<% if ! [nil, :undef].include?(scope.lookupvar("storyboard::application::server_admin")) %> ServerAdmin <%= scope.lookupvar("storyboard::application::server_admin") %> <% end %> ServerName <%= scope.lookupvar("storyboard::application::hostname") %> DocumentRoot <%= scope.lookupvar("storyboard::application::www_root") %> Redirect / https://<%= scope.lookupvar("storyboard::application::hostname") %>/ LogLevel warn ErrorLog ${APACHE_LOG_DIR}/storyboard-error.log CustomLog ${APACHE_LOG_DIR}/storyboard-access.log combined <% if ! [nil, :undef].include?(scope.lookupvar("storyboard::application::server_admin")) %> ServerAdmin <%= scope.lookupvar("storyboard::application::server_admin") %> <% end %> ServerName <%= scope.lookupvar("storyboard::application::hostname") %> LogLevel warn ErrorLog ${APACHE_LOG_DIR}/storyboard-ssl-error.log CustomLog ${APACHE_LOG_DIR}/storyboard-ssl-access.log combined SSLEngine on SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM SSLCertificateFile <%= scope.lookupvar("storyboard::cert::ssl_cert") %> SSLCertificateKeyFile <%= scope.lookupvar("storyboard::cert::ssl_key") %> <% if ! [nil, :undef].include?(scope.lookupvar("storyboard::cert::resolved_ssl_ca")) %> SSLCertificateChainFile <%= scope.lookupvar("storyboard::cert::resolved_ssl_ca") %> <% end %> SSLOptions +StdEnvVars SSLOptions +StdEnvVars BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown AllowEncodedSlashes on DocumentRoot <%= scope.lookupvar("storyboard::application::www_root") %> WSGIDaemonProcess storyboard user=<%= scope.lookupvar("storyboard::params::user") %> group=<%= scope.lookupvar("storyboard::params::group") %> threads=5 python-path=/usr/local/lib/python2.7/dist-packages WSGIScriptAlias /api /var/lib/storyboard/storyboard.wsgi WSGIPassAuthorization On "> <% if scope.lookupvar("storyboard::application::new_vhost_perms") %> Require all granted <% else %> Order allow,deny Allow from all <% end %>