Saltstack Official Apache Formula
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.

134 lines
4.2KB

  1. # ``apache`` formula configuration:
  2. apache:
  3. # lookup section overrides ``map.jinja`` values
  4. lookup:
  5. server: apache2
  6. service: apache2
  7. vhostdir: /etc/apache2/sites-available
  8. confdir: /etc/apache2/conf.d
  9. confext: .conf
  10. logdir: /var/log/apache2
  11. wwwdir: /srv/apache2
  12. # apache version (generally '2.2' or '2.4')
  13. version: '2.2'
  14. # ``apache.mod_wsgi`` formula additional configuration:
  15. mod_wsgi: mod_wsgi
  16. # ``apache.vhosts`` formula additional configuration:
  17. sites:
  18. example.net:
  19. template_file: salt://apache/vhosts/minimal.tmpl
  20. example.com: # must be unique; used as an ID declaration in Salt.
  21. enabled: True
  22. template_file: salt://apache/vhosts/standard.tmpl # or redirect.tmpl or proxy.tmpl
  23. ####################### DEFAULT VALUES BELOW ############################
  24. # NOTE: the values below are simply default settings that *can* be
  25. # overridden and are not required in order to use this formula to create
  26. # vhost entries.
  27. #
  28. # Do not copy the values below into your Pillar unless you intend to
  29. # modify these vaules.
  30. ####################### DEFAULT VALUES BELOW ############################
  31. template_engine: jinja
  32. interface: '*'
  33. port: '80'
  34. ServerName: example.com # uses the unique ID above unless specified
  35. ServerAlias: www.example.com
  36. ServerAdmin: webmaster@example.com
  37. LogLevel: warn
  38. ErrorLog: /path/to/logs/example.com-error.log # E.g.: /var/log/apache2/example.com-error.log
  39. CustomLog: /path/to/logs/example.com-access.log # E.g.: /var/log/apache2/example.com-access.log
  40. DocumentRoot: /path/to/www/dir/example.com # E.g., /var/www/example.com
  41. SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired
  42. SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file
  43. SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file
  44. Directory:
  45. # "default" is a special case; Adds ``/path/to/www/dir/example.com``
  46. # E.g.: /var/www/example.com
  47. default:
  48. Options: -Indexes FollowSymLinks
  49. Order: allow,deny # For Apache < 2.4
  50. Allow: from all # For apache < 2.4
  51. Require: all granted # For apache > 2.4.
  52. AllowOverride: None
  53. Formula_Append: |
  54. Additional config as a
  55. multi-line string here
  56. # if template is 'redirect.tmpl'
  57. # RedirectSource: '/'
  58. # RedirectTarget: 'http://www.example.net'
  59. # if template is 'proxy.tmpl'
  60. # ProxyPreserveHost: 'On'
  61. # ProxyRoute:
  62. # my sample route:
  63. # ProxyPassSource: '/'
  64. # ProxyPassTarget: 'http://www.example.net'
  65. # ProxyPassReverseSource: '/'
  66. # ProxyPassReverseTarget: 'http://www.example.net'
  67. Alias:
  68. /docs: /usr/share/docs
  69. Location:
  70. /docs:
  71. Order: allow,deny # For Apache < 2.4
  72. Allow: from all # For apache < 2.4
  73. Require: all granted # For apache > 2.4.
  74. Formula_Append: |
  75. Additional config as a
  76. multi-line string here
  77. Formula_Append: |
  78. Additional config as a
  79. multi-line string here
  80. # ``apache.debian_full`` formula additional configuration:
  81. register-site:
  82. # any name as an array index, and you can duplicate this section
  83. UNIQUE_VALUE_HERE:
  84. name: 'my name'
  85. path: 'salt://path/to/sites-available/conf/file'
  86. state: 'enabled'
  87. # Optional - use managed file as Jinja Template
  88. #template: true
  89. #defaults:
  90. # custom_var: "default value"
  91. modules:
  92. enabled: # List modules to enable
  93. - ldap
  94. - ssl
  95. disabled: # List modules to disable
  96. - rewrite
  97. # KeepAlive: Whether or not to allow persistent connections (more than
  98. # one request per connection). Set to "Off" to deactivate.
  99. keepalive: 'On'
  100. security:
  101. # can be Full | OS | Minimal | Minor | Major | Prod
  102. # where Full conveys the most information, and Prod the least.
  103. ServerTokens: Prod
  104. # ``apache.mod_remoteip`` formula additional configuration:
  105. mod_remoteip:
  106. RemoteIPHeader: X-Forwarded-For
  107. RemoteIPTrustedProxy:
  108. - 10.0.8.0/24
  109. - 127.0.0.1