From 6910f4e7d46f903f220f0a5a99b975089ce6aaef Mon Sep 17 00:00:00 2001
From: Daniel Jagszent <daniel@jagszent.de>
Date: Thu, 6 Oct 2016 02:58:06 +0200
Subject: [PATCH] copy install/tpl/apache_ispconfig.conf.master to
server/conf/apache_ispconfig.conf.master
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If you add/remove server IPs the file `/etc/apache2/sites-available/ispconfig.conf` gets recreated and it is missing the alias for Let's Encrypt ACME challenges. Copying over the current install template fixes that.
Maybe one could remove this template duplication completely by using `server/conf/apache_ispconfig.conf.master` in the install process?
The `Header set Content-Type "text/plain"` was only in `server/conf/apache_ispconfig.conf.master` and not in `install/tpl/apache_ispconfig.conf.master` – is it necessary?
---
server/conf/apache_ispconfig.conf.master | 122 ++++++++++++-----------
1 file changed, 64 insertions(+), 58 deletions(-)
diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master
index 79acb9c893..f67fe96f58 100644
--- a/server/conf/apache_ispconfig.conf.master
+++ b/server/conf/apache_ispconfig.conf.master
@@ -3,129 +3,135 @@
# ISPConfig Logfile configuration for vlogger
################################################
-LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
-CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig
+SetEnvIf Request_URI "^/datalogstatus.php$" dontlog
-<IfModule mod_headers.c>
- <LocationMatch "/.well-known/acme-challenge/*">
- Header set Content-Type "text/plain"
- </LocationMatch>
-</IfModule>
+LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
+CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
<Directory /var/www/clients>
AllowOverride None
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all denied
- <tmpl_else>
- Order Deny,Allow
- Deny from all
- </tmpl_if>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all denied
+ <tmpl_else>
+ Order Deny,Allow
+ Deny from all
+ </tmpl_if>
</Directory>
# Do not allow access to the root file system of the server for security reasons
<Directory />
+ Options -Indexes
AllowOverride None
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all denied
- <tmpl_else>
- Order Deny,Allow
- Deny from all
- </tmpl_if>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all denied
+ <tmpl_else>
+ Order Deny,Allow
+ Deny from all
+ </tmpl_if>
</Directory>
<Directory /var/www/conf>
AllowOverride None
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all denied
- <tmpl_else>
- Order Deny,Allow
- Deny from all
- </tmpl_if>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all denied
+ <tmpl_else>
+ Order Deny,Allow
+ Deny from all
+ </tmpl_if>
</Directory>
# Except of the following directories that contain website scripts
<Directory /usr/share/phpmyadmin>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<Directory /usr/share/phpMyAdmin>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<Directory /srv/www/htdocs>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<Directory /usr/share/squirrelmail>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
# Allow access to mailman on OpenSuSE
<Directory /usr/lib/mailman/cgi-bin>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<Directory /usr/lib/mailman/icons>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<Directory /var/lib/mailman/archives/>
Options +FollowSymLinks
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
# allow path to awstats and alias for awstats icons
<Directory /usr/share/awstats>
- <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
- Require all granted
- <tmpl_else>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
Order allow,deny
Allow from all
- </tmpl_if>
+ </tmpl_if>
</Directory>
<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
Alias /awstats-icon "/usr/share/awstats/icon"
</tmpl_if>
+Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
+<Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge>
+ <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
+ Require all granted
+ <tmpl_else>
+ Order allow,deny
+ Allow from all
+ </tmpl_if>
+</Directory>
+
NameVirtualHost *:80
NameVirtualHost *:443
<tmpl_loop name="ip_adresses">
NameVirtualHost {tmpl_var name="ip_address"}:{tmpl_var name="port"}
</tmpl_loop>
-
--
GitLab