Saltstack Official Apache Formula
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.

130 Zeilen
4.1KB

  1. # ``apache`` formula configuration:
  2. apache:
  3. # lookup section overrides ``map.jinja`` values
  4. lookup:
  5. server: apache2
  6. service: apache2
  7. vhostdir: /etc/apache2/sites-available
  8. confdir: /etc/apache2/conf.d
  9. confext: .conf
  10. logdir: /var/log/apache2
  11. wwwdir: /srv/apache2
  12. # apache version (generally '2.2' or '2.4')
  13. version: '2.2'
  14. # ``apache.mod_wsgi`` formula additional configuration:
  15. mod_wsgi: mod_wsgi
  16. # ``apache.vhosts`` formula additional configuration:
  17. sites:
  18. example.net:
  19. template_file: salt://apache/vhosts/minimal.tmpl
  20. example.com: # must be unique; used as an ID declaration in Salt.
  21. enabled: True
  22. template_file: salt://apache/vhosts/standard.tmpl # or redirect.tmpl or proxy.tmpl
  23. ####################### DEFAULT VALUES BELOW ############################
  24. # NOTE: the values below are simply default settings that *can* be
  25. # overridden and are not required in order to use this formula to create
  26. # vhost entries.
  27. #
  28. # Do not copy the values below into your Pillar unless you intend to
  29. # modify these vaules.
  30. ####################### DEFAULT VALUES BELOW ############################
  31. template_engine: jinja
  32. interface: '*'
  33. port: '80'
  34. ServerName: example.com # uses the unique ID above unless specified
  35. ServerAlias: www.example.com
  36. ServerAdmin: webmaster@example.com
  37. LogLevel: warn
  38. ErrorLog: /path/to/logs/example.com-error.log # E.g.: /var/log/apache2/example.com-error.log
  39. CustomLog: /path/to/logs/example.com-access.log # E.g.: /var/log/apache2/example.com-access.log
  40. DocumentRoot: /path/to/www/dir/example.com # E.g., /var/www/example.com
  41. SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired
  42. SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file
  43. SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file
  44. Directory:
  45. # "default" is a special case; Adds ``/path/to/www/dir/example.com``
  46. # E.g.: /var/www/example.com
  47. default:
  48. Options: -Indexes FollowSymLinks
  49. Order: allow,deny # For Apache < 2.4
  50. Allow: from all # For apache < 2.4
  51. Require: all granted # For apache > 2.4.
  52. AllowOverride: None
  53. Formula_Append: |
  54. Additional config as a
  55. multi-line string here
  56. # if template is 'redirect.tmpl'
  57. # RedirectSource: '/'
  58. # RedirectTarget: 'http://www.example.net'
  59. # if template is 'proxy.tmpl'
  60. # ProxyPreserveHost: 'On'
  61. # ProxyRoute:
  62. # my sample route:
  63. # ProxyPassSource: '/'
  64. # ProxyPassTarget: 'http://www.example.net'
  65. # ProxyPassReverseSource: '/'
  66. # ProxyPassReverseTarget: 'http://www.example.net'
  67. Alias:
  68. /docs: /usr/share/docs
  69. Location:
  70. /docs:
  71. Order: allow,deny # For Apache < 2.4
  72. Allow: from all # For apache < 2.4
  73. Require: all granted # For apache > 2.4.
  74. Formula_Append: |
  75. Additional config as a
  76. multi-line string here
  77. Formula_Append: |
  78. Additional config as a
  79. multi-line string here
  80. # ``apache.debian_full`` formula additional configuration:
  81. register-site:
  82. # any name as an array index, and you can duplicate this section
  83. UNIQUE_VALUE_HERE:
  84. name: 'my name'
  85. path: 'salt://path/to/sites-available/conf/file'
  86. state: 'enabled'
  87. # Optional - use managed file as Jinja Template
  88. #template: true
  89. #defaults:
  90. # custom_var: "default value"
  91. modules:
  92. enabled: # List modules to enable
  93. - ldap
  94. - ssl
  95. disabled: # List modules to disable
  96. - rewrite
  97. security:
  98. # can be Full | OS | Minimal | Minor | Major | Prod
  99. # where Full conveys the most information, and Prod the least.
  100. ServerTokens: Prod
  101. # ``apache.mod_remoteip`` formula additional configuration:
  102. mod_remoteip:
  103. RemoteIPHeader: X-Forwarded-For
  104. RemoteIPTrustedProxy:
  105. - 10.0.8.0/24
  106. - 127.0.0.1