bm39.eu domains in unique file and /.well-known becomes global alias
This commit is contained in:
@@ -19,6 +19,12 @@
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
Alias /.well-known/ /home/www/.well-known/
|
||||
<Directory /home/www/.well-known/>
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
</IfModule>
|
||||
|
||||
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
|
||||
|
||||
@@ -3,14 +3,12 @@
|
||||
ServerAlias www.daniel-bremond.faivre.ml
|
||||
DocumentRoot /var/www/html/daniel-bremond
|
||||
#Redirect permanent / https://faivre.ml/
|
||||
RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://daniel-bremond.faivre.ml$0
|
||||
RewriteEngine On
|
||||
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
|
||||
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
|
||||
ErrorLog ${APACHE_LOG_DIR}/bremond-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/bremond-access.log combined
|
||||
Alias /.well-known/ /home/www/well-known/.well-known/
|
||||
<Directory /home/www/well-known/>
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
|
||||
</VirtualHost>
|
||||
|
||||
@@ -38,8 +36,6 @@
|
||||
# SSLCertificateFile directive is needed.
|
||||
SSLCertificateFile /etc/letsencrypt/live/faivre.ml/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/faivre.ml/privkey.pem
|
||||
SSLCertificateFile /etc/letsencrypt/live/www.faivre.ml/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/www.faivre.ml/privkey.pem
|
||||
|
||||
# Certificate Authority (CA):
|
||||
# Set the CA certificate verification path where to find CA
|
||||
|
||||
74
damia/etc/apache2/sites-available/eu.bm39-all.conf
Normal file
74
damia/etc/apache2/sites-available/eu.bm39-all.conf
Normal file
@@ -0,0 +1,74 @@
|
||||
# all bm39.eu subdomains
|
||||
|
||||
<Macro bm39 $name $domain>
|
||||
<VirtualHost *:80>
|
||||
ServerName $domain
|
||||
ServerAlias www.$domain
|
||||
UseCanonicalName Off
|
||||
|
||||
#DocumentRoot /home/www/eu.bm39/$name
|
||||
|
||||
CustomLog ${APACHE_LOG_DIR}/eu.bm39.$name-access.log combined
|
||||
ErrorLog ${APACHE_LOG_DIR}/eu.bm39.$name-error.log
|
||||
|
||||
# br, feb 13, 2016. The following hack is necessary to have
|
||||
# letsencrypt work in "--webroot" mode, as it does not handle
|
||||
# https redirection
|
||||
RewriteEngine On
|
||||
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
|
||||
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
ServerName $domain
|
||||
ServerAlias www.$domain
|
||||
UseCanonicalName Off
|
||||
|
||||
DocumentRoot /home/www/eu.bm39/$name
|
||||
|
||||
CustomLog ${APACHE_LOG_DIR}/eu.bm39.$name-access.log combined
|
||||
ErrorLog ${APACHE_LOG_DIR}/eu.bm39.$name-error.log
|
||||
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/letsencrypt/live/bm39.eu/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/bm39.eu/privkey.pem
|
||||
|
||||
<Location />
|
||||
SSLRequireSSL On
|
||||
SSLVerifyClient none
|
||||
SSLVerifyDepth 1
|
||||
SSLOptions +StdEnvVars +StrictRequire
|
||||
</Location>
|
||||
|
||||
RewriteEngine on
|
||||
|
||||
<Directory /home/www/eu.bm39/$name>
|
||||
Options Indexes FollowSymLinks MultiViews
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
# Kesako ?
|
||||
SSLRenegBufferSize 10486000
|
||||
</Directory>
|
||||
|
||||
# Kesako ?
|
||||
<IfModule mod_headers.c>
|
||||
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
|
||||
</IfModule>
|
||||
|
||||
# Kesako ? Puisque mod_security2 n'est pas utilisé, je commente.
|
||||
#<IfModule mod_security2.c>
|
||||
# SecRequestBodyNoFilesLimit 5242880
|
||||
#</IfModule>
|
||||
|
||||
</VirtualHost>
|
||||
|
||||
</Macro>
|
||||
|
||||
# macros: Each line is
|
||||
# Use <dir> <fqdn>
|
||||
# with dir: /home/www/eu.bm39/<dir>
|
||||
Use bm39 root bm39.eu
|
||||
Use bm39 dev dev.bm39.eu
|
||||
Use bm39 test test.bm39.eu
|
||||
|
||||
UndefMacro bm39
|
||||
@@ -3,15 +3,12 @@
|
||||
ServerAlias www.faivre.ml
|
||||
DocumentRoot /var/www/html
|
||||
#Redirect permanent / https://faivre.ml/
|
||||
RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://faivre.ml$0
|
||||
RewriteEngine On
|
||||
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
|
||||
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
|
||||
ErrorLog ${APACHE_LOG_DIR}/faivre.ml-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/faivre.ml-access.log combined
|
||||
Alias /.well-known/ /home/www/well-known/.well-known/
|
||||
<Directory /home/www/well-known/>
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
@@ -38,8 +35,6 @@
|
||||
# SSLCertificateFile directive is needed.
|
||||
SSLCertificateFile /etc/letsencrypt/live/faivre.ml/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/faivre.ml/privkey.pem
|
||||
SSLCertificateFile /etc/letsencrypt/live/www.faivre.ml/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/www.faivre.ml/privkey.pem
|
||||
|
||||
# Certificate Authority (CA):
|
||||
# Set the CA certificate verification path where to find CA
|
||||
@@ -57,7 +52,7 @@
|
||||
SSLVerifyDepth 1
|
||||
SSLOptions +StdEnvVars +StrictRequire
|
||||
</Location>
|
||||
<Directory /var/www>
|
||||
<Directory /var/www/html/faivre>
|
||||
Options Indexes FollowSymLinks MultiViews
|
||||
AllowOverride All
|
||||
Require all granted
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
../sites-available/dev.bm39.conf
|
||||
1
damia/etc/apache2/sites-enabled/eu.bm39-all.conf
Symbolic link
1
damia/etc/apache2/sites-enabled/eu.bm39-all.conf
Symbolic link
@@ -0,0 +1 @@
|
||||
../sites-available/eu.bm39-all.conf
|
||||
@@ -1 +0,0 @@
|
||||
../sites-available/eu.bm39.conf
|
||||
@@ -1 +1 @@
|
||||
../sites-available/faivre.conf
|
||||
/etc/apache2/sites-available/faivre.conf
|
||||
@@ -1 +0,0 @@
|
||||
../sites-available/test.bm39.conf
|
||||
Reference in New Issue
Block a user