7d2bf8ef50
We recently broke our /etc/hosts content on our servers then restored it to a sane default for each server. This would have removed any special entries servers may have had. It appears that refstack was relying on such special entries to make the named virtualhost entries work. With the new /etc/hosts content our vhosts weren't serving content. Fix this by removing the named vhost entries and instead rely on ServerName to specify where requests go. Change-Id: I8b8242b1b6d9b2bb072ace5b82a65899fe383056
60 lines
2.2 KiB
Plaintext
60 lines
2.2 KiB
Plaintext
<VirtualHost *:80>
|
|
<% if !!scope.lookupvar('::refstack::apache::https::server_admin') %>
|
|
ServerAdmin <%= scope.lookupvar('::refstack::apache::https::server_admin') %>
|
|
<% end %>
|
|
ServerName <%= scope.lookupvar('::refstack::apache::https::hostname') %>
|
|
|
|
DocumentRoot <%= scope.lookupvar('::refstack::apache::https::install_www_root') %>
|
|
|
|
Redirect / https://<%= scope.lookupvar('::refstack::apache::https::hostname') %>/
|
|
|
|
LogLevel warn
|
|
ErrorLog ${APACHE_LOG_DIR}/refstack-error.log
|
|
CustomLog ${APACHE_LOG_DIR}/refstack-access.log combined
|
|
|
|
</VirtualHost>
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost *:443>
|
|
<% if !!scope.lookupvar('::refstack::apache::https::server_admin') %>
|
|
ServerAdmin <%= scope.lookupvar('::refstack::apache::https::server_admin') %>
|
|
<% end %>
|
|
ServerName <%= scope.lookupvar('::refstack::apache::https::hostname') %>
|
|
|
|
LogLevel warn
|
|
ErrorLog ${APACHE_LOG_DIR}/refstack-ssl-error.log
|
|
CustomLog ${APACHE_LOG_DIR}/refstack-ssl-access.log combined
|
|
|
|
SSLEngine on
|
|
SSLProtocol All -SSLv2 -SSLv3
|
|
|
|
SSLCertificateFile <%= scope.lookupvar('::refstack::apache::https::ssl_cert') %>
|
|
SSLCertificateKeyFile <%= scope.lookupvar('::refstack::apache::https::ssl_key') %>
|
|
<% if !!scope.lookupvar('::refstack::apache::https::resolved_ssl_ca') %>
|
|
SSLCertificateChainFile <%= scope.lookupvar('::refstack::apache::https::resolved_ssl_ca') %>
|
|
<% end %>
|
|
|
|
<FilesMatch "\.(cgi|shtml|phtml|php)$">
|
|
SSLOptions +StdEnvVars
|
|
</FilesMatch>
|
|
<Directory /usr/lib/cgi-bin>
|
|
SSLOptions +StdEnvVars
|
|
</Directory>
|
|
|
|
BrowserMatch "MSIE [2-6]" \
|
|
nokeepalive ssl-unclean-shutdown \
|
|
downgrade-1.0 force-response-1.0
|
|
# MSIE 7 and newer should be able to use keepalive
|
|
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
|
|
|
|
DocumentRoot <%= scope.lookupvar('::refstack::apache::https::install_www_root') %>
|
|
|
|
WSGIDaemonProcess refstack user=<%= scope.lookupvar('::refstack::apache::https::user') %> group=<%= scope.lookupvar('::refstack::apache::https::group') %> threads=5
|
|
WSGIScriptAlias /api /etc/refstack/app.wsgi
|
|
WSGIPassAuthorization On
|
|
|
|
<Directory "/etc/refstack">
|
|
Require all granted
|
|
</Directory>
|
|
</VirtualHost>
|
|
</IfModule>
|