Saltstack Official Apache Formula
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

pillar.example 5.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165
  1. # ``apache`` formula configuration:
  2. apache:
  3. # lookup section overrides ``map.jinja`` values
  4. lookup:
  5. server: apache2
  6. service: apache2
  7. vhostdir: /etc/apache2/sites-available
  8. confdir: /etc/apache2/conf.d
  9. confext: .conf
  10. logdir: /var/log/apache2
  11. wwwdir: /srv/apache2
  12. # apache version (generally '2.2' or '2.4')
  13. version: '2.2'
  14. # ``apache.mod_wsgi`` formula additional configuration:
  15. mod_wsgi: mod_wsgi
  16. # Default value for AddDefaultCharset in RedHat configuration
  17. default_charset: 'UTF-8'
  18. global:
  19. # global apache directives
  20. AllowEncodedSlashes: 'On'
  21. name_virtual_hosts:
  22. - interface: '*'
  23. port: 80
  24. - interface: '*'
  25. port: 443
  26. # ``apache.vhosts`` formula additional configuration:
  27. sites:
  28. example.net:
  29. template_file: salt://apache/vhosts/minimal.tmpl
  30. example.com: # must be unique; used as an ID declaration in Salt.
  31. enabled: True
  32. template_file: salt://apache/vhosts/standard.tmpl # or redirect.tmpl or proxy.tmpl
  33. ####################### DEFAULT VALUES BELOW ############################
  34. # NOTE: the values below are simply default settings that *can* be
  35. # overridden and are not required in order to use this formula to create
  36. # vhost entries.
  37. #
  38. # Do not copy the values below into your Pillar unless you intend to
  39. # modify these vaules.
  40. ####################### DEFAULT VALUES BELOW ############################
  41. template_engine: jinja
  42. interface: '*'
  43. port: '80'
  44. ServerName: example.com # uses the unique ID above unless specified
  45. ServerAlias: www.example.com
  46. ServerAdmin: webmaster@example.com
  47. LogLevel: warn
  48. ErrorLog: /path/to/logs/example.com-error.log # E.g.: /var/log/apache2/example.com-error.log
  49. CustomLog: /path/to/logs/example.com-access.log # E.g.: /var/log/apache2/example.com-access.log
  50. DocumentRoot: /path/to/www/dir/example.com # E.g., /var/www/example.com
  51. SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired
  52. SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file
  53. SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file
  54. Directory:
  55. # "default" is a special case; Adds ``/path/to/www/dir/example.com``
  56. # E.g.: /var/www/example.com
  57. default:
  58. Options: -Indexes +FollowSymLinks
  59. Order: allow,deny # For Apache < 2.4
  60. Allow: from all # For apache < 2.4
  61. Require: all granted # For apache > 2.4.
  62. AllowOverride: None
  63. Formula_Append: |
  64. Additional config as a
  65. multi-line string here
  66. # if template is 'redirect.tmpl'
  67. # RedirectSource: '/'
  68. # RedirectTarget: 'http://www.example.net'
  69. # if template is 'proxy.tmpl'
  70. # ProxyRequests: 'On'
  71. # ProxyPreserveHost: 'On'
  72. # ProxyRoute:
  73. # my sample route:
  74. # ProxyPassSource: '/'
  75. # ProxyPassTarget: 'http://www.example.net'
  76. # ProxyPassTargetOptions: 'connectiontimeout=5 timeout=30'
  77. # ProxyPassReverseSource: '/'
  78. # ProxyPassReverseTarget: 'http://www.example.net'
  79. Alias:
  80. /docs: /usr/share/docs
  81. Location:
  82. /docs:
  83. Order: allow,deny # For Apache < 2.4
  84. Allow: from all # For apache < 2.4
  85. Require: all granted # For apache > 2.4.
  86. Formula_Append: |
  87. Additional config as a
  88. multi-line string here
  89. Formula_Append: |
  90. Additional config as a
  91. multi-line string here
  92. # ``apache.debian_full`` formula additional configuration:
  93. register-site:
  94. # any name as an array index, and you can duplicate this section
  95. UNIQUE_VALUE_HERE:
  96. name: 'my name'
  97. path: 'salt://path/to/sites-available/conf/file'
  98. state: 'enabled'
  99. # Optional - use managed file as Jinja Template
  100. #template: true
  101. #defaults:
  102. # custom_var: "default value"
  103. modules:
  104. enabled: # List modules to enable
  105. - ldap
  106. - ssl
  107. disabled: # List modules to disable
  108. - rewrite
  109. # KeepAlive: Whether or not to allow persistent connections (more than
  110. # one request per connection). Set to "Off" to deactivate.
  111. keepalive: 'On'
  112. security:
  113. # can be Full | OS | Minimal | Minor | Major | Prod
  114. # where Full conveys the most information, and Prod the least.
  115. ServerTokens: Prod
  116. # ``apache.mod_remoteip`` formula additional configuration:
  117. mod_remoteip:
  118. RemoteIPHeader: X-Forwarded-For
  119. RemoteIPTrustedProxy:
  120. - 10.0.8.0/24
  121. - 127.0.0.1
  122. # ``apache.mod_security`` formula additional configuration:
  123. mod_security:
  124. crs_install: True
  125. # If not set, default distro's configuration is installed as is
  126. manage_config: True
  127. sec_rule_engine: 'On'
  128. sec_request_body_access: 'On'
  129. sec_request_body_limit: '14000000'
  130. sec_request_body_no_files_limit: '114002'
  131. sec_request_body_in_memory_limit: '114002'
  132. sec_request_body_limit_action: 'Reject'
  133. sec_pcre_match_limit: '15000'
  134. sec_pcre_match_limit_recursion: '15000'
  135. sec_debug_log_level: '3'