diff options
-rw-r--r-- | etc/apache2/sites-available/jenkins.debian.net | 99 |
1 files changed, 98 insertions, 1 deletions
diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net index 610eef85..2482b450 100644 --- a/etc/apache2/sites-available/jenkins.debian.net +++ b/etc/apache2/sites-available/jenkins.debian.net @@ -51,7 +51,7 @@ NameVirtualHost *:80 </VirtualHost> NameVirtualHost *:443 -<VirtualHost *:443> +<VirtualHost jenkins.debian.net:443> SSLEngine on SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt @@ -146,3 +146,100 @@ NameVirtualHost *:443 CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> + +<VirtualHost reproducible.debian.net:443> + SSLEngine on + #SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + + ServerName reproducible.debian.net + ServerAdmin holger@layer-acht.org + + DocumentRoot /var/www + <Directory /> + Options FollowSymLinks + AllowOverride None + </Directory> + <Directory /var/www/> + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + AddType text/plain .log + </Directory> + + Alias /userContent /var/lib/jenkins/userContent + <Directory /var/lib/jenkins/userContent> + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + AddType text/plain .log + </Directory> + + ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ + <Directory "/usr/lib/cgi-bin"> + AllowOverride None + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch + Order allow,deny + Allow from all + SSLOptions +StdEnvVars + </Directory> + + # allow certain params only from alioth (token is used to trigger builds) + RewriteEngine on + RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21 + # this is git.d.o which is really moszumanska.d.o + # etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this... + RewriteCond %{QUERY_STRING} token + RewriteRule ^ - [F] + + RewriteCond %{HTTP_HOST} jenkins\.debian\.net + RewriteCond %{REQUEST_URI} ^/userContent/reproducible.html$ + RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R,L] + + RewriteCond %{HTTP_HOST} reproducible\.debian\.net + RewriteCond %{REQUEST_URI} ^/$ [or] + RewriteCond %{REQUEST_URI} ^/userContent/$ + RewriteRule ^/(.*) /reproducible.html [R,L] + + RewriteCond %{HTTP_HOST} reproducible\.debian\.net + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteCond %{REQUEST_URI} !^/userContent + RewriteRule ^(.*)$ /userContent/$1 [L] + + RewriteCond %{HTTP_HOST} reproducible\.debian\.net + RewriteCond %{REQUEST_URI} ^/userContent + RewriteRule ^/userContent/(.*)$ /$1 [R] + + ProxyRequests Off + <Proxy *> + Order deny,allow + Allow from all + </Proxy> + ProxyPreserveHost on + AllowEncodedSlashes NoDecode + # proxy everything but a few urls + ProxyPass /munin ! + ProxyPass /server-status ! + ProxyPass /visitors-report.html ! + ProxyPass /calamaris ! + ProxyPass /robots.txt http://localhost:8080/userContent/robots.txt + # map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs + ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/ + ProxyPass /userContent ! + ProxyPass / http://localhost:8080/ nocanon + ProxyPassReverse / http://localhost:8080/ + RequestHeader set X-Forwarded-Proto "https" + RequestHeader set X-Forwarded-Port "443" + + ErrorLog ${APACHE_LOG_DIR}/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> |