An Ansible Playbook to deploy OpenLDAP and FusionDirectory
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
- <IfModule mod_ssl.c>
- <VirtualHost *:443>
- ServerName auth.{{ domain }}
- ServerAdmin webmaster@{{ domain }}
- DocumentRoot /usr/share/fusiondirectory/html
- ErrorLog ${APACHE_LOG_DIR}/fd-error.log
- CustomLog ${APACHE_LOG_DIR}/fd-access.log combined
-
- <IfModule mod_php5.c>
- <Location />
- php_admin_flag engine on
- php_admin_flag register_globals off
- php_admin_flag allow_call_time_pass_reference off
- php_admin_flag expose_php off
- php_admin_flag zend.ze1_compatibility_mode off
- php_admin_flag register_long_arrays off
- php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
- php_admin_value session.cookie_lifetime 0
- #Include /etc/fusiondirectory/fusiondirectory.secrets
- </Location>
- </IfModule>
-
- <Directory /usr/share/fusiondirectory/html/>
- Order Allow,Deny
- # Insert your public IPs here
- {% for ip_address in allowed_ips %}
- Allow from {{ ip_address }}
- {% endfor %}
- </Directory>
-
- Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
- <Directory "/var/www/html/">
- AllowOverride None
- Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
- Require method GET POST OPTIONS
- </Directory>
-
- SSLCertificateFile /etc/letsencrypt/live/auth.{{ domain }}/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/auth.{{ domain }}/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
- </VirtualHost>
- </IfModule>
|