NameVirtualHost *:80
NameVirtualHost *:443
ServerName $ipaddress
ServerAdmin holger@layer-acht.org
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
Order deny,allow
Allow from all
ProxyPreserveHost on
AllowEncodedSlashes NoDecode
# proxy everything but a few urls
ProxyPass /server-status !
# map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
ProxyPass /userContent !
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
ServerName $name
ServerAdmin holger@layer-acht.org
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
Redirect permanent / https://$name/
SSLEngine on
SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
ServerName $name
ServerAdmin holger@layer-acht.org
Options FollowSymLinks
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AddType text/plain .log
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AddType text/plain .log
RewriteEngine on
ProxyRequests Off
# HSTS
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
Header always add Strict-Transport-Security "max-age=15552000"
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Use localhost-directives 127.0.0.1
Use localhost-directives 10.0.2.1
Use common-debian-service-https-redirect jenkins.debian.net
Use common-debian-service-https-redirect reproducible.debian.net
Use common-directives jenkins.debian.net
SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem
DocumentRoot /var/www
# allow certain params only from alioth (token is used to trigger builds)
RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
# this is git.d.o which is really moszumanska.d.o
# etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this...
RewriteCond %{QUERY_STRING} token
RewriteRule ^ - [F]
# a bunch of redirects to point people to https://reproducible.debian.net
RewriteCond %{HTTP_HOST} jenkins\.debian\.net
RewriteCond %{REQUEST_URI} ^/userContent/reproducible.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/reproducible.json$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_issues.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_notess.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_schedule.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_last_24h.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_last_48h.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_all_abc.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_dd-list.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_stats.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_pkg_sets.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_reproducible.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_FTBR_with_buildinfo.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_FTBR.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_FTBFS.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_404.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_not_for_us.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/index_blacklisted.html$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/rb-pkg/ [or]
RewriteCond %{REQUEST_URI} ^/userContent/buildinfo/ [or]
RewriteCond %{REQUEST_URI} ^/userContent/dbd/ [or]
RewriteCond %{REQUEST_URI} ^/userContent/issues/ [or]
RewriteCond %{REQUEST_URI} ^/userContent/notes/ [or]
RewriteCond %{REQUEST_URI} ^/userContent/rbuild/
RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R=301,L]
Order deny,allow
Allow from all
ProxyPreserveHost on
AllowEncodedSlashes NoDecode
# proxy everything but a few urls
ProxyPass /munin !
ProxyPass /server-status !
ProxyPass /calamaris !
ProxyPass /robots.txt http://localhost:8080/userContent/robots.txt
# map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
ProxyPass /userContent !
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
Use common-directives reproducible.debian.net
SSLCertificateFile /etc/apache2/ssl/reproducible.debian.net.pem
DocumentRoot /var/lib/jenkins/userContent
# use reproducible.html as "home page"
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^/(.*) /reproducible.html [R,L]
# drop the (old|ugly) /userContent/ directory from the url
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} ^/userContent
RewriteRule ^/userContent/(.*)$ /$1 [R=301,L]
# redirect rb.d.n/$PKG → rb.d.n/rb-pkg/$PKG.html
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond /var/lib/jenkins/userContent/rb-pkg/$1.html -f
RewriteRule ^/([a-z0-9.+-]+) /rb-pkg/$1.html [R=302,L]