50 lines
1.6 KiB
Django/Jinja
50 lines
1.6 KiB
Django/Jinja
<VirtualHost *:80>
|
|
ServerName {{ inventory_hostname }}
|
|
|
|
ErrorLog /var/log/apache2/{{ inventory_hostname }}_error.log
|
|
LogLevel warn
|
|
CustomLog /var/log/apache2/{{ inventory_hostname }}_access.log combined
|
|
ServerSignature Off
|
|
|
|
Redirect / https://{{ inventory_hostname }}/
|
|
|
|
</VirtualHost>
|
|
|
|
|
|
<VirtualHost *:443>
|
|
ServerName {{ inventory_hostname }}
|
|
|
|
SSLEngine on
|
|
|
|
SSLCertificateFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.cer
|
|
SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key
|
|
SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer
|
|
|
|
SSLProtocol All -SSLv2 -SSLv3
|
|
# Note: this list should ensure ciphers that provide forward secrecy
|
|
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
|
|
SSLHonorCipherOrder on
|
|
|
|
# Channel logs
|
|
Alias /irclogs /var/lib/limnoria/opendev/logs/ChannelLogger/oftc/
|
|
<Directory /var/lib/limnoria/opendev/logs/ChannelLogger/oftc/>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
# Meeting logs
|
|
Alias /meetings /var/lib/limnoria/opendev/meetings/
|
|
<Directory /var/lib/limnoria/opendev/meetings/>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride None
|
|
Require all granted
|
|
</Directory>
|
|
|
|
ErrorLog /var/log/apache2/{{ inventory_hostname }}_error.log
|
|
LogLevel warn
|
|
CustomLog /var/log/apache2/{{ inventory_hostname }}_access.log combined
|
|
ServerSignature Off
|
|
|
|
</VirtualHost>
|