ansible-deploy-ldap-fusiond.../templates/fd-vhost-ssl.conf.j2
2018-06-07 07:19:58 -07:00

43 lines
1.5 KiB
Django/Jinja

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName auth.{{ domain }}
ServerAdmin webmaster@{{ domain }}
DocumentRoot /usr/share/fusiondirectory/html
ErrorLog ${APACHE_LOG_DIR}/fd-error.log
CustomLog ${APACHE_LOG_DIR}/fd-access.log combined
<IfModule mod_php5.c>
<Location />
php_admin_flag engine on
php_admin_flag register_globals off
php_admin_flag allow_call_time_pass_reference off
php_admin_flag expose_php off
php_admin_flag zend.ze1_compatibility_mode off
php_admin_flag register_long_arrays off
php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
php_admin_value session.cookie_lifetime 0
#Include /etc/fusiondirectory/fusiondirectory.secrets
</Location>
</IfModule>
<Directory /usr/share/fusiondirectory/html/>
Order Allow,Deny
# Insert your public IPs here
{% for ip_address in allowed_ips %}
Allow from {{ ip_address }}
{% endfor %}
</Directory>
Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
<Directory "/var/www/html/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
SSLCertificateFile /etc/letsencrypt/live/auth.{{ domain }}/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/auth.{{ domain }}/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>