From 6ad0818abb837ea81954cea57a3d004df4bb3877 Mon Sep 17 00:00:00 2001 From: Mattia Rizzolo Date: Sat, 10 Jan 2015 19:41:14 +0100 Subject: apache: use mod-macro to reduce the code duplication. This should also fix some redirection issues. Moreover, this cleans the code --- etc/apache2/sites-available/jenkins.debian.net | 143 ++++++------------------- 1 file changed, 32 insertions(+), 111 deletions(-) (limited to 'etc/apache2/sites-available') diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net index a0f843d5..48feec5a 100644 --- a/etc/apache2/sites-available/jenkins.debian.net +++ b/etc/apache2/sites-available/jenkins.debian.net @@ -1,14 +1,23 @@ NameVirtualHost *:80 - - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteCond %{REMOTE_ADDR} !127.0.0.1 - RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] +NameVirtualHost *:443 + + + + ServerName $name + ServerAdmin holger@layer-acht.org + CustomLog /var/log/apache2/access.log combined + ErrorLog /var/log/apache2/error.log + Redirect permanent / https://$name/ + + + + + SSLEngine on + SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt - ServerName jenkins.debian.net + ServerName $name ServerAdmin holger@layer-acht.org - DocumentRoot /var/www Options FollowSymLinks AllowOverride None @@ -18,28 +27,21 @@ NameVirtualHost *:80 AllowOverride None Order allow,deny allow from all + AddType text/plain .log - - ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ - + + Options Indexes FollowSymLinks MultiViews AllowOverride None - Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny - Allow from all - SSLOptions +StdEnvVars + allow from all + AddType text/plain .log + RewriteEngine on ProxyRequests Off - - Order deny,allow - Allow from all - - ProxyPreserveHost on - AllowEncodedSlashes NoDecode - ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/ - ProxyPass /server-status ! - ProxyPass / http://localhost:8080/ - ProxyPassReverse / http://localhost:8080/ nocanon + + RequestHeader set X-Forwarded-Proto "https" + RequestHeader set X-Forwarded-Port "443" ErrorLog ${APACHE_LOG_DIR}/error.log @@ -48,50 +50,19 @@ NameVirtualHost *:80 LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined - + + + +Use common-debian-service-https-redirect jenkins.debian.net +Use common-debian-service-https-redirect reproducible.debian.net -NameVirtualHost *:443 - SSLEngine on + Use common-directives jenkins.debian.net SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem - SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt - - ServerName jenkins.debian.net - ServerAdmin holger@layer-acht.org DocumentRoot /var/www - - Options FollowSymLinks - AllowOverride None - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - AddType text/plain .log - - - Alias /userContent /var/lib/jenkins/userContent - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - AddType text/plain .log - - - ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ - - AllowOverride None - Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch - Order allow,deny - Allow from all - SSLOptions +StdEnvVars - # allow certain params only from alioth (token is used to trigger builds) - RewriteEngine on RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21 # this is git.d.o which is really moszumanska.d.o # etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this... @@ -126,7 +97,6 @@ NameVirtualHost *:443 RewriteCond %{REQUEST_URI} ^/userContent/rbuild/ RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R=301,L] - ProxyRequests Off Order deny,allow Allow from all @@ -144,50 +114,14 @@ NameVirtualHost *:443 ProxyPass /userContent ! ProxyPass / http://localhost:8080/ nocanon ProxyPassReverse / http://localhost:8080/ - - RequestHeader set X-Forwarded-Proto "https" - RequestHeader set X-Forwarded-Port "443" - - ErrorLog ${APACHE_LOG_DIR}/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog ${APACHE_LOG_DIR}/access.log combined - SSLEngine on + Use common-directives reproducible.debian.net SSLCertificateFile /etc/apache2/ssl/reproducible.debian.net.pem - SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt - - ServerName reproducible.debian.net - ServerAdmin holger@layer-acht.org DocumentRoot /var/lib/jenkins/userContent - - Options FollowSymLinks - AllowOverride None - - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - AddType text/plain .log - - - ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ - - AllowOverride None - Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch - Order allow,deny - Allow from all - SSLOptions +StdEnvVars - RewriteCond %{HTTP_HOST} reproducible\.debian\.net RewriteCond %{REQUEST_URI} ^/$ @@ -198,17 +132,4 @@ NameVirtualHost *:443 RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} ^/userContent RewriteRule ^/userContent/(.*)$ /$1 [R=301,L] - - ProxyRequests Off - - RequestHeader set X-Forwarded-Proto "https" - RequestHeader set X-Forwarded-Port "443" - - ErrorLog ${APACHE_LOG_DIR}/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog ${APACHE_LOG_DIR}/access.log combined -- cgit v1.2.3-70-g09d2