#
# Generated by Chef
#
# Based on the Ubuntu apache2.conf

ServerRoot "<%= node['apache']['dir'] %>"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
<% if node['apache']['version'] == '2.2' -%>
LockFile <%= node['apache']['lock_dir'] %>/accept.lock
<% elsif node['apache']['version'] == '2.4' -%>
Mutex file:<%= node['apache']['lock_dir'] %> default
<% end -%>

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
PidFile <%= node['apache']['pid_file'] %>

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout <%= node['apache']['timeout'] %>

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive <%= node['apache']['keepalive'] %>

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests <%= node['apache']['keepaliverequests'] %>

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout <%= node['apache']['keepalivetimeout'] %>

#<IfModule unixd_module>
User <%= node['apache']['user'] %>
Group <%= node['apache']['group'] %>
#</IfModule>

<% if node['apache']['version'] == '2.4' -%>
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and <%= node['apache']['docroot_dir'] %>.
# If your system is serving content from a sub-directory in /srv you must allow
# access in conf-enabled, or in any related virtual host. e.g.
#
#  <Directory /srv/>
#    Options Indexes FollowSymLinks
#    AllowOverride None
#    Require all granted
#  </Directory>
#
<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory <%= node['apache']['docroot_dir'] %>>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>
<% end -%>

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#

AccessFileName <%= node['apache']['access_file_name'] %>

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<% access_file_name_prefix = node['apache']['access_file_name'][0..2] if !node['apache']['access_file_name'].empty?
   if access_file_name_prefix != '.ht'
    file_name_prefix = '(' + access_file_name_prefix + '|\.ht)'
   else
    file_name_prefix = '\.ht'
   end
%>
<Files ~ "^<%= file_name_prefix %>">
    <% if node['apache']['version'] == '2.2' -%>
    Order allow,deny
    Deny from all
    <% elsif node['apache']['version'] == '2.4' -%>
    Require all denied
    <% end -%>
</Files>

<% if node['apache']['version'] == '2.2' -%>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
<% end -%>

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
<% if node['apache']['error_log'] =~ /^syslog:/ || node['apache']['error_log'] =~ /^\|/ %>
ErrorLog <%= node['apache']['error_log'] %>
<% else %>
ErrorLog <%= node['apache']['log_dir'] %>/<%= node['apache']['error_log'] %>
<% end %>

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel <%= node['apache']['log_level'] %>

# COOK-1021: Dummy LoadModule directive to aid module installations
#LoadModule dummy_module modules/mod_dummy.so

# Include module configuration:
<% if node['apache']['version'] == '2.2' -%>
Include <%= node['apache']['dir'] %>/mods-enabled/*.load
Include <%= node['apache']['dir'] %>/mods-enabled/*.conf
<% elsif node['apache']['version'] == '2.4' -%>
IncludeOptional <%= node['apache']['dir'] %>/mods-enabled/*.load
IncludeOptional <%= node['apache']['dir'] %>/mods-enabled/*.conf
<% end -%>

<% if %w[freebsd].include?(node['platform_family']) -%>
<IfDefine NOHTTPACCEPT>
   AcceptFilter http none
   AcceptFilter https none
</IfDefine>
<% end %>

# Include ports listing
Include <%= node['apache']['dir'] %>/ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#
<% if node['apache']['version'] == '2.2' -%>
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections.  We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
#   Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis.  The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation.  To activate them, uncomment the following 30 lines.

#    Alias /error/ "/usr/share/apache2/error/"
#
#    <Directory "/usr/share/apache2/error">
#        AllowOverride None
#        Options IncludesNoExec
#        AddOutputFilter Includes html
#        AddHandler type-map var
#        Order allow,deny
#        Allow from all
#        LanguagePriority en cs de es fr it nl sv pt-br ro
#        ForceLanguagePriority Prefer Fallback
#    </Directory>
#
#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
#    ErrorDocument 410 /error/HTTP_GONE.html.var
#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
<% end -%>

<% if node['apache']['version'] == '2.4' -%>
# Include generic snippets of statements
IncludeOptional <%= node['apache']['dir'] %>/conf-enabled/*.conf

# Include the virtual host configurations:
IncludeOptional <%= node['apache']['dir'] %>/sites-enabled/*.conf
<% else -%>
# Include generic snippets of statements
Include <%= node['apache']['dir'] %>/conf-enabled/*.conf

# Include the virtual host configurations:
Include <%= node['apache']['dir'] %>/sites-enabled/*.conf
<% end -%>