261 lines
		
	
	
		
			8.9 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			261 lines
		
	
	
		
			8.9 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| #
 | |
| # Generated by Chef
 | |
| #
 | |
| # Based on the Ubuntu apache2.conf
 | |
| 
 | |
| ServerRoot "<%= node['apache']['dir'] %>"
 | |
| 
 | |
| #
 | |
| # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
 | |
| #
 | |
| <% if node['apache']['version'] == '2.2' -%>
 | |
| LockFile <%= node['apache']['lock_dir'] %>/accept.lock
 | |
| <% elsif node['apache']['version'] == '2.4' -%>
 | |
| Mutex file:<%= node['apache']['lock_dir'] %> default
 | |
| <% end -%>
 | |
| 
 | |
| #
 | |
| # PidFile: The file in which the server should record its process
 | |
| # identification number when it starts.
 | |
| #
 | |
| PidFile <%= node['apache']['pid_file'] %>
 | |
| 
 | |
| #
 | |
| # Timeout: The number of seconds before receives and sends time out.
 | |
| #
 | |
| Timeout <%= node['apache']['timeout'] %>
 | |
| 
 | |
| #
 | |
| # KeepAlive: Whether or not to allow persistent connections (more than
 | |
| # one request per connection). Set to "Off" to deactivate.
 | |
| #
 | |
| KeepAlive <%= node['apache']['keepalive'] %>
 | |
| 
 | |
| #
 | |
| # MaxKeepAliveRequests: The maximum number of requests to allow
 | |
| # during a persistent connection. Set to 0 to allow an unlimited amount.
 | |
| # We recommend you leave this number high, for maximum performance.
 | |
| #
 | |
| MaxKeepAliveRequests <%= node['apache']['keepaliverequests'] %>
 | |
| 
 | |
| #
 | |
| # KeepAliveTimeout: Number of seconds to wait for the next request from the
 | |
| # same client on the same connection.
 | |
| #
 | |
| KeepAliveTimeout <%= node['apache']['keepalivetimeout'] %>
 | |
| 
 | |
| #<IfModule unixd_module>
 | |
| User <%= node['apache']['user'] %>
 | |
| Group <%= node['apache']['group'] %>
 | |
| #</IfModule>
 | |
| 
 | |
| <% if node['apache']['version'] == '2.4' -%>
 | |
| # Sets the default security model of the Apache2 HTTPD server. It does
 | |
| # not allow access to the root filesystem outside of /usr/share and <%= node['apache']['docroot_dir'] %>.
 | |
| # If your system is serving content from a sub-directory in /srv you must allow
 | |
| # access in conf-enabled, or in any related virtual host. e.g.
 | |
| #
 | |
| #  <Directory /srv/>
 | |
| #    Options Indexes FollowSymLinks
 | |
| #    AllowOverride None
 | |
| #    Require all granted
 | |
| #  </Directory>
 | |
| #
 | |
| <Directory />
 | |
|         Options FollowSymLinks
 | |
|         AllowOverride None
 | |
|         Require all denied
 | |
| </Directory>
 | |
| 
 | |
| <Directory /usr/share>
 | |
|         AllowOverride None
 | |
|         Require all granted
 | |
| </Directory>
 | |
| 
 | |
| <Directory <%= node['apache']['docroot_dir'] %>>
 | |
|         Options Indexes FollowSymLinks
 | |
|         AllowOverride None
 | |
|         Require all granted
 | |
| </Directory>
 | |
| <% end -%>
 | |
| 
 | |
| #
 | |
| # AccessFileName: The name of the file to look for in each directory
 | |
| # for additional configuration directives.  See also the AllowOverride
 | |
| # directive.
 | |
| #
 | |
| 
 | |
| AccessFileName <%= node['apache']['access_file_name'] %>
 | |
| 
 | |
| #
 | |
| # The following lines prevent .htaccess and .htpasswd files from being
 | |
| # viewed by Web clients.
 | |
| #
 | |
| <% access_file_name_prefix = node['apache']['access_file_name'][0..2] if !node['apache']['access_file_name'].empty?
 | |
|    if access_file_name_prefix != '.ht'
 | |
|     file_name_prefix = '(' + access_file_name_prefix + '|.ht)'
 | |
|    else
 | |
|     file_name_prefix = '.ht'
 | |
|    end
 | |
| %>
 | |
| <Files ~ "^<%= file_name_prefix %>">
 | |
|     <% if node['apache']['version'] == '2.2' -%>
 | |
|     Order allow,deny
 | |
|     Deny from all
 | |
|     <% elsif node['apache']['version'] == '2.4' -%>
 | |
|     Require all denied
 | |
|     <% end -%>
 | |
| </Files>
 | |
| 
 | |
| <% if node['apache']['version'] == '2.2' -%>
 | |
| #
 | |
| # DefaultType is the default MIME type the server will use for a document
 | |
| # if it cannot otherwise determine one, such as from filename extensions.
 | |
| # If your server contains mostly text or HTML documents, "text/plain" is
 | |
| # a good value.  If most of your content is binary, such as applications
 | |
| # or images, you may want to use "application/octet-stream" instead to
 | |
| # keep browsers from trying to display binary files as though they are
 | |
| # text.
 | |
| #
 | |
| DefaultType text/plain
 | |
| <% end -%>
 | |
| 
 | |
| #
 | |
| # HostnameLookups: Log the names of clients or just their IP addresses
 | |
| # e.g., www.apache.org (on) or 204.62.129.132 (off).
 | |
| # The default is off because it'd be overall better for the net if people
 | |
| # had to knowingly turn this feature on, since enabling it means that
 | |
| # each client request will result in AT LEAST one lookup request to the
 | |
| # nameserver.
 | |
| #
 | |
| HostnameLookups Off
 | |
| 
 | |
| # ErrorLog: The location of the error log file.
 | |
| # If you do not specify an ErrorLog directive within a <VirtualHost>
 | |
| # container, error messages relating to that virtual host will be
 | |
| # logged here.  If you *do* define an error logfile for a <VirtualHost>
 | |
| # container, that host's errors will be logged there and not here.
 | |
| #
 | |
| <% if node['apache']['error_log'] =~ /^syslog:/ || node['apache']['error_log'] =~ /^\|/ %>
 | |
| ErrorLog <%= node['apache']['error_log'] %>
 | |
| <% else %>
 | |
| ErrorLog <%= node['apache']['log_dir'] %>/<%= node['apache']['error_log'] %>
 | |
| <% end %>
 | |
| 
 | |
| #
 | |
| # LogLevel: Control the number of messages logged to the error_log.
 | |
| # Possible values include: debug, info, notice, warn, error, crit,
 | |
| # alert, emerg.
 | |
| #
 | |
| LogLevel warn
 | |
| 
 | |
| # COOK-1021: Dummy LoadModule directive to aid module installations
 | |
| #LoadModule dummy_module modules/mod_dummy.so
 | |
| 
 | |
| # Include module configuration:
 | |
| <% if node['apache']['version'] == '2.2' -%>
 | |
| Include <%= node['apache']['dir'] %>/mods-enabled/*.load
 | |
| Include <%= node['apache']['dir'] %>/mods-enabled/*.conf
 | |
| <% elsif node['apache']['version'] == '2.4' -%>
 | |
| IncludeOptional <%= node['apache']['dir'] %>/mods-enabled/*.load
 | |
| IncludeOptional <%= node['apache']['dir'] %>/mods-enabled/*.conf
 | |
| <% end -%>
 | |
| 
 | |
| <% if %w[freebsd].include?(node['platform_family']) -%>
 | |
| <IfDefine NOHTTPACCEPT>
 | |
|    AcceptFilter http none
 | |
|    AcceptFilter https none
 | |
| </IfDefine>
 | |
| <% end %>
 | |
| 
 | |
| # Include ports listing
 | |
| Include <%= node['apache']['dir'] %>/ports.conf
 | |
| 
 | |
| #
 | |
| # The following directives define some format nicknames for use with
 | |
| # a CustomLog directive (see below).
 | |
| #
 | |
| LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
 | |
| LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
 | |
| LogFormat "%h %l %u %t \"%r\" %>s %b" common
 | |
| LogFormat "%{Referer}i -> %U" referer
 | |
| LogFormat "%{User-agent}i" agent
 | |
| #
 | |
| <% if node['apache']['version'] == '2.2' -%>
 | |
| # Customizable error responses come in three flavors:
 | |
| # 1) plain text 2) local redirects 3) external redirects
 | |
| #
 | |
| # Some examples:
 | |
| #ErrorDocument 500 "The server made a boo boo."
 | |
| #ErrorDocument 404 /missing.html
 | |
| #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
 | |
| #ErrorDocument 402 http://www.example.com/subscription_info.html
 | |
| #
 | |
| 
 | |
| #
 | |
| # Putting this all together, we can internationalize error responses.
 | |
| #
 | |
| # We use Alias to redirect any /error/HTTP_<error>.html.var response to
 | |
| # our collection of by-error message multi-language collections.  We use
 | |
| # includes to substitute the appropriate text.
 | |
| #
 | |
| # You can modify the messages' appearance without changing any of the
 | |
| # default HTTP_<error>.html.var files by adding the line:
 | |
| #
 | |
| #   Alias /error/include/ "/your/include/path/"
 | |
| #
 | |
| # which allows you to create your own set of files by starting with the
 | |
| # /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
 | |
| # even on a per-VirtualHost basis.  The default include files will display
 | |
| # your Apache version number and your ServerAdmin email address regardless
 | |
| # of the setting of ServerSignature.
 | |
| #
 | |
| # The internationalized error documents require mod_alias, mod_include
 | |
| # and mod_negotiation.  To activate them, uncomment the following 30 lines.
 | |
| 
 | |
| #    Alias /error/ "/usr/share/apache2/error/"
 | |
| #
 | |
| #    <Directory "/usr/share/apache2/error">
 | |
| #        AllowOverride None
 | |
| #        Options IncludesNoExec
 | |
| #        AddOutputFilter Includes html
 | |
| #        AddHandler type-map var
 | |
| #        Order allow,deny
 | |
| #        Allow from all
 | |
| #        LanguagePriority en cs de es fr it nl sv pt-br ro
 | |
| #        ForceLanguagePriority Prefer Fallback
 | |
| #    </Directory>
 | |
| #
 | |
| #    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
 | |
| #    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
 | |
| #    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
 | |
| #    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
 | |
| #    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
 | |
| #    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
 | |
| #    ErrorDocument 410 /error/HTTP_GONE.html.var
 | |
| #    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
 | |
| #    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
 | |
| #    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
 | |
| #    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
 | |
| #    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
 | |
| #    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
 | |
| #    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
 | |
| #    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
 | |
| #    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
 | |
| #    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
 | |
| <% end -%>
 | |
| 
 | |
| <% if node['apache']['version'] == '2.4' -%>
 | |
| # Include generic snippets of statements
 | |
| IncludeOptional <%= node['apache']['dir'] %>/conf-enabled/*.conf
 | |
| 
 | |
| # Include the virtual host configurations:
 | |
| IncludeOptional <%= node['apache']['dir'] %>/sites-enabled/*.conf
 | |
| <% else -%>
 | |
| # Include generic snippets of statements
 | |
| Include <%= node['apache']['dir'] %>/conf-enabled/*.conf
 | |
| 
 | |
| # Include the virtual host configurations:
 | |
| Include <%= node['apache']['dir'] %>/sites-enabled/*.conf
 | |
| <% end -%>
 |