Saltstack Official Apache Formula
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.

11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
11 лет назад
9 лет назад
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165
  1. # ``apache`` formula configuration:
  2. apache:
  3. # lookup section overrides ``map.jinja`` values
  4. lookup:
  5. server: apache2
  6. service: apache2
  7. vhostdir: /etc/apache2/sites-available
  8. confdir: /etc/apache2/conf.d
  9. confext: .conf
  10. logdir: /var/log/apache2
  11. wwwdir: /srv/apache2
  12. # apache version (generally '2.2' or '2.4')
  13. version: '2.2'
  14. # ``apache.mod_wsgi`` formula additional configuration:
  15. mod_wsgi: mod_wsgi
  16. # Default value for AddDefaultCharset in RedHat configuration
  17. default_charset: 'UTF-8'
  18. global:
  19. # global apache directives
  20. AllowEncodedSlashes: 'On'
  21. name_virtual_hosts:
  22. - interface: '*'
  23. port: 80
  24. - interface: '*'
  25. port: 443
  26. # ``apache.vhosts`` formula additional configuration:
  27. sites:
  28. example.net:
  29. template_file: salt://apache/vhosts/minimal.tmpl
  30. example.com: # must be unique; used as an ID declaration in Salt.
  31. enabled: True
  32. template_file: salt://apache/vhosts/standard.tmpl # or redirect.tmpl or proxy.tmpl
  33. ####################### DEFAULT VALUES BELOW ############################
  34. # NOTE: the values below are simply default settings that *can* be
  35. # overridden and are not required in order to use this formula to create
  36. # vhost entries.
  37. #
  38. # Do not copy the values below into your Pillar unless you intend to
  39. # modify these vaules.
  40. ####################### DEFAULT VALUES BELOW ############################
  41. template_engine: jinja
  42. interface: '*'
  43. port: '80'
  44. ServerName: example.com # uses the unique ID above unless specified
  45. ServerAlias: www.example.com
  46. ServerAdmin: webmaster@example.com
  47. LogLevel: warn
  48. ErrorLog: /path/to/logs/example.com-error.log # E.g.: /var/log/apache2/example.com-error.log
  49. CustomLog: /path/to/logs/example.com-access.log # E.g.: /var/log/apache2/example.com-access.log
  50. DocumentRoot: /path/to/www/dir/example.com # E.g., /var/www/example.com
  51. SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired
  52. SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file
  53. SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file
  54. Directory:
  55. # "default" is a special case; Adds ``/path/to/www/dir/example.com``
  56. # E.g.: /var/www/example.com
  57. default:
  58. Options: -Indexes +FollowSymLinks
  59. Order: allow,deny # For Apache < 2.4
  60. Allow: from all # For apache < 2.4
  61. Require: all granted # For apache > 2.4.
  62. AllowOverride: None
  63. Formula_Append: |
  64. Additional config as a
  65. multi-line string here
  66. # if template is 'redirect.tmpl'
  67. # RedirectSource: '/'
  68. # RedirectTarget: 'http://www.example.net'
  69. # if template is 'proxy.tmpl'
  70. # ProxyRequests: 'On'
  71. # ProxyPreserveHost: 'On'
  72. # ProxyRoute:
  73. # my sample route:
  74. # ProxyPassSource: '/'
  75. # ProxyPassTarget: 'http://www.example.net'
  76. # ProxyPassTargetOptions: 'connectiontimeout=5 timeout=30'
  77. # ProxyPassReverseSource: '/'
  78. # ProxyPassReverseTarget: 'http://www.example.net'
  79. Alias:
  80. /docs: /usr/share/docs
  81. Location:
  82. /docs:
  83. Order: allow,deny # For Apache < 2.4
  84. Allow: from all # For apache < 2.4
  85. Require: all granted # For apache > 2.4.
  86. Formula_Append: |
  87. Additional config as a
  88. multi-line string here
  89. Formula_Append: |
  90. Additional config as a
  91. multi-line string here
  92. # ``apache.debian_full`` formula additional configuration:
  93. register-site:
  94. # any name as an array index, and you can duplicate this section
  95. UNIQUE_VALUE_HERE:
  96. name: 'my name'
  97. path: 'salt://path/to/sites-available/conf/file'
  98. state: 'enabled'
  99. # Optional - use managed file as Jinja Template
  100. #template: true
  101. #defaults:
  102. # custom_var: "default value"
  103. modules:
  104. enabled: # List modules to enable
  105. - ldap
  106. - ssl
  107. disabled: # List modules to disable
  108. - rewrite
  109. # KeepAlive: Whether or not to allow persistent connections (more than
  110. # one request per connection). Set to "Off" to deactivate.
  111. keepalive: 'On'
  112. security:
  113. # can be Full | OS | Minimal | Minor | Major | Prod
  114. # where Full conveys the most information, and Prod the least.
  115. ServerTokens: Prod
  116. # ``apache.mod_remoteip`` formula additional configuration:
  117. mod_remoteip:
  118. RemoteIPHeader: X-Forwarded-For
  119. RemoteIPTrustedProxy:
  120. - 10.0.8.0/24
  121. - 127.0.0.1
  122. # ``apache.mod_security`` formula additional configuration:
  123. mod_security:
  124. crs_install: True
  125. # If not set, default distro's configuration is installed as is
  126. manage_config: True
  127. sec_rule_engine: 'On'
  128. sec_request_body_access: 'On'
  129. sec_request_body_limit: '14000000'
  130. sec_request_body_no_files_limit: '114002'
  131. sec_request_body_in_memory_limit: '114002'
  132. sec_request_body_limit_action: 'Reject'
  133. sec_pcre_match_limit: '15000'
  134. sec_pcre_match_limit_recursion: '15000'
  135. sec_debug_log_level: '3'