vhost_ssl.tpl.php 3.08 KB
Newer Older
1

2
<?php if ($this->ssl_enabled && $this->ssl_key) : ?>
3

4 5
  <VirtualHost <?php print "{$ip_address}:{$http_ssl_port}"; ?>>
  <?php if ($this->site_mail) : ?>
omega8cc's avatar
omega8cc committed
6
    ServerAdmin <?php  print $this->site_mail; ?>
7
  <?php endif;?>
8

9 10 11 12 13 14 15 16 17
<?php
$aegir_root = drush_get_option('aegir_root');
if (!$aegir_root && $server->aegir_root) {
  $aegir_root = $server->aegir_root;
}
?>

    Alias /.well-known/acme-challenge <?php print $aegir_root; ?>/tools/le/.acme-challenges

omega8cc's avatar
omega8cc committed
18 19
    DocumentRoot <?php print $this->root; ?>

20
    ServerName <?php print $this->uri; ?>
21

22
    SetEnv db_type  <?php print urlencode($db_type); ?>
23

24
    SetEnv db_name  <?php print urlencode($db_name); ?>
25

26
    SetEnv db_user  <?php print urlencode($db_user); ?>
27

28
    SetEnv db_passwd  <?php print urlencode($db_passwd); ?>
29

30
    SetEnv db_host  <?php print urlencode($db_host); ?>
31

32
    SetEnv db_port  <?php print urlencode($db_port); ?>
33

34
    # Enable SSL handling.
omega8cc's avatar
omega8cc committed
35

36
    SSLEngine on
37

38
    SSLCertificateFile <?php print $ssl_cert; ?>
39

40
    SSLCertificateKeyFile <?php print $ssl_cert_key; ?>
41

Steven Jones's avatar
Steven Jones committed
42 43 44 45 46
  <?php if (!empty($ssl_chain_cert)) : ?>
    SSLCertificateChainFile <?php print $ssl_chain_cert; ?>
  <?php endif; ?>

<?php
47
if (sizeof($this->aliases)) {
48 49 50
  foreach ($this->aliases as $alias) {
    print "  ServerAlias " . $alias . "\n";
  }
51 52
}
?>
53

54 55 56 57
<IfModule mod_rewrite.c>
  RewriteEngine on
<?php
if ($this->redirection) {
58
  print " # Redirect all aliases to the selected alias.\n";
59 60
  print " RewriteCond %{HTTP_HOST} !^{$this->redirection}$ [NC]\n";
  print " RewriteRule ^/*(.*)$ https://{$this->redirection}/$1 [NE,L,R=301]\n";
61 62
}
?>
63 64 65 66
  RewriteRule ^/files/(.*)$ /sites/<?php print $this->uri; ?>/files/$1 [L]
  RewriteCond <?php print $this->site_path; ?>/files/robots.txt -f
  RewriteRule ^/robots.txt /sites/<?php print $this->uri; ?>/files/robots.txt [L]
</IfModule>
67

68 69 70
  <?php print $extra_config; ?>

      # Error handler for Drupal > 4.6.7
71
      <Directory ~ "sites/.*/files">
72 73 74 75 76 77 78 79 80 81
        <Files *>
          SetHandler This_is_a_Drupal_security_line_do_not_remove
        </Files>
        Options None
        Options +FollowSymLinks

        # If we know how to do it safely, disable the PHP engine entirely.
        <IfModule mod_php5.c>
          php_flag engine off
        </IfModule>
82 83
      </Directory>

84 85 86
    # Prevent direct reading of files in the private dir.
    # This is for Drupal7 compatibility, which would normally drop
    # a .htaccess in those directories, but we explicitly ignore those
87
    <Directory "<?php print $this->site_path; ?>/private/" >
88 89 90 91 92 93 94 95 96 97 98
      <Files *>
        SetHandler This_is_a_Drupal_security_line_do_not_remove
      </Files>
      Deny from all
      Options None
      Options +FollowSymLinks

      # If we know how to do it safely, disable the PHP engine entirely.
      <IfModule mod_php5.c>
        php_flag engine off
      </IfModule>
99
    </Directory>
100

101 102 103 104 105
    # Allow access to hosting_le challenges directory.
    <Directory "<?php print $aegir_root; ?>/tools/le/.acme-challenges">
      Require all granted
    </Directory>

106 107 108
  </VirtualHost>
<?php endif; ?>

omega8cc's avatar
omega8cc committed
109
<?php
110
  include(provision_class_directory('Provision_Config_Apache_Site') . '/vhost.tpl.php');
111
?>