apache template
This commit is contained in:
parent
0e59e02ef0
commit
bf2b3535b9
@ -62,6 +62,7 @@ public class Domain extends AbstractEntity {
|
|||||||
inverseJoinColumns={@JoinColumn(name="domain_option_id", referencedColumnName="domain_option_id")})
|
inverseJoinColumns={@JoinColumn(name="domain_option_id", referencedColumnName="domain_option_id")})
|
||||||
private Set<DomainOption> domainoptions;
|
private Set<DomainOption> domainoptions;
|
||||||
|
|
||||||
|
@AnnFieldIO(validation="([a-z0-9\\-]+\\,)*[a-z0-9\\-]+|\\*", rw=ReadWriteAccess.READWRITE)
|
||||||
@Column(name = "valid_subdomain_names", columnDefinition = "character varying(512)")
|
@Column(name = "valid_subdomain_names", columnDefinition = "character varying(512)")
|
||||||
private String validSubdomainNames;
|
private String validSubdomainNames;
|
||||||
|
|
||||||
@ -190,4 +191,15 @@ public class Domain extends AbstractEntity {
|
|||||||
this.validSubdomainNames = validSubdomainNames;
|
this.validSubdomainNames = validSubdomainNames;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getServeraliases() {
|
||||||
|
String[] subs = validSubdomainNames.split(",");
|
||||||
|
StringBuffer aliases = new StringBuffer();
|
||||||
|
for (String sub : subs) {
|
||||||
|
aliases.append(' ');
|
||||||
|
aliases.append(sub.trim());
|
||||||
|
aliases.append('.');
|
||||||
|
aliases.append(name);
|
||||||
|
}
|
||||||
|
return aliases.toString();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -267,6 +267,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
|
|||||||
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
|
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
|
||||||
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
|
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
|
||||||
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
|
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
|
||||||
|
ifOption(templateVars, query, "letsencrypt", Boolean.TRUE, Boolean.FALSE);
|
||||||
final Processor domSetupProcessor = new CompoundProcessor(
|
final Processor domSetupProcessor = new CompoundProcessor(
|
||||||
new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.vm", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true),
|
new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.vm", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true),
|
||||||
new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && "
|
new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && "
|
||||||
|
@ -5,12 +5,12 @@
|
|||||||
|
|
||||||
<VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80>
|
<VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80>
|
||||||
ServerName ${dom.name}
|
ServerName ${dom.name}
|
||||||
ServerAlias *.${dom.name}
|
ServerAlias ${dom.serveraliases}
|
||||||
ServerAdmin webmaster@${dom.name}
|
ServerAdmin webmaster@${dom.name}
|
||||||
|
|
||||||
SuexecUserGroup ${dom.user.name} ${pac.name}
|
SuexecUserGroup ${dom.user.name} ${pac.name}
|
||||||
|
|
||||||
PassengerEnabled on
|
PassengerEnabled Off
|
||||||
PassengerUser ${dom.user.name}
|
PassengerUser ${dom.user.name}
|
||||||
PassengerGroup ${pac.name}
|
PassengerGroup ${pac.name}
|
||||||
PassengerAppRoot /home/doms/${dom.name}/app/
|
PassengerAppRoot /home/doms/${dom.name}/app/
|
||||||
@ -19,21 +19,28 @@
|
|||||||
|
|
||||||
Alias /cgi-bin/ /home/doms/${dom.name}/cgi/
|
Alias /cgi-bin/ /home/doms/${dom.name}/cgi/
|
||||||
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/
|
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
|
|
||||||
<Directory />
|
<Directory />
|
||||||
|
PassengerEnabled Off
|
||||||
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
|
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
<Directory /home/doms/${dom.name}/>
|
<Directory /home/doms/${dom.name}/>
|
||||||
|
PassengerEnabled On
|
||||||
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
|
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
<Location /cgi-bin/>
|
<Location /cgi-bin/>
|
||||||
|
PassengerEnabled Off
|
||||||
SetHandler cgi-script
|
SetHandler cgi-script
|
||||||
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
<Location /fastcgi-bin/>
|
<Location /fastcgi-bin/>
|
||||||
|
PassengerEnabled Off
|
||||||
SetHandler fcgid-script
|
SetHandler fcgid-script
|
||||||
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
||||||
</Location>
|
</Location>
|
||||||
@ -42,7 +49,10 @@
|
|||||||
RewriteOptions Inherit
|
RewriteOptions Inherit
|
||||||
|
|
||||||
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
||||||
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
|
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
|
||||||
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d
|
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d
|
||||||
RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]
|
RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]
|
||||||
@ -50,6 +60,9 @@
|
|||||||
#if( !${htdocsfallback} )
|
#if( !${htdocsfallback} )
|
||||||
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
||||||
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary]
|
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary]
|
||||||
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d
|
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d
|
||||||
RewriteRule ^(.*) - [redirect=404,last]
|
RewriteRule ^(.*) - [redirect=404,last]
|
||||||
@ -61,12 +74,12 @@
|
|||||||
|
|
||||||
<VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443>
|
<VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443>
|
||||||
ServerName ${dom.name}
|
ServerName ${dom.name}
|
||||||
ServerAlias *.${dom.name}
|
ServerAlias ${dom.serveraliases}
|
||||||
ServerAdmin ${dom.user.name}@${dom.name}
|
ServerAdmin ${dom.user.name}@${dom.name}
|
||||||
|
|
||||||
SuexecUserGroup ${dom.user.name} ${pac.name}
|
SuexecUserGroup ${dom.user.name} ${pac.name}
|
||||||
|
|
||||||
PassengerEnabled on
|
PassengerEnabled Off
|
||||||
PassengerUser ${dom.user.name}
|
PassengerUser ${dom.user.name}
|
||||||
PassengerGroup ${pac.name}
|
PassengerGroup ${pac.name}
|
||||||
PassengerAppRoot /home/doms/${dom.name}/app-ssl/
|
PassengerAppRoot /home/doms/${dom.name}/app-ssl/
|
||||||
@ -80,22 +93,29 @@
|
|||||||
|
|
||||||
Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/
|
Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/
|
||||||
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/
|
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
|
|
||||||
<Directory />
|
<Directory />
|
||||||
SSLRequireSSL On
|
SSLRequireSSL Off
|
||||||
|
PassengerEnabled On
|
||||||
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
|
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
<Directory /home/doms/${dom.name}/>
|
<Directory /home/doms/${dom.name}/>
|
||||||
|
SSLRequireSSL On
|
||||||
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
|
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
<Location /cgi-bin/>
|
<Location /cgi-bin/>
|
||||||
|
PassengerEnabled Off
|
||||||
SetHandler cgi-script
|
SetHandler cgi-script
|
||||||
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
<Location /fastcgi-bin/>
|
<Location /fastcgi-bin/>
|
||||||
|
PassengerEnabled Off
|
||||||
SetHandler fcgid-script
|
SetHandler fcgid-script
|
||||||
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
|
||||||
</Location>
|
</Location>
|
||||||
@ -105,6 +125,9 @@
|
|||||||
|
|
||||||
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
||||||
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
|
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
|
||||||
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d
|
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d
|
||||||
RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]
|
RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]
|
||||||
@ -112,6 +135,9 @@
|
|||||||
#if( !${htdocsfallback} )
|
#if( !${htdocsfallback} )
|
||||||
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
RewriteCond %{REQUEST_URI} !^/cgi-bin/
|
||||||
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
|
||||||
|
#if( ${letsencrypt} )
|
||||||
|
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
|
||||||
|
#end
|
||||||
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary]
|
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary]
|
||||||
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d
|
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d
|
||||||
RewriteRule ^(.*) - [redirect=404,last]
|
RewriteRule ^(.*) - [redirect=404,last]
|
||||||
|
Loading…
Reference in New Issue
Block a user