libravatar: update httpd config
This commit is contained in:
clime
parent
0317c50c03
commit
37802e5189
1 changed files with 26 additions and 6 deletions
|
|
@ -1,16 +1,28 @@
|
||||||
WSGISocketPrefix /var/run/wsgi
|
WSGISocketPrefix /var/run/wsgi
|
||||||
RewriteEngine on
|
RewriteEngine on
|
||||||
|
|
||||||
|
<Directory "/var/www/html/.well-known/">
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
<VirtualHost *:80>
|
<VirtualHost *:80>
|
||||||
ServerName {{ inventory_hostname }}
|
ServerName {{ inventory_hostname }}
|
||||||
|
RewriteRule ^/\.well-known/(.*) /var/www/html/.well-known/$1 [L]
|
||||||
|
RewriteRule "^/?(.*)" "https://%{HTTP_HOST}/$1" [L,R=301,NE]
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:443>
|
||||||
|
ServerName {{ inventory_hostname }}
|
||||||
|
|
||||||
|
SSLCertificateFile /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem
|
||||||
|
SSLCertificateKeyFile /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem
|
||||||
|
SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
|
||||||
|
Header always add Strict-Transport-Security "max-age=31536000; preload"
|
||||||
|
|
||||||
RewriteRule ^/\.well-known/(.*) /var/www/html/.well-known/$1 [L]
|
RewriteRule ^/\.well-known/(.*) /var/www/html/.well-known/$1 [L]
|
||||||
<Directory "/var/www/html/.well-known/">
|
|
||||||
Require all granted
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
WSGIPassAuthorization On
|
WSGIPassAuthorization On
|
||||||
WSGIDaemonProcess libravatar user=apache group=apache threads=25 display-name=libravatar maximum-requests=8000 graceful-timeout=20 python-home=/mnt/data/.virtualenv python-path=/srv/libravatar
|
WSGIDaemonProcess libravatar user=apache group=apache threads=25 display-name=libravatar maximum-requests=10000 graceful-timeout=20 python-home=/mnt/data/.virtualenv python-path=/srv/libravatar
|
||||||
WSGIScriptAlias / /mnt/data/wsgi.py
|
WSGIScriptAlias / /mnt/data/wsgi.py
|
||||||
|
|
||||||
ScriptAlias "/cgi-bin/" "/mnt/data/cgi-bin/"
|
ScriptAlias "/cgi-bin/" "/mnt/data/cgi-bin/"
|
||||||
|
|
@ -38,16 +50,24 @@ RewriteEngine on
|
||||||
WSGIApplicationGroup %{GLOBAL}
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
Require all granted
|
Require all granted
|
||||||
</Directory>
|
</Directory>
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:443>
|
||||||
|
SSLCertificateFile /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem
|
||||||
|
SSLCertificateKeyFile /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem
|
||||||
|
SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
|
||||||
|
Header always add Strict-Transport-Security "max-age=31536000; preload"
|
||||||
|
|
||||||
|
#ServerName {{ inventory_hostname }}
|
||||||
|
#RewriteRule "^/?(.*)" "https://%{HTTP_HOST}/$1" [L,R=301,NE]
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
<IfModule mod_status.c>
|
<IfModule mod_status.c>
|
||||||
ExtendedStatus On
|
ExtendedStatus On
|
||||||
|
|
||||||
<Location /server-status>
|
<Location /server-status>
|
||||||
SetHandler server-status
|
SetHandler server-status
|
||||||
Require all denied
|
Require all denied
|
||||||
Require host localhost .redhat.com
|
Require host localhost
|
||||||
</Location>
|
</Location>
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue