Saltstack Official Apache Formula
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.

132 rindas
6.2KB

  1. #
  2. # This file is managed by Salt! Do not edit by hand!
  3. #
  4. {# Define default values here so the template below can just focus on layout #}
  5. {% from "apache/map.jinja" import apache with context %}
  6. {% set sitename = site.get('ServerName', id) %}
  7. {% set vals = {
  8. 'interfaces': site.get('interface', '*').split(),
  9. 'port': site.get('port', '80'),
  10. 'ServerName': sitename,
  11. 'ServerAlias': site.get('ServerAlias', ''),
  12. 'ServerAdmin': site.get('ServerAdmin', 'webmaster@{0}'.format(sitename)),
  13. 'UseCanonicalName': site.get('UseCanonicalName'),
  14. 'LogLevel': site.get('LogLevel', 'warn'),
  15. 'ErrorLog': site.get('ErrorLog', '{0}/{1}-error.log'.format(map.logdir, sitename)),
  16. 'LogFormat': site.get('LogFormat', '"%a %l %u %t \\"%r\\" %>s %O \\"%{Referer}i\\" \\"%{User-Agent}i\\""'),
  17. 'CustomLog': site.get('CustomLog', '{0}/{1}-access.log'.format(map.logdir, sitename)),
  18. 'ProxyRequests': site.get('ProxyRequests', 'Off'),
  19. 'ProxyPreserveHost': site.get('ProxyPreserveHost', 'On'),
  20. 'ProxyRoute': site.get('ProxyRoute', {}),
  21. 'Location': {
  22. 'Order': 'allow,deny',
  23. 'Allow': 'from all',
  24. 'Require': 'all granted',
  25. },
  26. 'LocationMatch': {
  27. 'Order': 'allow,deny',
  28. 'Allow': 'from all',
  29. 'Require': 'all granted',
  30. },
  31. } %}
  32. <VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}>
  33. ServerName {{ vals.ServerName }}
  34. {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}
  35. {% if site.get('ServerAdmin') != False %}ServerAdmin {{ vals.ServerAdmin }}{% endif %}
  36. {% if site.get('UseCanonicalName') %}UseCanonicalName {{ vals.UseCanonicalName }}{% endif %}
  37. {% if site.get('LogLevel') != False %}LogLevel {{ vals.LogLevel }}{% endif %}
  38. {% if site.get('ErrorLog') != False %}ErrorLog {{ vals.ErrorLog }}{% endif %}
  39. {% if site.get('LogFormat') != False -%}LogFormat {{ vals.LogFormat }}{% endif %}
  40. {% if site.get('CustomLog') != False -%}LogFormat {{ vals.LogFormat }} {{ sitename }}
  41. CustomLog {{ vals.CustomLog }} {{ sitename }}{% endif %}
  42. {% if site.get('SSLCertificateFile') %}SSLEngine on
  43. SSLCertificateFile {{ site.SSLCertificateFile }}
  44. {% if site.get('SSLCertificateKeyFile') %}SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}{% endif %}
  45. {% if site.get('SSLCertificateChainFile') %}SSLCertificateChainFile {{ site.SSLCertificateChainFile}}{% endif %}
  46. {% endif %}
  47. {% if site.get('Rewrite') %}RewriteEngine on
  48. {{ site.Rewrite }}
  49. {% endif %}
  50. {% if site.get('SSLProxyEngine') %}SSLProxyEngine {{ site.SSLProxyEngine }}{% endif %}
  51. ProxyRequests {{ vals.ProxyRequests }}
  52. ProxyPreserveHost {{ vals.ProxyPreserveHost }}
  53. {% if site.get('ProxyErrorOverride') %}ProxyErrorOverride {{ site.ProxyErrorOverride }} {% endif %}
  54. {% if site.get('ProxyErrorDir') %}ProxyPass /{{ site.ProxyErrorDir }}/ ! {% endif %}
  55. {% for proxy, proxyargs in vals.ProxyRoute|dictsort|reverse %}
  56. {% set proxyvals = {
  57. 'ProxyPassSource': proxyargs.get('ProxyPassSource', '/'),
  58. 'ProxyPassTarget': proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename)),
  59. 'ProxyPassTargetOptions': proxyargs.get('ProxyPassTargetOptions', ''),
  60. 'ProxyPassReverseSource': proxyargs.get('ProxyPassReverseSource', '/'),
  61. 'ProxyPassReverseTarget': proxyargs.get('ProxyPassReverseTarget', proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename))),
  62. } %}
  63. ######### {{proxy}} #########
  64. ProxyPass {{ proxyvals.ProxyPassSource }} {{ proxyvals.ProxyPassTarget }} {{ proxyvals.ProxyPassTargetOptions }}
  65. ProxyPassReverse {{ proxyvals.ProxyPassReverseSource }} {{ proxyvals.ProxyPassReverseTarget }}
  66. {% endfor %}
  67. {%- for path, loc in site.get('Location', {}).items() %}
  68. {%- set lvals = {
  69. 'Order': loc.get('Order', vals.Location.Order),
  70. 'Allow': loc.get('Allow', vals.Location.Allow),
  71. 'Require': loc.get('Require', vals.Location.Require),
  72. 'Dav': loc.get('Dav', False),
  73. } %}
  74. <Location "{{ path }}">
  75. {% if apache.version == '2.4' %}
  76. {%- if lvals.get('Require') != False %}Require {{lvals.Require}}{% endif %}
  77. {% else %}
  78. {%- if lvals.get('Order') != False %}Order {{ lvals.Order }}{% endif %}
  79. {%- if lvals.get('Allow') != False %}Allow {{ lvals.Allow }}{% endif %}
  80. {% endif %}
  81. {%- if loc.get('Formula_Append') %} {{ loc.Formula_Append|indent(8) }} {% endif %}
  82. </Location>
  83. {% endfor %}
  84. {%- for regpath, locmat in site.get('LocationMatch', {}).items() %}
  85. {%- set lmvals = {
  86. 'Order': locmat.get('Order', vals.LocationMatch.Order),
  87. 'Allow': locmat.get('Allow', vals.LocationMatch.Allow),
  88. 'Require': locmat.get('Require', vals.LocationMatch.Require),
  89. 'Dav': locmat.get('Dav', False),
  90. } %}
  91. <LocationMatch "{{ regpath }}">
  92. {% if apache.version == '2.4' %}
  93. {%- if lmvals.get('Require') != False %}Require {{lmvals.Require}}{% endif %}
  94. {% else %}
  95. {%- if lmvals.get('Order') != False %}Order {{ lmvals.Order }}{% endif %}
  96. {%- if lmvals.get('Allow') != False %}Allow {{ lmvals.Allow }}{% endif %}
  97. {% endif %}
  98. {%- if locmat.get('Formula_Append') %} {{ locmat.Formula_Append|indent(8) }} {% endif %}
  99. </LocationMatch>
  100. {% endfor %}
  101. {%- for proxypath, prox in site.get('Proxy_control', {}).items() %}
  102. {%- set proxvals = {
  103. 'AllowAll': prox.get('AllowAll', vals.AllowAll),
  104. 'AllowCountry': prox.get('AllowCountry', vals.AllowCountry),
  105. 'AllowIP': prox.get('AllowIP', vals.AllowIP),
  106. } %}
  107. <Proxy "{{ proxypath }}">
  108. {%- if proxvals.get('AllowAll') != False %}
  109. Require all granted
  110. {%- else %}
  111. {% if proxvals.get('AllowCountry') != False %}{% set country_list = proxvals.get('AllowCountry', {}) %}GeoIPEnable On
  112. {% for every_country in country_list %}SetEnvIf GEOIP_COUNTRY_CODE {{ every_country }} AllowCountry
  113. {% endfor %}Require env AllowCountry {% endif %}
  114. {% if proxvals.get('AllowIP') is defined %} {% set ip_list = proxvals.get('AllowIP', {}) %}
  115. Require ip {% for every_ip in ip_list %}{{ every_ip }} {% endfor %} {% endif %}
  116. {%- endif %}
  117. </Proxy>
  118. {%- endfor %}
  119. {% if site.get('Formula_Append') %}
  120. {{ site.Formula_Append|indent(4) }}
  121. {% endif %}
  122. </VirtualHost>