opendev/system-config
Code Issues Proposed changes
272d6ccc32
system-config/modules/cgit/templates/git.vhost.erb
Timothy Chavez 47db7ea292 Use the SSLProtocol blacklist approach 
It turns out that specifying the ciphers we want to use leads to
breakage.  So instead we'll explicitly tell Apache which ciphers
we don't want to use.

Change-Id: I0f8211533495a6a4340c01dadb8069ccf9be429c
2014-10-16 11:41:04 -05:00

71 lines
2.3 KiB
Plaintext
Raw Blame History

<VirtualHost *:<%= scope.lookupvar("cgit::http_port") %>>
ServerName <%= scope.lookupvar("cgit::vhost_name") %>
ServerAdmin <%= scope.lookupvar("cgit::serveradmin") %>
<% if @serveraliases.is_a? Array -%>
<% @serveraliases.each do |name| -%><%= " ServerAlias #{name}\n" %><% end -%>
<% elsif @serveraliases != '' -%>
<%= " ServerAlias #{@serveraliases}" -%>
<% end -%>
Alias /cgit-data /usr/share/cgit
ScriptAlias /cgit /var/www/cgi-bin/cgit
Alias /static <%= scope.lookupvar("cgit::staticfiles") %>
RewriteEngine On
RewriteRule ^/$ /cgit [R]
SetEnv GIT_PROJECT_ROOT /var/lib/git/
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GIT_NOTES_DISPLAY_REF refs/notes/*
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/git/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/git/$1
ScriptAlias / /usr/libexec/git-core/git-http-backend/
ErrorLog /var/log/httpd/git-error.log
LogLevel warn
CustomLog /var/log/httpd/git-access.log combined
</VirtualHost>
<VirtualHost *:<%= scope.lookupvar("cgit::https_port") %>>
ServerName <%= scope.lookupvar("cgit::vhost_name") %>
ServerAdmin <%= scope.lookupvar("cgit::serveradmin") %>
<% if @serveraliases.is_a? Array -%>
<% @serveraliases.each do |name| -%><%= " ServerAlias #{name}\n" %><% end -%>
<% elsif @serveraliases != '' -%>
<%= " ServerAlias #{@serveraliases}" -%>
<% end -%>
Alias /cgit-data /usr/share/cgit
ScriptAlias /cgit /var/www/cgi-bin/cgit
Alias /static <%= scope.lookupvar("cgit::staticfiles") %>
RewriteEngine On
RewriteRule ^/$ /cgit [R]
SetEnv GIT_PROJECT_ROOT /var/lib/git/
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv GIT_NOTES_DISPLAY_REF refs/notes/*
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/git/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/git/$1
ScriptAlias / /usr/libexec/git-core/git-http-backend/
ErrorLog /var/log/httpd/git-error.log
LogLevel warn
CustomLog /var/log/httpd/git-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("cgit::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("cgit::ssl_key_file") %>
<% if scope.lookupvar("cgit::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("cgit::ssl_chain_file") %>
<% end %>
</VirtualHost>
View Git Blame Copy Permalink