Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/pagure/frontend/templates/0_pagure.conf
Pierre-Yves Chibon 272bf67d58 Clean up and make the apache config working for pagure
2016-12-05 15:52:11 +01:00

168 lines
4.3 KiB
Text
Raw Blame History

WSGISocketPrefix run/wsgi
#WSGIRestrictStdout On
WSGIRestrictSignal Off
WSGIPythonOptimize 1
WSGIPassAuthorization On
WSGIDaemonProcess pagure user=git group=git maximum-requests=1000 display-name=pagure processes=4 threads=4 inactivity-timeout=300
WSGIDaemonProcess paguredocs user=git group=git maximum-requests=1000 display-name=paguredocs processes=4 threads=4 inactivity-timeout=300
## Redirects http -> https
<VirtualHost *:80>
{% if env == 'pagure-staging' %}
ServerName stg.pagure.io
Redirect permanent / https://stg.pagure.io/
{% else %}
ServerName pagure.io
Redirect permanent / https://pagure.io/
{% endif %}
</VirtualHost>
<VirtualHost *:80>
{% if env == 'pagure-staging' %}
ServerName docs.stg.pagure.org
Redirect permanent / https://docs.stg.pagure.org/
{% else %}
ServerName docs.pagure.org
Redirect permanent / https://docs.pagure.org/
{% endif %}
</VirtualHost>
<VirtualHost *:80>
{% if env == 'pagure-staging' %}
ServerName releases.stg.pagure.org
Redirect permanent / https://releases.stg.pagure.org/
{% else %}
ServerName releases.pagure.org
Redirect permanent / https://releases.pagure.org/
{% endif %}
</VirtualHost>
## End of redirects http -> https
<VirtualHost *:443>
{% if env == 'pagure-staging' %}
ServerName stg.pagure.io
{% else %}
ServerName pagure.io
{% endif %}
WSGIScriptAlias / /var/www/pagure.wsgi
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
# Use secure TLSv1.1 and TLSv1.2 ciphers
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
SSLCertificateFile /etc/pki/tls/certs/pagure.io.cert
SSLCertificateChainFile /etc/pki/tls/certs/pagure.io.intermediate.cert
SSLCertificateKeyFile /etc/pki/tls/certs/pagure.io.key
Alias /static /usr/lib/python2.7/site-packages/pagure/static/
SetEnv GIT_PROJECT_ROOT /srv/git/repositories
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /srv/git/repositories/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /srv/git/repositories/$1
ScriptAliasMatch \
"(?x)^/(.*/(HEAD | \
info/refs | \
objects/info/[^/]+ | \
git-(upload|receive)-pack))$" \
/usr/libexec/git-core/git-http-backend/$1
<Location />
WSGIProcessGroup pagure
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order deny,allow
Allow from all
</IfModule>
</Location>
<Location /releases>
Redirect "/releases" https://releases.pagure.org
</Location>
</VirtualHost>
<VirtualHost *:443>
{% if env == 'pagure-staging' %}
ServerName stg.pagure.org
{% else %}
ServerName pagure.org
{% endif %}
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
# Use secure TLSv1.1 and TLSv1.2 ciphers
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
SSLCertificateFile /etc/pki/tls/certs/docs.pagure.org.crt
SSLCertificateChainFile /etc/pki/tls/certs/docs.pagure.org.intermediate.crt
SSLCertificateKeyFile /etc/pki/tls/certs/docs.pagure.org.key
{% if env == 'pagure-staging' %}
Redirect permanent / https://stg.pagure.io/
{% else %}
Redirect permanent / https://pagure.io/
{% endif %}
</VirtualHost>
<VirtualHost *:443>
{% if env == 'pagure-staging' %}
ServerName docs.stg.pagure.org
{% else %}
ServerName docs.pagure.org
{% endif %}
WSGIScriptAlias / /var/www/docs_pagure.wsgi
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
# Use secure TLSv1.1 and TLSv1.2 ciphers
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
SSLCertificateFile /etc/pki/tls/certs/docs.pagure.org.crt
SSLCertificateChainFile /etc/pki/tls/certs/docs.pagure.org.intermediate.crt
SSLCertificateKeyFile /etc/pki/tls/certs/docs.pagure.org.key
Alias /static /usr/lib/python2.7/site-packages/pagure/static/
<Location />
WSGIProcessGroup paguredocs
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order deny,allow
Allow from all
</IfModule>
</Location>
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/releases"
{% if env == 'pagure-staging' %}
ServerName releases.stg.pagure.org
{% else %}
ServerName releases.pagure.org
{% endif %}
<Directory />
Options +Indexes
IndexOptions NameWidth=*
</Directory>
</VirtualHost>
Reference in a new issue View git blame Copy permalink