From 92adbebbeeff93d16e824bf369dd60be2495e4ae Mon Sep 17 00:00:00 2001 From: Dan Goodliffe Date: Tue, 18 Jun 2019 18:54:48 +0100 Subject: Macro out SSL and SSL redirect config parts --- etc/apache/httpd.conf | 41 +++++++++++++++++++---------------------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/etc/apache/httpd.conf b/etc/apache/httpd.conf index b3664a6..f1d0542 100644 --- a/etc/apache/httpd.conf +++ b/etc/apache/httpd.conf @@ -55,6 +55,7 @@ LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule remoteip_module modules/mod_remoteip.so LoadModule markdown_module modules/mod_markdown.so +LoadModule macro_module modules/mod_macro.so include /etc/apache2/modules.d/00_mod_autoindex.conf Include /etc/apache2/modules.d/75_mod_perl.conf @@ -136,6 +137,20 @@ AddHandler markdown .md # Needed to stop whatever is first from being the default + + + ServerName "$domain" + Redirect permanent / "https://$domain/" + + + + ServerName "$domain" + SSLEngine On + SSLCertificateFile "/etc/letsencrypt/live/$domain/cert.pem" + SSLCertificateKeyFile "/etc/letsencrypt/live/$domain/privkey.pem" + SSLCertificateChainFile "/etc/letsencrypt/live/$domain/chain.pem" + Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" + ServerName bugzilla.randomdan.homeip.net @@ -147,17 +162,9 @@ AddHandler markdown .md PerlModule CGI PerlSendHeader On - - ServerName sys.randomdan.homeip.net - Redirect permanent / https://sys.randomdan.homeip.net/ - +Use SSLRedirect sys.randomdan.homeip.net - ServerName sys.randomdan.homeip.net - SSLEngine On - SSLCertificateFile /etc/letsencrypt/live/sys.randomdan.homeip.net/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/sys.randomdan.homeip.net/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/sys.randomdan.homeip.net/chain.pem - Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" + Use SSL sys.randomdan.homeip.net ProxyPass "/haproxy/" "http://virtualip.random.lan:9000/haproxy/" ProxyPassReverse "/haproxy/" "http://virtualip.random.lan:9000/haproxy/" ScriptAlias /nagios/cgi-bin /usr/lib64/nagios/cgi-bin/ @@ -173,18 +180,8 @@ AddHandler markdown .md Alias /nagios /usr/share/nagios/htdocs - ServerName gentoobrowse.randomdan.homeip.net - SSLEngine On - SSLCertificateFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/gentoobrowse.randomdan.homeip.net/chain.pem - Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" + Use SSL gentoobrowse.randomdan.homeip.net - ServerName git.randomdan.homeip.net - SSLEngine On - SSLCertificateFile /etc/letsencrypt/live/git.randomdan.homeip.net/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/git.randomdan.homeip.net/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/git.randomdan.homeip.net/chain.pem - Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" + Use SSL git.randomdan.homeip.net -- cgit v1.2.3