summaryrefslogtreecommitdiffstats
path: root/etc/apache2
diff options
context:
space:
mode:
Diffstat (limited to 'etc/apache2')
l---------etc/apache2/conf-available/munin.conf1
-rw-r--r--etc/apache2/ports.conf23
-rw-r--r--etc/apache2/sites-available/jenkins.debian.net275
-rw-r--r--etc/apache2/ssl/gsdomainvalsha2g2r1.crt27
4 files changed, 0 insertions, 326 deletions
diff --git a/etc/apache2/conf-available/munin.conf b/etc/apache2/conf-available/munin.conf
deleted file mode 120000
index 56fedfa9..00000000
--- a/etc/apache2/conf-available/munin.conf
+++ /dev/null
@@ -1 +0,0 @@
-../../munin/apache.conf \ No newline at end of file
diff --git a/etc/apache2/ports.conf b/etc/apache2/ports.conf
deleted file mode 100644
index 7830895d..00000000
--- a/etc/apache2/ports.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-# If you just change the port or add more ports here, you will likely also
-# have to change the VirtualHost statement in
-# /etc/apache2/sites-enabled/000-default
-# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
-# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
-# README.Debian.gz
-
-#NameVirtualHost *:80
-Listen 80
-
-<IfModule mod_ssl.c>
- # If you add NameVirtualHost *:443 here, you will also have to change
- # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
- # to <VirtualHost *:443>
- # Server Name Indication for SSL named virtual hosts is currently not
- # supported by MSIE on Windows XP.
- Listen 443
-</IfModule>
-
-<IfModule mod_gnutls.c>
- Listen 443
-</IfModule>
-
diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net
deleted file mode 100644
index 668bcf3f..00000000
--- a/etc/apache2/sites-available/jenkins.debian.net
+++ /dev/null
@@ -1,275 +0,0 @@
-NameVirtualHost *:80
-NameVirtualHost *:443
-
-<Macro localhost-directives $ipaddress>
- <VirtualHost $ipaddress:80>
- ServerName $ipaddress
- ServerAdmin holger@layer-acht.org
- CustomLog /var/log/apache2/access.log combined
- ErrorLog /var/log/apache2/error.log
- <Proxy *>
- Require all granted
- </Proxy>
- ProxyPreserveHost on
- AllowEncodedSlashes NoDecode
- # proxy everything but a few urls
- ProxyPass /server-status !
- # map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
- ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
- ProxyPass /userContent !
- ProxyPass / http://localhost:8080/ nocanon
- ProxyPassReverse / http://localhost:8080/
- </VirtualHost>
-</Macro>
-
-<Macro common-debian-service-https-redirect $name>
- <VirtualHost *:80>
- ServerName $name
- ServerAdmin holger@layer-acht.org
- CustomLog /var/log/apache2/access.log combined
- ErrorLog /var/log/apache2/error.log
- Redirect permanent / https://$name/
- </VirtualHost>
-</Macro>
-
-<Macro common-directives $name>
- SSLEngine on
- SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
-
- ServerName $name
- ServerAdmin holger@layer-acht.org
-
- <Directory />
- Options FollowSymLinks
- AllowOverride None
- </Directory>
- <Directory /var/www/>
- Options Indexes FollowSymLinks MultiViews
- AllowOverride None
- Require all granted
- AddType text/plain .log
- </Directory>
- <Directory /var/lib/jenkins/userContent>
- Options Indexes FollowSymLinks MultiViews
- AllowOverride None
- Require all granted
- AddType text/plain .log
- </Directory>
-
- <FilesMatch "\.gz$">
- AddEncoding gzip .gz
- ForceType text/plain
- FilterDeclare gzipInflate CONTENT_SET
- <IfVersion >= 2.4>
- FilterProvider gzipInflate inflate "%{req:Accept-Encoding} !~ /gzip/"
- </IfVersion>
- <IfVersion < 2.4>
- FilterProvider gzipInflate inflate req=Accept-Encoding !$gzip
- </IfVersion>
- FilterChain +gzipInflate
- </FilesMatch>
-
- RewriteEngine on
- ProxyRequests Off
-
- # HSTS
- RequestHeader set X-Forwarded-Proto "https"
- RequestHeader set X-Forwarded-Port "443"
- Header always add Strict-Transport-Security "max-age=15552000"
-
- ErrorLog ${APACHE_LOG_DIR}/error.log
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
- CustomLog ${APACHE_LOG_DIR}/access.log combined
-</Macro>
-
-Use localhost-directives 127.0.0.1
-Use localhost-directives 10.0.2.1
-
-Use common-debian-service-https-redirect jenkins.debian.net
-Use common-debian-service-https-redirect reproducible.debian.net
-
-<VirtualHost *:443>
- Use common-directives jenkins.debian.net
- SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem
-
- DocumentRoot /var/www
-
- # allow certain params only from alioth (token is used to trigger builds)
- RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
- # this is git.d.o which is really moszumanska.d.o
- # etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this...
- RewriteCond %{QUERY_STRING} token
- RewriteRule ^ - [F]
-
- # a bunch of redirects to point people to https://reproducible.debian.net
- RewriteCond %{HTTP_HOST} jenkins\.debian\.net
- RewriteCond %{REQUEST_URI} ^/userContent/reproducible.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/reproducible.json$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_issues.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_notes.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_schedule.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_last_24h.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_last_48h.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_all_abc.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_dd-list.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_stats.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_pkg_sets.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_reproducible.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_FTBR_with_buildinfo.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_FTBR.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_FTBFS.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_404.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_not_for_us.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/index_blacklisted.html$ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/rb-pkg/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/buildinfo/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/dbd/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/issues/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/notes/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/artifacts/ [or]
- RewriteCond %{REQUEST_URI} ^/userContent/rbuild/
- RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R=301,L]
-
- <Proxy *>
- Require all granted
- </Proxy>
- ProxyPreserveHost on
- AllowEncodedSlashes NoDecode
- # proxy everything but a few urls
- ProxyPass /munin !
- ProxyPass /server-status !
- ProxyPass /calamaris !
- ProxyPass /robots.txt http://localhost:8080/userContent/robots.txt
- # map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
- ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
- ProxyPass /userContent !
- ProxyPass / http://localhost:8080/ nocanon
- ProxyPassReverse / http://localhost:8080/
-</VirtualHost>
-
-
-<VirtualHost *:443>
- Use common-directives reproducible.debian.net
- SSLCertificateFile /etc/apache2/ssl/reproducible.debian.net.pem
-
- DocumentRoot /var/lib/jenkins/userContent/reproducible
-
- <Directory /var/lib/jenkins/userContent/reproducible/artifacts>
- HeaderName .HEADER.html
- </Directory>
-
- # use reproducible.html as "home page"
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_URI} ^/$
- RewriteRule ^/(.*) /reproducible.html [R,L]
-
- # drop the (old|ugly) /userContent/ directory from the url
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_URI} ^/userContent
- RewriteRule ^/userContent/(.*)$ /$1 [R=301,L]
-
- # redirect rb.d.n/issues/$ISSUE → rb.d.n/issues/unstable/$ISSUE
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/issues/unstable/$1 -f
- RewriteRule ^/issues/([a-z0-9.+-_]+) /issues/unstable/$1 [R=302,L]
-
- # redirect rb.d.n/$PKG → rb.d.n/rb-pkg/unstable/amd64/$PKG.html
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/rb-pkg/unstable/amd64/$1.html -f
- RewriteRule ^/([a-z0-9.+-]+) /rb-pkg/unstable/amd64/$1.html [R=302,L]
-
- # redirect rb.d.n/$PKG → rb.d.n/rb-pkg/experimental/amd64/$PKG.html
- # (this is the fallback for the previous redirect and should only catch packages which are only in experimental)
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/rb-pkg/experimental/amd64/$1.html -f
- RewriteRule ^/([a-z0-9.+-]+) /rb-pkg/experimental/amd64/$1.html [R=302,L]
-
- # redirect rb.d.n/$suite/amd64/$PKG → rb.d.n/rb-pkg/$suite/amd64/$PKG.html
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/rb-pkg/$1/amd64/$2.html -f
- RewriteRule ^/(unstable|testing|experimental)/amd64/([a-z0-9.+-]+) /rb-pkg/$1/amd64/$2.html [R=302,L]
-
- # redirect rb.d.n/rb-pkg/$PKG.html → rb.d.n/rb-pkg/$suite/$arch/$PKG.html
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/rb-pkg/unstable/amd64/$1 -f
- RewriteRule ^/rb-pkg/([a-z0-9.+-]+) /rb-pkg/unstable/amd64/$1 [R=301,L]
- # the same for /dbd/
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/dbd/unstable/amd64/$1 -f
- RewriteRule ^/dbd/([a-z0-9.+-_]+) /dbd/unstable/amd64/$1 [R=301,L]
- # the same for /rbuild/
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/rbuild/unstable/amd64/$1 -f
- RewriteRule ^/rbuild/([a-z0-9.+-_]+) /rbuild/unstable/amd64/$1 [R=301,L]
- # the same for /buildinfo/
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond /var/lib/jenkins/userContent/reproducible/buildinfo/unstable/amd64/$1 -f
- RewriteRule ^/buildinfo/([a-z0-9.+-_]+) /buildinfo/unstable/amd64/$1 [R=301,L]
- # redirect some rb.d.n/index_*.html to the suite/arch relative one
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_URI} ^/index_reproducible.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_FTBR.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_FTBFS.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_404.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_not_for_us.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_blacklisted.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_last_24h.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_last_48h.html$ [or]
- RewriteCond %{REQUEST_URI} ^/index_all_abc.html$
- RewriteRule ^/?(.+) /unstable/amd64/$1 [R=301,L]
-
- # redirect (/testing|unstable|/experimental) to (/testing|/unstable|/experimental)/index_suite_stats.html
- # note: the missing slash in the RewriteRule is wanted to avoid a double slash
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_URI} ^/(testing|unstable|experimental)/$
- RewriteRule ^/(.*) /$1index_suite_stats.html [R,L]
-
- # redirect /coreboot/ to coreboot/coreboot.html
- # note: the missing slash in the RewriteRule is wanted to avoid a double slash
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_URI} ^/coreboot/$
- RewriteRule ^/(.*) /coreboot/coreboot.html [R,L]
-
- # redirect /openwrt/ to openwrt/openwrt.html
- # note: the missing slash in the RewriteRule is wanted to avoid a double slash
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_URI} ^/openwrt/$
- RewriteRule ^/(.*) /openwrt/openwrt.html [R,L]
-
- # redirect /netbsd/ to netbsd/netbsd.html
- # note: the missing slash in the RewriteRule is wanted to avoid a double slash
- RewriteCond %{HTTP_HOST} reproducible\.debian\.net
- RewriteCond %{REQUEST_URI} ^/netbsd/$
- RewriteRule ^/(.*) /netbsd/netbsd.html [R,L]
-
- # redirect /issues/ to /index_issues.html
- RewriteCond %{REQUEST_URI} ^/issues/$
- RewriteRule ^/(.*) /index_issues.html [R,L]
-
- <Proxy *>
- Require all granted
- </Proxy>
-
-</VirtualHost>
diff --git a/etc/apache2/ssl/gsdomainvalsha2g2r1.crt b/etc/apache2/ssl/gsdomainvalsha2g2r1.crt
deleted file mode 100644
index 6d67a8d2..00000000
--- a/etc/apache2/ssl/gsdomainvalsha2g2r1.crt
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
-MDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0
-aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZC
-jn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eG
-ExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgX
-qa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3It
-INH6yjfaGJjmFiRxJUvE5XuJUgkC/VkrBG7KB4HUs9ra2+PMgKhWBwZ8lgg3nds4
-tmI0kWIHdAE42HIw4uuQcSZiwFfzAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMC
-AQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU6k581IAt5RWBhiaMgm3A
-mKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
-d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSG
-Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEE
-MTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290
-cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEL
-BQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex
-4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXE
-GwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1oj
-H6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1Pj
-tywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6
-EjxS1QSCVS1npd+3lXzuP8MIugS+wEY=
------END CERTIFICATE-----
-