From 96da6e8fcae5bc7a4599a7c7f83523b4fa7907d0 Mon Sep 17 00:00:00 2001
From: Holger Levsen <holger@layer-acht.org>
Date: Fri, 9 Jan 2015 19:43:53 +0100
Subject: apache2: add 2nd vhost, just copy conifg, no cleanups performed yet

---
 etc/apache2/sites-available/jenkins.debian.net | 99 +++++++++++++++++++++++++-
 1 file changed, 98 insertions(+), 1 deletion(-)

(limited to 'etc/apache2')

diff --git a/etc/apache2/sites-available/jenkins.debian.net b/etc/apache2/sites-available/jenkins.debian.net
index 610eef85..2482b450 100644
--- a/etc/apache2/sites-available/jenkins.debian.net
+++ b/etc/apache2/sites-available/jenkins.debian.net
@@ -51,7 +51,7 @@ NameVirtualHost *:80
 </VirtualHost>
 
 NameVirtualHost *:443
-<VirtualHost *:443>
+<VirtualHost jenkins.debian.net:443>
 	SSLEngine on
 	SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem
 	SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
@@ -146,3 +146,100 @@ NameVirtualHost *:443
 
 	CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
+
+<VirtualHost reproducible.debian.net:443>
+	SSLEngine on
+	#SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
+	SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
+	SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+	ServerName reproducible.debian.net
+	ServerAdmin holger@layer-acht.org
+
+	DocumentRoot /var/www
+	<Directory />
+		Options FollowSymLinks
+		AllowOverride None
+	</Directory>
+	<Directory /var/www/>
+		Options Indexes FollowSymLinks MultiViews
+		AllowOverride None
+		Order allow,deny
+		allow from all
+		AddType text/plain .log
+	</Directory>
+
+	Alias /userContent /var/lib/jenkins/userContent
+	<Directory /var/lib/jenkins/userContent>
+		Options Indexes FollowSymLinks MultiViews
+		AllowOverride None
+		Order allow,deny
+		allow from all
+		AddType text/plain .log
+	</Directory>
+
+	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+	<Directory "/usr/lib/cgi-bin">
+		AllowOverride None
+		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+		Order allow,deny
+		Allow from all
+		SSLOptions +StdEnvVars
+	</Directory>
+
+	# allow certain params only from alioth (token is used to trigger builds)
+	RewriteEngine on
+	RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
+	# this is git.d.o which is really moszumanska.d.o
+	# etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this...
+	RewriteCond %{QUERY_STRING} token
+	RewriteRule ^ - [F]
+
+	RewriteCond %{HTTP_HOST} jenkins\.debian\.net
+	RewriteCond %{REQUEST_URI} ^/userContent/reproducible.html$
+	RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R,L]
+
+	RewriteCond %{HTTP_HOST} reproducible\.debian\.net
+	RewriteCond %{REQUEST_URI} ^/$ [or]
+	RewriteCond %{REQUEST_URI} ^/userContent/$
+	RewriteRule ^/(.*) /reproducible.html [R,L]
+
+	RewriteCond %{HTTP_HOST} reproducible\.debian\.net
+	RewriteCond %{REQUEST_FILENAME} !-f
+	RewriteCond %{REQUEST_FILENAME} !-d
+	RewriteCond %{REQUEST_URI} !^/userContent
+	RewriteRule ^(.*)$ /userContent/$1 [L]
+
+	RewriteCond %{HTTP_HOST} reproducible\.debian\.net
+	RewriteCond %{REQUEST_URI} ^/userContent
+	RewriteRule ^/userContent/(.*)$ /$1 [R]
+
+	ProxyRequests Off
+	<Proxy *>
+		Order deny,allow
+		Allow from all
+	</Proxy>
+	ProxyPreserveHost on
+	AllowEncodedSlashes NoDecode
+	# proxy everything but a few urls
+	ProxyPass /munin !
+	ProxyPass /server-status !
+	ProxyPass /visitors-report.html !
+	ProxyPass /calamaris !
+	ProxyPass /robots.txt http://localhost:8080/userContent/robots.txt
+	# map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
+	ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
+	ProxyPass /userContent !
+	ProxyPass / http://localhost:8080/ nocanon
+	ProxyPassReverse  / http://localhost:8080/
+	RequestHeader set X-Forwarded-Proto "https"
+	RequestHeader set X-Forwarded-Port "443"
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+
+	# Possible values include: debug, info, notice, warn, error, crit,
+	# alert, emerg.
+	LogLevel warn
+
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
-- 
cgit v1.2.3-54-g00ecf