Tentative unique config file for *.faivre.ml

2021-03-22 08:57:04 +01:00
parent 85dcf07260
commit 959fbfbe14
1 changed files with 73 additions and 0 deletions
--- a/damia/etc/apache2/sites-available/ml.faivre-all.conf
+++ b/damia/etc/apache2/sites-available/ml.faivre-all.conf
@@ -0,0 +1,73 @@
+# all faivre.ml subdomains
+
+<Macro faivre $name $domain>
+    <VirtualHost *:80>
+	ServerName $domain
+	ServerAlias www.$domain
+	UseCanonicalName Off
+
+	#DocumentRoot /home/www/ml.faivre/$name
+
+	CustomLog ${APACHE_LOG_DIR}/ml.faivre.$name-access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/ml.faivre.$name-error.log
+
+	# br, feb 13, 2016. The following hack is necessary to have
+	# letsencrypt work in "--webroot" mode, as it does not handle
+	# https redirection
+	RewriteEngine On
+	RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
+	RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
+    </VirtualHost>
+
+    <VirtualHost *:443>
+	ServerName $domain
+	ServerAlias www.$domain
+	UseCanonicalName Off
+
+	DocumentRoot /home/www/ml.faivre/$name
+
+	CustomLog ${APACHE_LOG_DIR}/ml.faivre.$name-access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/ml.faivre.$name-error.log
+
+	SSLEngine on
+        SSLCertificateFile      /etc/letsencrypt/live/faivre.ml/fullchain.pem
+        SSLCertificateKeyFile   /etc/letsencrypt/live/faivre.ml/privkey.pem
+
+	<Location />
+	    SSLRequireSSL On
+	    SSLVerifyClient none
+	    SSLVerifyDepth 1
+	    SSLOptions +StdEnvVars +StrictRequire
+	</Location>
+
+	RewriteEngine on
+
+	<Directory  /home/www/ml.faivre/$name>
+    	    Options Indexes FollowSymLinks MultiViews
+    	    AllowOverride All
+    	    Require all granted
+            # Kesako ?
+            SSLRenegBufferSize 10486000
+	</Directory>
+
+        # Kesako ?
+        <IfModule mod_headers.c>
+	    Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+        </IfModule>
+
+        # Kesako ? Puisque mod_security2 n'est pas utilisé, je commente.
+	#<IfModule mod_security2.c>
+	#    SecRequestBodyNoFilesLimit 5242880
+	#</IfModule>
+
+    </VirtualHost>
+
+</Macro>
+
+# macros: Each line is
+# Use <dir> <fqdn>
+# with dir: /home/www/ml.faivre/<dir>
+Use faivre  root    faivre.ml
+Use faivre  bremond bremond.faivre.ml
+
+UndefMacro faivre