|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 |
- {# Define default values here so the template below can just focus on layout #}
- {% from "apache/map.jinja" import apache with context %}
- {% set sitename = site.get('ServerName', id) %}
- {% set vals = {
- 'interfaces': site.get('interface', '*').split(),
- 'port': site.get('port', '80'),
-
- 'ServerName': sitename,
- 'ServerAlias': site.get('ServerAlias', 'www.{0}'.format(sitename)),
-
- 'ServerAdmin': site.get('ServerAdmin', 'webmaster@{0}'.format(sitename)),
-
- 'UseCanonicalName': site.get('UseCanonicalName'),
-
- 'LogLevel': site.get('LogLevel', 'warn'),
- 'ErrorLog': site.get('ErrorLog', '{0}/{1}-error.log'.format(map.logdir, sitename)),
- 'LogFormat': site.get('LogFormat', '"%a %l %u %t \\"%r\\" %>s %O \\"%{Referer}i\\" \\"%{User-Agent}i\\""'),
- 'CustomLog': site.get('CustomLog', '{0}/{1}-access.log'.format(map.logdir, sitename)),
-
- 'ProxyRequests': site.get('ProxyRequests', 'Off'),
- 'ProxyPreserveHost': site.get('ProxyPreserveHost', 'On'),
- 'ProxyRoute': site.get('ProxyRoute', {}),
-
- 'Location': {
- 'Order': 'allow,deny',
- 'Allow': 'from all',
- 'Require': 'all granted',
- },
- 'LocationMatch': {
- 'Order': 'allow,deny',
- 'Allow': 'from all',
- 'Require': 'all granted',
- },
- } %}
- <VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}>
- ServerName {{ vals.ServerName }}
- {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}
- {% if site.get('ServerAdmin') != False %}ServerAdmin {{ vals.ServerAdmin }}{% endif %}
- {% if site.get('UseCanonicalName') %}UseCanonicalName {{ vals.UseCanonicalName }}{% endif %}
-
- {% if site.get('LogLevel') != False %}LogLevel {{ vals.LogLevel }}{% endif %}
- {% if site.get('ErrorLog') != False %}ErrorLog {{ vals.ErrorLog }}{% endif %}
- {% if site.get('CustomLog') != False %}CustomLog {{ vals.CustomLog }} {{ vals.LogFormat }}{% endif %}
-
- {% if site.get('SSLCertificateFile') %}SSLEngine on
- SSLCertificateFile {{ site.SSLCertificateFile }}
- {% if site.get('SSLCertificateKeyFile') %}SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}{% endif %}
- {% if site.get('SSLCertificateChainFile') %}SSLCertificateChainFile {{ site.SSLCertificateChainFile}}{% endif %}
- {% endif %}
- {% if site.get('Rewrite') %}RewriteEngine on
- {{ site.Rewrite }}
- {% endif %}
- {% if site.get('SSLProxyEngine') %}SSLProxyEngine {{ site.SSLProxyEngine }}{% endif %}
- ProxyRequests {{ vals.ProxyRequests }}
- ProxyPreserveHost {{ vals.ProxyPreserveHost }}
- {% if site.get('ProxyErrorOverride') %}ProxyErrorOverride {{ site.ProxyErrorOverride }} {% endif %}
- {% if site.get('ProxyErrorDir') %}ProxyPass /{{ site.ProxyErrorDir }}/ ! {% endif %}
- {% for proxy, proxyargs in vals.ProxyRoute|dictsort|reverse %}
- {% set proxyvals = {
- 'ProxyPassSource': proxyargs.get('ProxyPassSource', '/'),
- 'ProxyPassTarget': proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename)),
- 'ProxyPassTargetOptions': proxyargs.get('ProxyPassTargetOptions', ''),
- 'ProxyPassReverseSource': proxyargs.get('ProxyPassReverseSource', '/'),
- 'ProxyPassReverseTarget': proxyargs.get('ProxyPassReverseTarget', proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename))),
- } %}
- ######### {{proxy}} #########
- ProxyPass {{ proxyvals.ProxyPassSource }} {{ proxyvals.ProxyPassTarget }} {{ proxyvals.ProxyPassTargetOptions }}
- ProxyPassReverse {{ proxyvals.ProxyPassReverseSource }} {{ proxyvals.ProxyPassReverseTarget }}
- {% endfor %}
-
- {%- for path, loc in site.get('Location', {}).items() %}
- {%- set lvals = {
- 'Order': loc.get('Order', vals.Location.Order),
- 'Allow': loc.get('Allow', vals.Location.Allow),
- 'Require': loc.get('Require', vals.Location.Require),
- 'Dav': loc.get('Dav', False),
- } %}
- <Location "{{ path }}">
- {% if apache.use_require %}
- {%- if lvals.get('Require') != False %}Require {{lvals.Require}}{% endif %}
- {% else %}
- {%- if lvals.get('Order') != False %}Order {{ lvals.Order }}{% endif %}
- {%- if lvals.get('Allow') != False %}Allow {{ lvals.Allow }}{% endif %}
- {% endif %}
- {%- if loc.get('Formula_Append') %} {{ loc.Formula_Append|indent(8) }} {% endif %}
- </Location>
- {% endfor %}
- {%- for regpath, locmat in site.get('LocationMatch', {}).items() %}
- {%- set lmvals = {
- 'Order': locmat.get('Order', vals.LocationMatch.Order),
- 'Allow': locmat.get('Allow', vals.LocationMatch.Allow),
- 'Require': locmat.get('Require', vals.LocationMatch.Require),
- 'Dav': locmat.get('Dav', False),
- } %}
- <LocationMatch "{{ regpath }}">
- {% if apache.use_require %}
- {%- if lmvals.get('Require') != False %}Require {{lmvals.Require}}{% endif %}
- {% else %}
- {%- if lmvals.get('Order') != False %}Order {{ lmvals.Order }}{% endif %}
- {%- if lmvals.get('Allow') != False %}Allow {{ lmvals.Allow }}{% endif %}
- {% endif %}
- {%- if locmat.get('Formula_Append') %} {{ locmat.Formula_Append|indent(8) }} {% endif %}
- </LocationMatch>
- {% endfor %}
- {%- for proxypath, prox in site.get('Proxy_control', {}).items() %}
- {%- set proxvals = {
- 'AllowAll': prox.get('AllowAll', vals.AllowAll),
- 'AllowCountry': prox.get('AllowCountry', vals.AllowCountry),
- 'AllowIP': prox.get('AllowIP', vals.AllowIP),
- } %}
- <Proxy "{{ proxypath }}">
- {%- if proxvals.get('AllowAll') != False %}
- Require all granted
- {%- else %}
- {% if proxvals.get('AllowCountry') != False %}{% set country_list = proxvals.get('AllowCountry', {}) %}GeoIPEnable On
- {% for every_country in country_list %}SetEnvIf GEOIP_COUNTRY_CODE {{ every_country }} AllowCountry
- {% endfor %}Require env AllowCountry {% endif %}
- {% if proxvals.get('AllowIP') is defined %} {% set ip_list = proxvals.get('AllowIP', {}) %}
- Require ip {% for every_ip in ip_list %}{{ every_ip }} {% endfor %} {% endif %}
- {%- endif %}
- </Proxy>
- {%- endfor %}
- {% if site.get('Formula_Append') %}
- {{ site.Formula_Append|indent(4) }}
- {% endif %}
- </VirtualHost>
|