apache-formula/apache/config/vhosts/proxy.tmpl
Benjamin Neff 2b52e11a8a
fix(vhosts): replace %O with %b in default LogFormat
%O needs mod_logio, which isn't enabled by default everywhere, so it
also shouldn't be used as default fallback LogFormat.
2020-10-14 02:57:00 +02:00

131 lines
6.2 KiB
Cheetah

#
# This file is managed by Salt! Do not edit by hand!
#
{# Define default values here so the template below can just focus on layout #}
{% set sitename = site.get('ServerName', id) %}
{% set vals = {
'interfaces': site.get('interface', '*').split(),
'port': site.get('port', '80'),
'ServerName': sitename,
'ServerAlias': site.get('ServerAlias', ''),
'ServerAdmin': site.get('ServerAdmin', 'webmaster@{0}'.format(sitename)),
'UseCanonicalName': site.get('UseCanonicalName'),
'LogLevel': site.get('LogLevel', 'warn'),
'ErrorLog': site.get('ErrorLog', '{0}/{1}-error.log'.format(map.logdir, sitename)),
'LogFormat': site.get('LogFormat', '"%a %l %u %t \\"%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\""'),
'CustomLog': site.get('CustomLog', '{0}/{1}-access.log'.format(map.logdir, sitename)),
'ProxyRequests': site.get('ProxyRequests', 'Off'),
'ProxyPreserveHost': site.get('ProxyPreserveHost', 'On'),
'ProxyRoute': site.get('ProxyRoute', {}),
'Location': {
'Order': 'allow,deny',
'Allow': 'from all',
'Require': 'all granted',
},
'LocationMatch': {
'Order': 'allow,deny',
'Allow': 'from all',
'Require': 'all granted',
},
} %}
<VirtualHost {% for intf in vals.interfaces %} {{ intf }}:{{ vals.port }}{% endfor -%}>
ServerName {{ vals.ServerName }}
{% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}
{% if site.get('ServerAdmin') != False %}ServerAdmin {{ vals.ServerAdmin }}{% endif %}
{% if site.get('UseCanonicalName') %}UseCanonicalName {{ vals.UseCanonicalName }}{% endif %}
{% if site.get('LogLevel') != False %}LogLevel {{ vals.LogLevel }}{% endif %}
{% if site.get('ErrorLog') != False %}ErrorLog {{ vals.ErrorLog }}{% endif %}
{% if site.get('LogFormat') != False -%}LogFormat {{ vals.LogFormat }}{% endif %}
{% if site.get('CustomLog') != False -%}LogFormat {{ vals.LogFormat }} {{ sitename }}
CustomLog {{ vals.CustomLog }} {{ sitename }}{% endif %}
{% if site.get('SSLCertificateFile') %}SSLEngine on
SSLCertificateFile {{ site.SSLCertificateFile }}
{% if site.get('SSLCertificateKeyFile') %}SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}{% endif %}
{% if site.get('SSLCertificateChainFile') %}SSLCertificateChainFile {{ site.SSLCertificateChainFile }}{% endif %}
{% endif %}
{% if site.get('Rewrite') %}RewriteEngine on
{{ site.Rewrite }}
{% endif %}
{% if site.get('SSLProxyEngine') %}SSLProxyEngine {{ site.SSLProxyEngine }}{% endif %}
ProxyRequests {{ vals.ProxyRequests }}
ProxyPreserveHost {{ vals.ProxyPreserveHost }}
{% if site.get('ProxyErrorOverride') %}ProxyErrorOverride {{ site.ProxyErrorOverride }} {% endif %}
{% if site.get('ProxyErrorDir') %}ProxyPass /{{ site.ProxyErrorDir }}/ ! {% endif %}
{% for proxy, proxyargs in vals.ProxyRoute|dictsort|reverse %}
{% set proxyvals = {
'ProxyPassSource': proxyargs.get('ProxyPassSource', '/'),
'ProxyPassTarget': proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename)),
'ProxyPassTargetOptions': proxyargs.get('ProxyPassTargetOptions', ''),
'ProxyPassReverseSource': proxyargs.get('ProxyPassReverseSource', '/'),
'ProxyPassReverseTarget': proxyargs.get('ProxyPassReverseTarget', proxyargs.get('ProxyPassTarget', 'https://{0}'.format(sitename))),
} %}
######### {{proxy}} #########
ProxyPass {{ proxyvals.ProxyPassSource }} {{ proxyvals.ProxyPassTarget }} {{ proxyvals.ProxyPassTargetOptions }}
ProxyPassReverse {{ proxyvals.ProxyPassReverseSource }} {{ proxyvals.ProxyPassReverseTarget }}
{% endfor %}
{% for path, loc in site.get('Location', {}).items() %}
{% set lvals = {
'Order': loc.get('Order', vals.Location.Order),
'Allow': loc.get('Allow', vals.Location.Allow),
'Require': loc.get('Require', vals.Location.Require),
'Dav': loc.get('Dav', False),
} %}
<Location "{{ path }}">
{% if apache.version == '2.4' %}
{% if lvals.get('Require') != False %}Require {{ lvals.Require }}{% endif %}
{% else %}
{% if lvals.get('Order') != False %}Order {{ lvals.Order }}{% endif %}
{% if lvals.get('Allow') != False %}Allow {{ lvals.Allow }}{% endif %}
{% endif %}
{% if loc.get('Formula_Append') %} {{ loc.Formula_Append|indent(8) }} {% endif %}
</Location>
{% endfor %}
{% for regpath, locmat in site.get('LocationMatch', {}).items() %}
{% set lmvals = {
'Order': locmat.get('Order', vals.LocationMatch.Order),
'Allow': locmat.get('Allow', vals.LocationMatch.Allow),
'Require': locmat.get('Require', vals.LocationMatch.Require),
'Dav': locmat.get('Dav', False),
} %}
<LocationMatch "{{ regpath }}">
{% if apache.version == '2.4' %}
{% if lmvals.get('Require') != False %}Require {{ lmvals.Require }}{% endif %}
{% else %}
{% if lmvals.get('Order') != False %}Order {{ lmvals.Order }}{% endif %}
{% if lmvals.get('Allow') != False %}Allow {{ lmvals.Allow }}{% endif %}
{% endif %}
{% if locmat.get('Formula_Append') %} {{ locmat.Formula_Append|indent(8) }} {% endif %}
</LocationMatch>
{% endfor %}
{% for proxypath, prox in site.get('Proxy_control', {}).items() %}
{% set proxvals = {
'AllowAll': prox.get('AllowAll', vals.AllowAll),
'AllowCountry': prox.get('AllowCountry', vals.AllowCountry),
'AllowIP': prox.get('AllowIP', vals.AllowIP),
} %}
<Proxy "{{ proxypath }}">
{% if proxvals.get('AllowAll') != False %}
Require all granted
{% else %}
{% if proxvals.get('AllowCountry') != False %}{% set country_list = proxvals.get('AllowCountry', {}) %}GeoIPEnable On
{% for every_country in country_list %}SetEnvIf GEOIP_COUNTRY_CODE {{ every_country }} AllowCountry
{% endfor %}Require env AllowCountry {% endif %}
{% if proxvals.get('AllowIP') is defined %} {% set ip_list = proxvals.get('AllowIP', {}) %}
Require ip {% for every_ip in ip_list %}{{ every_ip }} {% endfor %} {% endif %}
{% endif %}
</Proxy>
{% endfor %}
{% if site.get('Formula_Append') %}
{{ site.Formula_Append|indent(4) }}
{% endif %}
</VirtualHost>