salt
/
apache-formula
forked from ExternalMirrors/apache-formula
Watch 1
Star 0
Fork 0
Code Releases 0 Activity
Saltstack Official Apache Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
429 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
apache-formula/apache/files/FreeBSD/apache-2.4.config.jinja

535 lines
20KB
Raw Permalink Blame History 

  1. #

  2. # This is the main Apache HTTP server configuration file.  It contains the

  3. # configuration directives that give the server its instructions.

  4. # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.

  5. # In particular, see 

  6. # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>

  7. # for a discussion of each configuration directive.

  8. #

  9. # Do NOT simply read the instructions in here without understanding

  10. # what they do.  They're here only as hints or reminders.  If you are unsure

  11. # consult the online docs. You have been warned.  

  12. #

  13. # Configuration and logfile names: If the filenames you specify for many

  14. # of the server's control files begin with "/" (or "drive:/" for Win32), the

  15. # server will use that explicit path.  If the filenames do *not* begin

  16. # with "/", the value of ServerRoot is prepended -- so "logs/access_log"

  17. # with ServerRoot set to "/usr/local/apache2" will be interpreted by the

  18. # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" 

  19. # will be interpreted as '/logs/access_log'.

  20. 

  21. #

  22. # ServerRoot: The top of the directory tree under which the server's

  23. # configuration, error, and log files are kept.

  24. #

  25. # Do not add a slash at the end of the directory path.  If you point

  26. # ServerRoot at a non-local disk, be sure to specify a local disk on the

  27. # Mutex directive, if file-based mutexes are used.  If you wish to share the

  28. # same ServerRoot for multiple httpd daemons, you will need to change at

  29. # least PidFile.

  30. #

  31. ServerRoot "/usr/local"

  32. 

  33. #

  34. # Mutex: Allows you to set the mutex mechanism and mutex file directory

  35. # for individual mutexes, or change the global defaults

  36. #

  37. # Uncomment and change the directory if mutexes are file-based and the default

  38. # mutex file directory is not on a local disk or is not appropriate for some

  39. # other reason.

  40. #

  41. # Mutex default:/var/run

  42. 

  43. #

  44. # Dynamic Shared Object (DSO) Support

  45. #

  46. # To be able to use the functionality of a module which was built as a DSO you

  47. # have to place corresponding `LoadModule' lines at this location so the

  48. # directives contained in it are actually available _before_ they are used.

  49. # Statically compiled modules (those listed by `httpd -l') do not need

  50. # to be loaded here.

  51. #

  52. # Example:

  53. # LoadModule foo_module modules/mod_foo.so

  54. #

  55. LoadModule authn_file_module libexec/apache24/mod_authn_file.so

  56. #LoadModule authn_dbm_module libexec/apache24/mod_authn_dbm.so

  57. #LoadModule authn_anon_module libexec/apache24/mod_authn_anon.so

  58. #LoadModule authn_dbd_module libexec/apache24/mod_authn_dbd.so

  59. #LoadModule authn_socache_module libexec/apache24/mod_authn_socache.so

  60. LoadModule authn_core_module libexec/apache24/mod_authn_core.so

  61. LoadModule authz_host_module libexec/apache24/mod_authz_host.so

  62. LoadModule authz_groupfile_module libexec/apache24/mod_authz_groupfile.so

  63. LoadModule authz_user_module libexec/apache24/mod_authz_user.so

  64. #LoadModule authz_dbm_module libexec/apache24/mod_authz_dbm.so

  65. #LoadModule authz_owner_module libexec/apache24/mod_authz_owner.so

  66. #LoadModule authz_dbd_module libexec/apache24/mod_authz_dbd.so

  67. LoadModule authz_core_module libexec/apache24/mod_authz_core.so

  68. #LoadModule authnz_fcgi_module libexec/apache24/mod_authnz_fcgi.so

  69. LoadModule access_compat_module libexec/apache24/mod_access_compat.so

  70. LoadModule auth_basic_module libexec/apache24/mod_auth_basic.so

  71. #LoadModule auth_form_module libexec/apache24/mod_auth_form.so

  72. #LoadModule auth_digest_module libexec/apache24/mod_auth_digest.so

  73. #LoadModule allowmethods_module libexec/apache24/mod_allowmethods.so

  74. #LoadModule file_cache_module libexec/apache24/mod_file_cache.so

  75. #LoadModule cache_module libexec/apache24/mod_cache.so

  76. #LoadModule cache_disk_module libexec/apache24/mod_cache_disk.so

  77. #LoadModule cache_socache_module libexec/apache24/mod_cache_socache.so

  78. #LoadModule socache_shmcb_module libexec/apache24/mod_socache_shmcb.so

  79. #LoadModule socache_dbm_module libexec/apache24/mod_socache_dbm.so

  80. #LoadModule socache_memcache_module libexec/apache24/mod_socache_memcache.so

  81. #LoadModule watchdog_module libexec/apache24/mod_watchdog.so

  82. #LoadModule macro_module libexec/apache24/mod_macro.so

  83. #LoadModule dbd_module libexec/apache24/mod_dbd.so

  84. #LoadModule dumpio_module libexec/apache24/mod_dumpio.so

  85. #LoadModule buffer_module libexec/apache24/mod_buffer.so

  86. #LoadModule data_module libexec/apache24/mod_data.so

  87. #LoadModule ratelimit_module libexec/apache24/mod_ratelimit.so

  88. LoadModule reqtimeout_module libexec/apache24/mod_reqtimeout.so

  89. #LoadModule ext_filter_module libexec/apache24/mod_ext_filter.so

  90. #LoadModule request_module libexec/apache24/mod_request.so

  91. #LoadModule include_module libexec/apache24/mod_include.so

  92. LoadModule filter_module libexec/apache24/mod_filter.so

  93. #LoadModule reflector_module libexec/apache24/mod_reflector.so

  94. #LoadModule substitute_module libexec/apache24/mod_substitute.so

  95. #LoadModule sed_module libexec/apache24/mod_sed.so

  96. #LoadModule charset_lite_module libexec/apache24/mod_charset_lite.so

  97. #LoadModule deflate_module libexec/apache24/mod_deflate.so

  98. #LoadModule xml2enc_module libexec/apache24/mod_xml2enc.so

  99. #LoadModule proxy_html_module libexec/apache24/mod_proxy_html.so

  100. LoadModule mime_module libexec/apache24/mod_mime.so

  101. LoadModule log_config_module libexec/apache24/mod_log_config.so

  102. #LoadModule log_debug_module libexec/apache24/mod_log_debug.so

  103. #LoadModule log_forensic_module libexec/apache24/mod_log_forensic.so

  104. #LoadModule logio_module libexec/apache24/mod_logio.so

  105. LoadModule env_module libexec/apache24/mod_env.so

  106. #LoadModule mime_magic_module libexec/apache24/mod_mime_magic.so

  107. #LoadModule cern_meta_module libexec/apache24/mod_cern_meta.so

  108. #LoadModule expires_module libexec/apache24/mod_expires.so

  109. LoadModule headers_module libexec/apache24/mod_headers.so

  110. #LoadModule usertrack_module libexec/apache24/mod_usertrack.so

  111. #LoadModule unique_id_module libexec/apache24/mod_unique_id.so

  112. LoadModule setenvif_module libexec/apache24/mod_setenvif.so

  113. LoadModule version_module libexec/apache24/mod_version.so

  114. #LoadModule remoteip_module libexec/apache24/mod_remoteip.so

  115. #LoadModule proxy_module libexec/apache24/mod_proxy.so

  116. #LoadModule proxy_connect_module libexec/apache24/mod_proxy_connect.so

  117. #LoadModule proxy_ftp_module libexec/apache24/mod_proxy_ftp.so

  118. #LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so

  119. #LoadModule proxy_fcgi_module libexec/apache24/mod_proxy_fcgi.so

  120. #LoadModule proxy_scgi_module libexec/apache24/mod_proxy_scgi.so

  121. #LoadModule proxy_fdpass_module libexec/apache24/mod_proxy_fdpass.so

  122. #LoadModule proxy_wstunnel_module libexec/apache24/mod_proxy_wstunnel.so

  123. #LoadModule proxy_ajp_module libexec/apache24/mod_proxy_ajp.so

  124. #LoadModule proxy_balancer_module libexec/apache24/mod_proxy_balancer.so

  125. #LoadModule proxy_express_module libexec/apache24/mod_proxy_express.so

  126. #LoadModule proxy_hcheck_module libexec/apache24/mod_proxy_hcheck.so

  127. #LoadModule session_module libexec/apache24/mod_session.so

  128. #LoadModule session_cookie_module libexec/apache24/mod_session_cookie.so

  129. #LoadModule session_crypto_module libexec/apache24/mod_session_crypto.so

  130. #LoadModule session_dbd_module libexec/apache24/mod_session_dbd.so

  131. #LoadModule slotmem_shm_module libexec/apache24/mod_slotmem_shm.so

  132. #LoadModule slotmem_plain_module libexec/apache24/mod_slotmem_plain.so

  133. #LoadModule ssl_module libexec/apache24/mod_ssl.so

  134. #LoadModule dialup_module libexec/apache24/mod_dialup.so

  135. #LoadModule lbmethod_byrequests_module libexec/apache24/mod_lbmethod_byrequests.so

  136. #LoadModule lbmethod_bytraffic_module libexec/apache24/mod_lbmethod_bytraffic.so

  137. #LoadModule lbmethod_bybusyness_module libexec/apache24/mod_lbmethod_bybusyness.so

  138. #LoadModule lbmethod_heartbeat_module libexec/apache24/mod_lbmethod_heartbeat.so

  139. #LoadModule mpm_event_module libexec/apache24/mod_mpm_event.so

  140. LoadModule mpm_prefork_module libexec/apache24/mod_mpm_prefork.so

  141. #LoadModule mpm_worker_module libexec/apache24/mod_mpm_worker.so

  142. LoadModule unixd_module libexec/apache24/mod_unixd.so

  143. #LoadModule heartbeat_module libexec/apache24/mod_heartbeat.so

  144. #LoadModule heartmonitor_module libexec/apache24/mod_heartmonitor.so

  145. #LoadModule dav_module libexec/apache24/mod_dav.so

  146. LoadModule status_module libexec/apache24/mod_status.so

  147. LoadModule autoindex_module libexec/apache24/mod_autoindex.so

  148. #LoadModule asis_module libexec/apache24/mod_asis.so

  149. #LoadModule info_module libexec/apache24/mod_info.so

  150. #LoadModule suexec_module libexec/apache24/mod_suexec.so

  151. <IfModule !mpm_prefork_module>

  152. 	#LoadModule cgid_module libexec/apache24/mod_cgid.so

  153. </IfModule>

  154. <IfModule mpm_prefork_module>

  155. 	#LoadModule cgi_module libexec/apache24/mod_cgi.so

  156. </IfModule>

  157. #LoadModule dav_fs_module libexec/apache24/mod_dav_fs.so

  158. #LoadModule dav_lock_module libexec/apache24/mod_dav_lock.so

  159. #LoadModule vhost_alias_module libexec/apache24/mod_vhost_alias.so

  160. #LoadModule negotiation_module libexec/apache24/mod_negotiation.so

  161. LoadModule dir_module libexec/apache24/mod_dir.so

  162. #LoadModule imagemap_module libexec/apache24/mod_imagemap.so

  163. #LoadModule actions_module libexec/apache24/mod_actions.so

  164. #LoadModule speling_module libexec/apache24/mod_speling.so

  165. #LoadModule userdir_module libexec/apache24/mod_userdir.so

  166. LoadModule alias_module libexec/apache24/mod_alias.so

  167. #LoadModule rewrite_module libexec/apache24/mod_rewrite.so

  168. 

  169. # Third party modules

  170. IncludeOptional etc/apache24/modules.d/[0-9][0-9][0-9]_*.conf

  171.  

  172. Include {{ apache.portsfile }}

  173. 

  174. <IfModule unixd_module>

  175. #

  176. # If you wish httpd to run as a different user or group, you must run

  177. # httpd as root initially and it will switch.  

  178. #

  179. # User/Group: The name (or #number) of the user/group to run httpd as.

  180. # It is usually good practice to create a dedicated user and group for

  181. # running httpd, as with most system services.

  182. #

  183. User www

  184. Group www

  185. 

  186. </IfModule>

  187. 

  188. # 'Main' server configuration

  189. #

  190. # The directives in this section set up the values used by the 'main'

  191. # server, which responds to any requests that aren't handled by a

  192. # <VirtualHost> definition.  These values also provide defaults for

  193. # any <VirtualHost> containers you may define later in the file.

  194. #

  195. # All of these directives may appear inside <VirtualHost> containers,

  196. # in which case these default settings will be overridden for the

  197. # virtual host being defined.

  198. #

  199. 

  200. #

  201. # ServerAdmin: Your address, where problems with the server should be

  202. # e-mailed.  This address appears on some server-generated pages, such

  203. # as error documents.  e.g. admin@your-domain.com

  204. #

  205. ServerAdmin root@localhost

  206. 

  207. #

  208. # ServerName gives the name and port that the server uses to identify itself.

  209. # This can often be determined automatically, but we recommend you specify

  210. # it explicitly to prevent problems during startup.

  211. #

  212. # If your host doesn't have a registered DNS name, enter its IP address here.

  213. #

  214. #ServerName www.example.com:80

  215. 

  216. #

  217. # Deny access to the entirety of your server's filesystem. You must

  218. # explicitly permit access to web content directories in other 

  219. # <Directory> blocks below.

  220. #

  221. <Directory />

  222.     AllowOverride none

  223.     Require all denied

  224. </Directory>

  225. 

  226. #

  227. # Note that from this point forward you must specifically allow

  228. # particular features to be enabled - so if something's not working as

  229. # you might expect, make sure that you have specifically enabled it

  230. # below.

  231. #

  232. 

  233. {%- for directive, dvalue in salt['pillar.get']('apache:global', {}).items() %}

  234. {{ directive }} {{ dvalue }}

  235. {%- endfor %}

  236. 

  237. {% if apache.global_document_root is defined and apache.global_document_root|length > 0 %}

  238. #

  239. # DocumentRoot: The directory out of which you will serve your

  240. # documents. By default, all requests are taken from this directory, but

  241. # symbolic links and aliases may be used to point to other locations.

  242. #

  243. DocumentRoot "{{ apache.global_document_root }}"

  244. <Directory "{{ apache.global_document_root }}">

  245.     #

  246.     # Possible values for the Options directive are "None", "All",

  247.     # or any combination of:

  248.     #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

  249.     #

  250.     # Note that "MultiViews" must be named *explicitly* --- "Options All"

  251.     # doesn't give it to you.

  252.     #

  253.     # The Options directive is both complicated and important.  Please see

  254.     # http://httpd.apache.org/docs/2.4/mod/core.html#options

  255.     # for more information.

  256.     #

  257.     Options Indexes FollowSymLinks

  258. 

  259.     #

  260.     # AllowOverride controls what directives may be placed in .htaccess files.

  261.     # It can be "All", "None", or any combination of the keywords:

  262.     #   AllowOverride FileInfo AuthConfig Limit

  263.     #

  264.     AllowOverride None

  265. 

  266.     #

  267.     # Controls who can get stuff from this server.

  268.     #

  269.     Require all granted

  270. </Directory>

  271. {% endif %}

  272. 

  273. #

  274. # DirectoryIndex: sets the file that Apache will serve if a directory

  275. # is requested.

  276. #

  277. <IfModule dir_module>

  278.     DirectoryIndex index.html

  279. </IfModule>

  280. 

  281. #

  282. # The following lines prevent .htaccess and .htpasswd files from being 

  283. # viewed by Web clients. 

  284. #

  285. <Files ".ht*">

  286.     Require all denied

  287. </Files>

  288. 

  289. #

  290. # ErrorLog: The location of the error log file.

  291. # If you do not specify an ErrorLog directive within a <VirtualHost>

  292. # container, error messages relating to that virtual host will be

  293. # logged here.  If you *do* define an error logfile for a <VirtualHost>

  294. # container, that host's errors will be logged there and not here.

  295. #

  296. ErrorLog "/var/log/httpd-error.log"

  297. 

  298. #

  299. # LogLevel: Control the number of messages logged to the error_log.

  300. # Possible values include: debug, info, notice, warn, error, crit,

  301. # alert, emerg.

  302. #

  303. LogLevel warn

  304. 

  305. <IfModule log_config_module>

  306.     #

  307.     # The following directives define some format nicknames for use with

  308.     # a CustomLog directive (see below).

  309.     #

  310.     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

  311.     LogFormat "%h %l %u %t \"%r\" %>s %b" common

  312. 

  313.     <IfModule logio_module>

  314.       # You need to enable mod_logio.c to use %I and %O

  315.       LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

  316.     </IfModule>

  317. 

  318.     #

  319.     # The location and format of the access logfile (Common Logfile Format).

  320.     # If you do not define any access logfiles within a <VirtualHost>

  321.     # container, they will be logged here.  Contrariwise, if you *do*

  322.     # define per-<VirtualHost> access logfiles, transactions will be

  323.     # logged therein and *not* in this file.

  324.     #

  325.     CustomLog "/var/log/httpd-access.log" common

  326. 

  327.     #

  328.     # If you prefer a logfile with access, agent, and referer information

  329.     # (Combined Logfile Format) you can use the following directive.

  330.     #

  331.     #CustomLog "/var/log/httpd-access.log" combined

  332. </IfModule>

  333. 

  334. <IfModule alias_module>

  335.     #

  336.     # Redirect: Allows you to tell clients about documents that used to 

  337.     # exist in your server's namespace, but do not anymore. The client 

  338.     # will make a new request for the document at its new location.

  339.     # Example:

  340.     # Redirect permanent /foo http://www.example.com/bar

  341. 

  342.     #

  343.     # Alias: Maps web paths into filesystem paths and is used to

  344.     # access content that does not live under the DocumentRoot.

  345.     # Example:

  346.     # Alias /webpath /full/filesystem/path

  347.     #

  348.     # If you include a trailing / on /webpath then the server will

  349.     # require it to be present in the URL.  You will also likely

  350.     # need to provide a <Directory> section to allow access to

  351.     # the filesystem path.

  352. 

  353.     #

  354.     # ScriptAlias: This controls which directories contain server scripts. 

  355.     # ScriptAliases are essentially the same as Aliases, except that

  356.     # documents in the target directory are treated as applications and

  357.     # run by the server when requested rather than as documents sent to the

  358.     # client.  The same rules about trailing "/" apply to ScriptAlias

  359.     # directives as to Alias.

  360.     #

  361.     #ScriptAlias /cgi-bin/ "/usr/local/www/apache24/cgi-bin/"

  362. 

  363. </IfModule>

  364. 

  365. <IfModule cgid_module>

  366.     #

  367.     # ScriptSock: On threaded servers, designate the path to the UNIX

  368.     # socket used to communicate with the CGI daemon of mod_cgid.

  369.     #

  370.     #Scriptsock cgisock

  371. </IfModule>

  372. 

  373. #

  374. # "/usr/local/www/apache24/cgi-bin" should be changed to whatever your ScriptAliased

  375. # CGI directory exists, if you have that configured.

  376. #

  377. <Directory "/usr/local/www/apache24/cgi-bin">

  378.     AllowOverride None

  379.     Options None

  380.     Require all granted

  381. </Directory>

  382. 

  383. <IfModule mime_module>

  384.     #

  385.     # TypesConfig points to the file containing the list of mappings from

  386.     # filename extension to MIME-type.

  387.     #

  388.     TypesConfig etc/apache24/mime.types

  389. 

  390.     #

  391.     # AddType allows you to add to or override the MIME configuration

  392.     # file specified in TypesConfig for specific file types.

  393.     #

  394.     #AddType application/x-gzip .tgz

  395.     #

  396.     # AddEncoding allows you to have certain browsers uncompress

  397.     # information on the fly. Note: Not all browsers support this.

  398.     #

  399.     #AddEncoding x-compress .Z

  400.     #AddEncoding x-gzip .gz .tgz

  401.     #

  402.     # If the AddEncoding directives above are commented-out, then you

  403.     # probably should define those extensions to indicate media types:

  404.     #

  405.     AddType application/x-compress .Z

  406.     AddType application/x-gzip .gz .tgz

  407. 

  408.     #

  409.     # AddHandler allows you to map certain file extensions to "handlers":

  410.     # actions unrelated to filetype. These can be either built into the server

  411.     # or added with the Action directive (see below)

  412.     #

  413.     # To use CGI scripts outside of ScriptAliased directories:

  414.     # (You will also need to add "ExecCGI" to the "Options" directive.)

  415.     #

  416.     #AddHandler cgi-script .cgi

  417. 

  418.     # For type maps (negotiated resources):

  419.     #AddHandler type-map var

  420. 

  421.     #

  422.     # Filters allow you to process content before it is sent to the client.

  423.     #

  424.     # To parse .shtml files for server-side includes (SSI):

  425.     # (You will also need to add "Includes" to the "Options" directive.)

  426.     #

  427.     #AddType text/html .shtml

  428.     #AddOutputFilter INCLUDES .shtml

  429. </IfModule>

  430. 

  431. #

  432. # The mod_mime_magic module allows the server to use various hints from the

  433. # contents of the file itself to determine its type.  The MIMEMagicFile

  434. # directive tells the module where the hint definitions are located.

  435. #

  436. #MIMEMagicFile etc/apache24/magic

  437. 

  438. #

  439. # Customizable error responses come in three flavors:

  440. # 1) plain text 2) local redirects 3) external redirects

  441. #

  442. # Some examples:

  443. #ErrorDocument 500 "The server made a boo boo."

  444. #ErrorDocument 404 /missing.html

  445. #ErrorDocument 404 "/cgi-bin/missing_handler.pl"

  446. #ErrorDocument 402 http://www.example.com/subscription_info.html

  447. #

  448. 

  449. #

  450. # MaxRanges: Maximum number of Ranges in a request before

  451. # returning the entire resource, or one of the special

  452. # values 'default', 'none' or 'unlimited'.

  453. # Default setting is to accept 200 Ranges.

  454. #MaxRanges unlimited

  455. 

  456. #

  457. # EnableMMAP and EnableSendfile: On systems that support it, 

  458. # memory-mapping or the sendfile syscall may be used to deliver

  459. # files.  This usually improves server performance, but must

  460. # be turned off when serving from networked-mounted 

  461. # filesystems or if support for these functions is otherwise

  462. # broken on your system.

  463. # Defaults: EnableMMAP On, EnableSendfile Off

  464. #

  465. #EnableMMAP off

  466. #EnableSendfile on

  467. 

  468. # Supplemental configuration

  469. #

  470. # The configuration files in the etc/apache24/extra/ directory can be 

  471. # included to add extra features or to modify the default configuration of 

  472. # the server, or you may simply copy their contents here and change as 

  473. # necessary.

  474. 

  475. # Server-pool management (MPM specific)

  476. #Include etc/apache24/extra/httpd-mpm.conf

  477. 

  478. # Multi-language error messages

  479. #Include etc/apache24/extra/httpd-multilang-errordoc.conf

  480. 

  481. # Fancy directory listings

  482. #Include etc/apache24/extra/httpd-autoindex.conf

  483. 

  484. # Language settings

  485. #Include etc/apache24/extra/httpd-languages.conf

  486. 

  487. # User home directories

  488. #Include etc/apache24/extra/httpd-userdir.conf

  489. 

  490. # Real-time info on requests and configuration

  491. #Include etc/apache24/extra/httpd-info.conf

  492. 

  493. # Virtual hosts

  494. #Include etc/apache24/extra/httpd-vhosts.conf

  495. 

  496. # Local access to the Apache HTTP Server Manual

  497. #Include etc/apache24/extra/httpd-manual.conf

  498. 

  499. # Distributed authoring and versioning (WebDAV)

  500. #Include etc/apache24/extra/httpd-dav.conf

  501. 

  502. # Various default settings

  503. #Include etc/apache24/extra/httpd-default.conf

  504. 

  505. # Configure mod_proxy_html to understand HTML4/XHTML1

  506. <IfModule proxy_html_module>

  507. Include etc/apache24/extra/proxy-html.conf

  508. </IfModule>

  509. 

  510. # Secure (SSL/TLS) connections

  511. #Include etc/apache24/extra/httpd-ssl.conf

  512. #

  513. # Note: The following must must be present to support

  514. #       starting without SSL on platforms with no /dev/random equivalent

  515. #       but a statically compiled-in mod_ssl.

  516. #

  517. <IfModule ssl_module>

  518. SSLRandomSeed startup builtin

  519. SSLRandomSeed connect builtin

  520. </IfModule>

  521. 

  522. # Default Values

  523. ServerTokens Prod

  524. ServerSignature Off

  525. TraceEnable Off

  526. # Well, IncludeOptional behaved lile Include

  527. IncludeOptional etc/apache24/extra/security.con[f]

  528. 

  529. {% if salt['pillar.get']('apache:mod_ssl:manage_tls_defaults', False) -%}

  530. Include etc/apache24/extra/tls-defaults.conf

  531. {%- endif %}

  532. 

  533. Include etc/apache24/Includes/*.conf