Niels Abspoel
7 years ago
2 changed files with 53 additions and 28 deletions
+ 51
- 26
apache/files/Suse/apache-2.4.config.jinja
View File
| @@ -24,32 +24,32 @@ | |||
| # | | |||
| # |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under | |||
| # |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...) | |||
| # |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules | |||
| # |-- loadmodule.conf . . . . . . . . . . . [*] load these modules | |||
| # |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on | |||
| # |-- mod_log_config.conf . . . . . . . . . define logging formats | |||
| # |-- global.conf . . . . . . . . . . . . . server-wide general settings | |||
| # |-- global.conf . . . . . . . . . . . . . [*] server-wide general settings | |||
| # |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring) | |||
| # |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info | |||
| # |-- mod_reqtimeout.conf . . . . . . . . . set timeout and minimum data rate for receiving requests | |||
| # |-- mod_cgid-timeout.conf . . . . . . . . set CGIDScriptTimeout if mod_cgid is loaded/active | |||
| # |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking | |||
| # |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings | |||
| # |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration | |||
| # |-- errors.conf . . . . . . . . . . . . . customize error responses | |||
| # |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts | |||
| # |-- protocols.conf . . . . . . . . . . . Protocol settings that applies to default server _and all_ virtual hosts | |||
| # | | |||
| # |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests | |||
| # | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded) | |||
| # | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed) | |||
| # | | |||
| # |-- sysconfig.d/include.conf . . . . . . [*] your include files | |||
| # | (for each file to be included here, put its name | |||
| # | into APACHE_INCLUDE_* in /etc/sysconfig/apache2) | |||
| # | | |||
| # `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here | |||
| # `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included) | |||
| # | |||
| # | |||
| # Files marked [*] are created from sysconfig upon server restart: instead of | |||
| # these files, you edit /etc/sysconfig/apache2 | |||
| # Files marked [*] are NOT read when server is started via systemd service. When server | |||
| # is started via service, defaults from /etc/sysconfig/apache2 are taken into account. | |||
| # | |||
| @@ -77,15 +77,14 @@ | |||
| # |-- mod_usertrack.conf | |||
| # |-- server-tuning.conf | |||
| # |-- ssl-global.conf | |||
| # |-- protocols.conf | |||
| # |-- ssl.crl/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Revocation Lists (CRL) | |||
| # |-- ssl.crt/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificates | |||
| # |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests | |||
| # |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys | |||
| # |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files | |||
| # |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2 | |||
| # | |-- global.conf | |||
| # | |-- include.conf | |||
| # | `-- loadmodule.conf | |||
| # |-- global.conf | |||
| # |-- loadmodule.conf | |||
| # |-- uid.conf | |||
| # `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here | |||
| # |-- vhost-ssl.template | |||
| @@ -112,8 +111,10 @@ Include /etc/apache2/server-tuning.conf | |||
| # container, that host's errors will be logged there and not here. | |||
| ErrorLog /var/log/apache2/error_log | |||
| # generated from APACHE_MODULES in /etc/sysconfig/apache2 | |||
| Include /etc/apache2/sysconfig.d/loadmodule.conf | |||
| # generated from default value of APACHE_MODULES in /etc/sysconfig/apache2 | |||
| <IfDefine !SYSCONFIG> | |||
| Include /etc/apache2/loadmodule.conf | |||
| </IfDefine> | |||
| # IP addresses / ports to listen on | |||
| Include /etc/apache2/listen.conf | |||
| @@ -121,13 +122,29 @@ Include /etc/apache2/listen.conf | |||
| # predefined logging formats | |||
| Include /etc/apache2/mod_log_config.conf | |||
| # global settings managed by salt | |||
| Include /etc/apache2/global.conf | |||
| # generated from default values of global settings in /etc/sysconfig/apache2 | |||
| <IfDefine !SYSCONFIG> | |||
| Include /etc/apache2/global.conf | |||
| </IfDefine> | |||
| # optional mod_status, mod_info | |||
| Include /etc/apache2/mod_status.conf | |||
| Include /etc/apache2/mod_info.conf | |||
| # mod_reqtimeout protects the server from the so-called "slowloris" | |||
| # attack: The server is not swamped with requests in fast succession, | |||
| # but with slowly transmitted request headers and body, thereby filling up | |||
| # the request slots until the server runs out of them. | |||
| # mod_reqtimeout is lightweight and should deliver good results | |||
| # with the configured default values. You shouldn't notice it at all. | |||
| Include /etc/apache2/mod_reqtimeout.conf | |||
| # Fix for CVE-2014-0231 introduces new configuration parameter | |||
| # CGIDScriptTimeout. This directive and its effect prevent request | |||
| # workers to be eaten until starvation if cgi programs do not send | |||
| # output back to the server within the timout set by CGIDScriptTimeout. | |||
| Include /etc/apache2/mod_cgid-timeout.conf | |||
| # optional cookie-based user tracking | |||
| # read the documentation before using it!! | |||
| Include /etc/apache2/mod_usertrack.conf | |||
| @@ -146,18 +163,34 @@ Include /etc/apache2/errors.conf | |||
| # any virtual host | |||
| Include /etc/apache2/ssl-global.conf | |||
| # global (server-wide) protocol configuration, that is not specific | |||
| # to any virtual host | |||
| Include /etc/apache2/protocols.conf | |||
| # forbid access to the entire filesystem by default | |||
| <Directory /> | |||
| Options None | |||
| AllowOverride None | |||
| Require all denied | |||
| <IfModule !mod_access_compat.c> | |||
| Require all denied | |||
| </IfModule> | |||
| <IfModule mod_access_compat.c> | |||
| Order deny,allow | |||
| Deny from all | |||
| </IfModule> | |||
| </Directory> | |||
| # use .htaccess files for overriding, | |||
| AccessFileName .htaccess | |||
| # and never show them | |||
| <Files ~ "^\.ht"> | |||
| Require all denied | |||
| <IfModule !mod_access_compat.c> | |||
| Require all denied | |||
| </IfModule> | |||
| <IfModule mod_access_compat.c> | |||
| Order allow,deny | |||
| Deny from all | |||
| </IfModule> | |||
| </Files> | |||
| # List of resources to look for when the client requests a directory | |||
| @@ -177,14 +210,6 @@ DirectoryIndex index.html index.html.var | |||
| Include /etc/apache2/default-server.conf | |||
| # Another way to include your own files | |||
| # | |||
| # The file below is generated from /etc/sysconfig/apache2, | |||
| # include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and | |||
| # APACHE_CONF_INCLUDE_DIRS | |||
| Include /etc/apache2/sysconfig.d/include.conf | |||
| ### Virtual server configuration ############################################ | |||
| # | |||
| # VirtualHost: If you want to maintain multiple domains/hostnames on your | |||
+ 2
- 2
apache/map.jinja
View File
| @@ -74,8 +74,8 @@ | |||
| 'Suse': { | |||
| 'server': 'apache2', | |||
| 'service': 'apache2', | |||
| 'user': 'apache', | |||
| 'group': 'apache', | |||
| 'user': 'wwwrun', | |||
| 'group': 'www', | |||
| 'configfile': '/etc/apache2/httpd.conf', | |||
| 'mod_wsgi': 'apache2-mod_wsgi', | |||
Loading…