
-<VirtualHost *:80>
-	RewriteEngine On
-	RewriteCond %{HTTPS} !=on
-	RewriteCond %{REMOTE_ADDR} !127.0.0.1
-	RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+NameVirtualHost *:443
+
+<Macro common-debian-service-https-redirect $name>
+	<VirtualHost *:80>
+		ServerName $name
+		ServerAdmin holger@layer-acht.org
+		CustomLog /var/log/apache2/access.log combined
+		ErrorLog /var/log/apache2/error.log
+		Redirect permanent / https://$name/
+	</VirtualHost>
+</Macro>
+
+<Macro common-directives $name>
+	SSLEngine on
+	SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
 
-	ServerName jenkins.debian.net
+	ServerName $name
 	ServerAdmin holger@layer-acht.org
 
-	DocumentRoot /var/www
 	<Directory />
 		Options FollowSymLinks
 		AllowOverride None
@@ -18,28 +27,21 @@ NameVirtualHost *:80
 		AllowOverride None
 		Order allow,deny
 		allow from all
+		AddType text/plain .log
 	</Directory>
-
-	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
-	<Directory "/usr/lib/cgi-bin">
+	<Directory /var/lib/jenkins/userContent>
+		Options Indexes FollowSymLinks MultiViews
 		AllowOverride None
-		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
 		Order allow,deny
-		Allow from all
-		SSLOptions +StdEnvVars
+		allow from all
+		AddType text/plain .log
 	</Directory>
 
+	RewriteEngine on
 	ProxyRequests Off
-	<Proxy *>
-		Order deny,allow
-		Allow from all
-	</Proxy>
-	ProxyPreserveHost on
-	AllowEncodedSlashes NoDecode
-	ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
-	ProxyPass /server-status !
-	ProxyPass / http://localhost:8080/
-	ProxyPassReverse / http://localhost:8080/ nocanon
+
+	RequestHeader set X-Forwarded-Proto "https"
+	RequestHeader set X-Forwarded-Port "443"
 
 	ErrorLog ${APACHE_LOG_DIR}/error.log
 
@@ -48,50 +50,19 @@ NameVirtualHost *:80
 	LogLevel warn
 
 	CustomLog ${APACHE_LOG_DIR}/access.log combined
-</VirtualHost>
+</Macro>
+
+
+Use common-debian-service-https-redirect jenkins.debian.net
+Use common-debian-service-https-redirect reproducible.debian.net
 
-NameVirtualHost *:443
 <VirtualHost *:443>
-	SSLEngine on
+	Use common-directives jenkins.debian.net
 	SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem
-	SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
-
-	ServerName jenkins.debian.net
-	ServerAdmin holger@layer-acht.org
 
 	DocumentRoot /var/www
-	<Directory />
-		Options FollowSymLinks
-		AllowOverride None
-	</Directory>
-	<Directory /var/www/>
-		Options Indexes FollowSymLinks MultiViews
-		AllowOverride None
-		Order allow,deny
-		allow from all
-		AddType text/plain .log
-	</Directory>
-
-	Alias /userContent /var/lib/jenkins/userContent
-	<Directory /var/lib/jenkins/userContent>
-		Options Indexes FollowSymLinks MultiViews
-		AllowOverride None
-		Order allow,deny
-		allow from all
-		AddType text/plain .log
-	</Directory>
-
-	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
-	<Directory "/usr/lib/cgi-bin">
-		AllowOverride None
-		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
-		Order allow,deny
-		Allow from all
-		SSLOptions +StdEnvVars
-	</Directory>
 
 	# allow certain params only from alioth (token is used to trigger builds)
-	RewriteEngine on
 	RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
 	# this is git.d.o which is really moszumanska.d.o
 	# etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this...
@@ -126,7 +97,6 @@ NameVirtualHost *:443
 	RewriteCond %{REQUEST_URI} ^/userContent/rbuild/
 	RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R=301,L]
 
-	ProxyRequests Off
 	<Proxy *>
 		Order deny,allow
 		Allow from all
@@ -144,50 +114,14 @@ NameVirtualHost *:443
 	ProxyPass /userContent !
 	ProxyPass / http://localhost:8080/ nocanon
 	ProxyPassReverse  / http://localhost:8080/
-
-	RequestHeader set X-Forwarded-Proto "https"
-	RequestHeader set X-Forwarded-Port "443"
-
-	ErrorLog ${APACHE_LOG_DIR}/error.log
-
-	# Possible values include: debug, info, notice, warn, error, crit,
-	# alert, emerg.
-	LogLevel warn
-
-	CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
 
 
 <VirtualHost *:443>
-	SSLEngine on
+	Use common-directives reproducible.debian.net
 	SSLCertificateFile /etc/apache2/ssl/reproducible.debian.net.pem
-	SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
-
-	ServerName reproducible.debian.net
-	ServerAdmin holger@layer-acht.org
 
 	DocumentRoot /var/lib/jenkins/userContent
-	<Directory />
-		Options FollowSymLinks
-		AllowOverride None
-	</Directory>
-
-	<Directory /var/lib/jenkins/userContent>
-		Options Indexes FollowSymLinks MultiViews
-		AllowOverride None
-		Order allow,deny
-		allow from all
-		AddType text/plain .log
-	</Directory>
-
-	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
-	<Directory "/usr/lib/cgi-bin">
-		AllowOverride None
-		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
-		Order allow,deny
-		Allow from all
-		SSLOptions +StdEnvVars
-	</Directory>
 
 	RewriteCond %{HTTP_HOST} reproducible\.debian\.net
 	RewriteCond %{REQUEST_URI} ^/$
@@ -198,17 +132,4 @@ NameVirtualHost *:443
 	RewriteCond %{REQUEST_FILENAME} !-d
 	RewriteCond %{REQUEST_URI} ^/userContent
 	RewriteRule ^/userContent/(.*)$ /$1 [R=301,L]
-
-	ProxyRequests Off
-
-	RequestHeader set X-Forwarded-Proto "https"
-	RequestHeader set X-Forwarded-Port "443"
-
-	ErrorLog ${APACHE_LOG_DIR}/error.log
-
-	# Possible values include: debug, info, notice, warn, error, crit,
-	# alert, emerg.
-	LogLevel warn
-
-	CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>