1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
NameVirtualHost *:80
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REMOTE_ADDR} !127.0.0.1
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
ServerName jenkins.debian.net
ServerAdmin holger@layer-acht.org
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
SSLOptions +StdEnvVars
</Directory>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost on
AllowEncodedSlashes NoDecode
ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
ProxyPass /server-status !
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/ nocanon
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/jenkins.debian.net.pem
SSLCertificateChainFile /etc/apache2/ssl/gsdomainvalsha2g2r1.crt
ServerName jenkins.debian.net
ServerAdmin holger@layer-acht.org
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AddType text/plain .log
</Directory>
Alias /userContent /var/lib/jenkins/userContent
<Directory /var/lib/jenkins/userContent>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AddType text/plain .log
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
SSLOptions +StdEnvVars
</Directory>
# allow certain params only from alioth (token is used to trigger builds)
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !5\.153\.231\.21
# this is git.d.o which is really moszumanska.d.o
# etc/cron.daily/jenkins checks for changes in this IP address, so root will be notified and can adopt this...
RewriteCond %{QUERY_STRING} token
RewriteRule ^ - [F]
RewriteCond %{HTTP_HOST} jenkins\.debian\.net
RewriteCond %{REQUEST_URI} ^/userContent/reproducible.html$
RewriteRule ^/?(.*) https://reproducible.debian.net/$1 [R,L]
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_URI} ^/$ [or]
RewriteCond %{REQUEST_URI} ^/userContent/$
RewriteRule ^/(.*) /reproducible.html [R,L]
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/userContent
RewriteRule ^(.*)$ /userContent/$1 [L]
RewriteCond %{HTTP_HOST} reproducible\.debian\.net
RewriteCond %{REQUEST_URI} ^/userContent
RewriteRule ^/userContent/(.*)$ /$1 [R]
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost on
AllowEncodedSlashes NoDecode
# proxy everything but a few urls
ProxyPass /munin !
ProxyPass /server-status !
ProxyPass /visitors-report.html !
ProxyPass /calamaris !
ProxyPass /robots.txt http://localhost:8080/userContent/robots.txt
# map /d-i-preseed-cfgs to /UserContent/d-i-preseed-cfgs
ProxyPass /d-i-preseed-cfgs/ http://localhost:8080/userContent/d-i-preseed-cfgs/
ProxyPass /userContent !
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
|