ssl.template.erb 3.87 KB
Newer Older
Steve Kemp's avatar
Steve Kemp committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
####
##
#
# DO NOT EDIT THIS FILE - CHANGES WILL BE OVERWRITTEN
#
#  This file is automatically generated from the template located at
# /etc/symbiosis/apache.d/ssl.template.erb
#
#  If you absolutely MUST make changes, then please apply them to
# the master template file.  Then run the following command to
# make them live:
#
#   create-ssl-sites --force --verbose
#
##
###
##
#
#  For SSL documenation please consult:
#
#  http://symbiosis.bytemark.co.uk/docs/ch-ssl-hosting.html
#
##
###

26
NameVirtualHost <%= ip %>:443
Steve Kemp's avatar
Steve Kemp committed
27

28
29
30
31
<VirtualHost <%= ip %>:443>

        ServerName  <%= domain %>
        ServerAlias www.<%= domain %>
Steve Kemp's avatar
Steve Kemp committed
32
33

        SSLEngine On
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

        #
        # The certificate, key, and intermediate bundle (if needed)
        #
        <%= certificate %>
        <%= bundle %>

        #
        # Sane SSL ciphers.
        #
        SSLCipherSuite ALL:!LOW:!SSLv2:!EXP:!aNULL

        #
        # And some options
        #
Steve Kemp's avatar
Steve Kemp committed
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
        SSLOptions +StrictRequire


        #
        #  This is the directory people are redirected to
        # if their site is empty.
        #
        Alias /bytemark/ "/usr/share/symbiosis-static/"
        <Directory "/usr/share/symbiosis-static/">
                DirectoryIndex index.html
                AllowOverride None
        </Directory>

        #
        #  Allow users to override settings via .htaccess
        #
65
        <Directory <%=domain_directory%> >
Steve Kemp's avatar
Steve Kemp committed
66
67
68
69
70
71
72
73
74
75
76
77
78
79
                AllowOverride all
        </Directory>

        #
        #  And this makes that redirection happen.
        #
        <LocationMatch "^/+$">
                Options -Indexes
                ErrorDocument 403 /bytemark/
        </LocationMatch>

        #
        #  The document root
        #
80
        DocumentRoot <%= domain_directory %>/public/htdocs
Steve Kemp's avatar
Steve Kemp committed
81
82
83
84

        #
        # General CGI Handling
        #
85
        ScriptAlias /cgi-bin/ <%= domain_directory %>/public/cgi-bin/
Steve Kemp's avatar
Steve Kemp committed
86
87
88
89
90
91
92
93
94
95
96
        <Location /cgi-bin>
                Options +ExecCGI
        </Location>



        #
        #  We need to log the virtual hostname the incoming request was
        # made against, so that the cron-job in /etc/cron.daily may generate
        # statistics for each domain.
        #
97
98
        ErrorLog   /var/log/apache2/<%= domain %>.ssl.error.log
        CustomLog  /var/log/apache2/<%= domain %>.ssl.access.log combined
Steve Kemp's avatar
Steve Kemp committed
99
100
101
102
</VirtualHost>



103
NameVirtualHost <%= ip %>:80
Steve Kemp's avatar
Steve Kemp committed
104

105
<VirtualHost <%= ip %>:80>
Steve Kemp's avatar
Steve Kemp committed
106
107
108
109
110
111

<% if mandatory_ssl? %>
        #
        #  All accesses redirect to the HTTPS version of
        # the site.
        #
112
        Redirect / https://<%= domain %>/
Steve Kemp's avatar
Steve Kemp committed
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

<% else %>
        #
        #  This is the directory people are redirected to
        # if their site is empty.
        #
        Alias /bytemark/ "/usr/share/symbiosis-static/"
        <Directory "/usr/share/symbiosis-static/">
                DirectoryIndex index.html
                AllowOverride None
        </Directory>

        #
        #  Allow users to override settings via .htaccess
        #
128
        <Directory <%=domain_directory%> >
Steve Kemp's avatar
Steve Kemp committed
129
130
131
132
133
134
135
136
137
138
139
140
141
142
                AllowOverride all
        </Directory>

        #
        #  And this makes that redirection happen.
        #
        <LocationMatch "^/+$">
                Options -Indexes
                ErrorDocument 403 /bytemark/
        </LocationMatch>

        #
        #  The document root
        #
143
        DocumentRoot     <%= domain_directory %>/public/htdocs/
Steve Kemp's avatar
Steve Kemp committed
144
145
146
147

        #
        # General CGI Handling
        #
148
        ScriptAlias /cgi-bin/ <%= domain_directory %>/public/cgi-bin/
Steve Kemp's avatar
Steve Kemp committed
149
150
151
152
153
154
155
156
157
        <Location /cgi-bin>
                Options +ExecCGI
        </Location>

        #
        #  We need to log the virtual hostname the incoming request was
        # made against, so that the cron-job in /etc/cron.daily may generate
        # statistics for each domain.
        #
158
159
        ErrorLog   /var/log/apache2/<%= domain %>.error.log
        CustomLog  /var/log/apache2/<%= domain %>.access.log combined
Steve Kemp's avatar
Steve Kemp committed
160
161
162
<% end %>
</VirtualHost>