From 35727b04e330b323ace37d8a6de9d9b264dd7e96 Mon Sep 17 00:00:00 2001
From: Peter Hormanns <peter.hormanns@jalin.de>
Date: Thu, 07 Mar 2019 19:37:57 +0100
Subject: [PATCH] IPv6 changes

---
 hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm |  129 ++++++++++++++++++++++---------------------
 1 files changed, 66 insertions(+), 63 deletions(-)

diff --git a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
index e4fdd2d..7834096 100644
--- a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
+++ b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
@@ -1,154 +1,157 @@
-# 
+#
 # This file is managed by HSAdmin.
 # Do not edit manually. Changes will be overwritten.
 #
 
-<VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80>
+<VirtualHost ${pac.curINetAddr.inet4Addr}:80 ${pac.oldINetAddr.inet4Addr}:80 ${pac.curINetAddr.inet6Addr}:80 ${pac.oldINetAddr.inet6Addr}:80>
     ServerName ${dom.name}
-    ServerAlias *.${dom.name}
+    ServerAlias ${dom.serveraliases}
     ServerAdmin webmaster@${dom.name}
 
     SuexecUserGroup ${dom.user.name} ${pac.name}
 
-#if( ${dynamicWeb} )    
-    PassengerEnabled on
+    PassengerEnabled Off
     PassengerUser ${dom.user.name}
     PassengerGroup ${pac.name}
     PassengerAppRoot /home/doms/${dom.name}/app/
-#end    
 
     DocumentRoot /home/doms/${dom.name}/htdocs
 
     Alias /cgi-bin/ /home/doms/${dom.name}/cgi/
     Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/
+#if( ${letsencrypt} )
+    Alias /.well-known/acme-challenge/ /var/lib/hostsharing/acmebot/webroot/${dom.name}/
+#end
 
     <Directory />
+        PassengerEnabled Off
         Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
     </Directory>
 
     <Directory /home/doms/${dom.name}/>
-        AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
+        PassengerEnabled On
+        AllowOverride AuthConfig FileInfo Indexes Limit Options=ExecCGI,IncludesNoExec,Indexes,MultiViews,SymLinksIfOwnerMatch,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
     </Directory>
 
-#if( ${dynamicWeb} )
     <Location /cgi-bin/>
+        PassengerEnabled Off
         SetHandler cgi-script
-        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
+        Options +ExecCGI +IncludesNoExec -Indexes -MultiViews +SymLinksIfOwnerMatch
     </Location>
-#else
-    <Location /cgi-bin/>
-        Redirect 501 /
-    </Location>
-#end
 
-#if( ${dynamicWeb} )
     <Location /fastcgi-bin/>
+        PassengerEnabled Off
         SetHandler fcgid-script
-        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
+        Options +ExecCGI +IncludesNoExec -Indexes -MultiViews +SymLinksIfOwnerMatch
     </Location>
-#else
-    <Location /fastcgi-bin/>
-        Redirect 501 /
-    </Location>
-#end
 
+#if( ${phplatest} )
+    FcgidInitialEnv HTTP_PHP_BIN /usr/lib/cgi-bin/php7.3
+
+#end
     RewriteEngine On
     RewriteOptions Inherit
 
     RewriteCond %{REQUEST_URI} !^/cgi-bin/
-    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/    
+    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
+#if( ${letsencrypt} )
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
+#end
     RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
     RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d
-    RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]     
-    
+    RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]
+
 #if( !${htdocsfallback} )
     RewriteCond %{REQUEST_URI} !^/cgi-bin/
-	RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
-    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
+    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
+#if( ${letsencrypt} )
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
+#end
+    RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary]
     RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d
     RewriteRule ^(.*) - [redirect=404,last]
-    
+
 #end
-#if( ${dynamicWeb} )
     AddType application/x-httpd-php .php .php5 .php4 .php3
     Action application/x-httpd-php /fastcgi-bin/phpstub
-#end
 </VirtualHost>
 
-<VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443>
+<VirtualHost ${pac.curINetAddr.inet4Addr}:443 ${pac.oldINetAddr.inet4Addr}:443 ${pac.curINetAddr.inet6Addr}:443 ${pac.oldINetAddr.inet6Addr}:443>
     ServerName ${dom.name}
-    ServerAlias *.${dom.name}
-    ServerAdmin ${dom.user.name}@${dom.name}
+    ServerAlias ${dom.serveraliases}
+    ServerAdmin webmaster@${dom.name}
 
     SuexecUserGroup ${dom.user.name} ${pac.name}
-    
-#if( ${dynamicWeb} )    
-    PassengerEnabled on
+
+    PassengerEnabled Off
     PassengerUser ${dom.user.name}
     PassengerGroup ${pac.name}
     PassengerAppRoot /home/doms/${dom.name}/app-ssl/
-#end    
 
     SSLEngine On
-    SSLCertificateFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.crt
-    SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.key
-    SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.chain
-       
+    SSLCertificateFile /etc/apache2/pems-enabled/${dom.name}.crt
+    SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.name}.key
+    SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.name}.chain
+
     DocumentRoot /home/doms/${dom.name}/htdocs-ssl
 
     Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/
     Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/
+#if( ${letsencrypt} )
+    Alias /.well-known/acme-challenge/ /var/lib/hostsharing/acmebot/webroot/${dom.name}/
+#end
 
     <Directory />
         SSLRequireSSL On
+        PassengerEnabled Off
         Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
     </Directory>
 
     <Directory /home/doms/${dom.name}/>
-        AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
+        PassengerEnabled On
+        AllowOverride AuthConfig FileInfo Indexes Limit Options=ExecCGI,IncludesNoExec,Indexes,MultiViews,SymLinksIfOwnerMatch,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
     </Directory>
 
-#if( ${dynamicWeb} )
     <Location /cgi-bin/>
+        PassengerEnabled Off
         SetHandler cgi-script
-        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
+        Options +ExecCGI +IncludesNoExec -Indexes -MultiViews +SymLinksIfOwnerMatch
     </Location>
-#else
-    <Location /cgi-bin/>
-        Redirect 501 /
-    </Location>
-#end
 
-#if( ${dynamicWeb} )
     <Location /fastcgi-bin/>
+        PassengerEnabled Off
         SetHandler fcgid-script
-        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
+        Options +ExecCGI +IncludesNoExec -Indexes -MultiViews +SymLinksIfOwnerMatch
     </Location>
-#else
-    <Location /fastcgi-bin/>
-        Redirect 501 /
-    </Location>
+
+#if( ${phplatest} )
+    FcgidInitialEnv HTTP_PHP_BIN /usr/lib/cgi-bin/php7.3
+
 #end
-    
     RewriteEngine On
     RewriteOptions Inherit
-    
+
     RewriteCond %{REQUEST_URI} !^/cgi-bin/
-    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/    
+    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
+#if( ${letsencrypt} )
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
+#end
     RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
     RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d
-    RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]    
-    
+    RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]
+
 #if( !${htdocsfallback} )
     RewriteCond %{REQUEST_URI} !^/cgi-bin/
-	RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
+    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
+#if( ${letsencrypt} )
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
+#end
     RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary]
     RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d
     RewriteRule ^(.*) - [redirect=404,last]
-#end
 
-#if( ${dynamicWeb} )
+#end
     AddType application/x-httpd-php .php .php5 .php4 .php3
     Action application/x-httpd-php /fastcgi-bin/phpstub
-#end
+
 </VirtualHost>

--
Gitblit v1.9.0-SNAPSHOT