new bm39.eu domain

damia/etc/apache2/sites-available/dev.bm39.conf

@@ -0,0 +1,74 @@
+<VirtualHost *:80> 
+    ServerName dev.bm39.eu 
+    ServerAlias www.dev.bm39.eu 
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/dev 
+    #Redirect permanent / https://bm39.eu/
+    RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0
+    ErrorLog ${APACHE_LOG_DIR}/error-bm39.log
+    CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined
+    Alias /.well-known/ /home/www/well-known/.well-known/
+    <Directory /home/www/well-known/> 
+	AllowOverride All
+	Require all granted
+    </Directory> 
+</VirtualHost> 
+
+<VirtualHost *:443> 
+    ServerName dev.bm39.eu 
+    ServerAlias www.dev.bm39.eu 
+
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/dev
+
+    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+    # error, crit, alert, emerg.
+    # It is also possible to configure the loglevel for particular
+    # modules, e.g.
+    #LogLevel info ssl:warn
+
+    ErrorLog ${APACHE_LOG_DIR}/bm39-error.log
+    CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined
+
+    SSLEngine on
+
+    #   A self-signed (snakeoil) certificate can be created by installing
+    #   the ssl-cert package. See
+    #   /usr/share/doc/apache2/README.Debian.gz for more info.
+    #   If both key and certificate are stored in the same file, only the
+    #   SSLCertificateFile directive is needed.
+    SSLCertificateFile      /etc/letsencrypt/live/bm39.eu/fullchain.pem
+    SSLCertificateKeyFile   /etc/letsencrypt/live/bm39.eu/privkey.pem
+    #   Certificate Authority (CA):
+    #   Set the CA certificate verification path where to find CA
+    #   certificates for client authentication or alternatively one
+    #   huge file containing all of them (file must be PEM encoded)
+    #   Note: Inside SSLCACertificatePath you need hash symlinks
+    #		 to point to the certificate files. Use the provided
+    #		 Makefile to update the hash symlinks after changes.
+    #SSLCACertificatePath /etc/ssl/certs/
+    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+    <Location />
+	SSLRequireSSL On
+	SSLVerifyClient none
+	SSLVerifyDepth 1
+	SSLOptions +StdEnvVars +StrictRequire
+    </Location>
+    <Directory /mnt/my-mountpoint/www/eu.bm39/dev> 
+	Options Indexes FollowSymLinks MultiViews
+	AllowOverride All
+	Require all granted
+        SSLRenegBufferSize 10486000
+    </Directory> 
+
+    <IfModule mod_headers.c>
+	Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+    </IfModule>
+	
+	<IfModule mod_security2.c>
+	SecRequestBodyNoFilesLimit 5242880
+	</IfModule>
+	
+</VirtualHost> 
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
+

damia/etc/apache2/sites-available/eu.bm39.conf

@@ -0,0 +1,74 @@
+<VirtualHost *:80> 
+    ServerName bm39.eu 
+    ServerAlias www.bm39.eu 
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/root 
+    #Redirect permanent / https://bm39.eu/
+    RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0
+    ErrorLog ${APACHE_LOG_DIR}/error-bm39.log
+    CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined
+    Alias /.well-known/ /home/www/well-known/.well-known/
+    <Directory /home/www/well-known/> 
+	AllowOverride All
+	Require all granted
+    </Directory> 
+</VirtualHost> 
+
+<VirtualHost *:443> 
+    ServerName bm39.eu 
+    ServerAlias www.bm39.eu 
+
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/root
+
+    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+    # error, crit, alert, emerg.
+    # It is also possible to configure the loglevel for particular
+    # modules, e.g.
+    #LogLevel info ssl:warn
+
+    ErrorLog ${APACHE_LOG_DIR}/bm39-error.log
+    CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined
+
+    SSLEngine on
+
+    #   A self-signed (snakeoil) certificate can be created by installing
+    #   the ssl-cert package. See
+    #   /usr/share/doc/apache2/README.Debian.gz for more info.
+    #   If both key and certificate are stored in the same file, only the
+    #   SSLCertificateFile directive is needed.
+    SSLCertificateFile      /etc/letsencrypt/live/bm39.eu/fullchain.pem
+    SSLCertificateKeyFile   /etc/letsencrypt/live/bm39.eu/privkey.pem
+    #   Certificate Authority (CA):
+    #   Set the CA certificate verification path where to find CA
+    #   certificates for client authentication or alternatively one
+    #   huge file containing all of them (file must be PEM encoded)
+    #   Note: Inside SSLCACertificatePath you need hash symlinks
+    #		 to point to the certificate files. Use the provided
+    #		 Makefile to update the hash symlinks after changes.
+    #SSLCACertificatePath /etc/ssl/certs/
+    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+    <Location />
+	SSLRequireSSL On
+	SSLVerifyClient none
+	SSLVerifyDepth 1
+	SSLOptions +StdEnvVars +StrictRequire
+    </Location>
+    <Directory /mnt/my-mountpoint/www/eu.bm39/root> 
+	Options Indexes FollowSymLinks MultiViews
+	AllowOverride All
+	Require all granted
+        SSLRenegBufferSize 10486000
+    </Directory> 
+
+    <IfModule mod_headers.c>
+	Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+    </IfModule>
+	
+	<IfModule mod_security2.c>
+	SecRequestBodyNoFilesLimit 5242880
+	</IfModule>
+	
+</VirtualHost> 
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
+

damia/etc/apache2/sites-available/test.bm39.conf

@@ -0,0 +1,74 @@
+<VirtualHost *:80> 
+    ServerName test.bm39.eu 
+    ServerAlias www.test.bm39.eu 
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/test 
+    #Redirect permanent / https://bm39.eu/
+    RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0
+    ErrorLog ${APACHE_LOG_DIR}/error-bm39.log
+    CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined
+    Alias /.well-known/ /home/www/well-known/.well-known/
+    <Directory /home/www/well-known/> 
+	AllowOverride All
+	Require all granted
+    </Directory> 
+</VirtualHost> 
+
+<VirtualHost *:443> 
+    ServerName test.bm39.eu 
+    ServerAlias www.test.bm39.eu 
+
+    DocumentRoot /mnt/my-mountpoint/www/eu.bm39/test
+
+    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+    # error, crit, alert, emerg.
+    # It is also possible to configure the loglevel for particular
+    # modules, e.g.
+    #LogLevel info ssl:warn
+
+    ErrorLog ${APACHE_LOG_DIR}/bm39-error.log
+    CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined
+
+    SSLEngine on
+
+    #   A self-signed (snakeoil) certificate can be created by installing
+    #   the ssl-cert package. See
+    #   /usr/share/doc/apache2/README.Debian.gz for more info.
+    #   If both key and certificate are stored in the same file, only the
+    #   SSLCertificateFile directive is needed.
+    SSLCertificateFile      /etc/letsencrypt/live/bm39.eu/fullchain.pem
+    SSLCertificateKeyFile   /etc/letsencrypt/live/bm39.eu/privkey.pem
+    #   Certificate Authority (CA):
+    #   Set the CA certificate verification path where to find CA
+    #   certificates for client authentication or alternatively one
+    #   huge file containing all of them (file must be PEM encoded)
+    #   Note: Inside SSLCACertificatePath you need hash symlinks
+    #		 to point to the certificate files. Use the provided
+    #		 Makefile to update the hash symlinks after changes.
+    #SSLCACertificatePath /etc/ssl/certs/
+    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
+
+    <Location />
+	SSLRequireSSL On
+	SSLVerifyClient none
+	SSLVerifyDepth 1
+	SSLOptions +StdEnvVars +StrictRequire
+    </Location>
+    <Directory /mnt/my-mountpoint/www/eu.bm39/test> 
+	Options Indexes FollowSymLinks MultiViews
+	AllowOverride All
+	Require all granted
+        SSLRenegBufferSize 10486000
+    </Directory> 
+
+    <IfModule mod_headers.c>
+	Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+    </IfModule>
+	
+	<IfModule mod_security2.c>
+	SecRequestBodyNoFilesLimit 5242880
+	</IfModule>
+	
+</VirtualHost> 
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
+

damia/etc/apache2/sites-enabled/dev.bm39.conf

@@ -0,0 +1 @@
+../sites-available/dev.bm39.conf

damia/etc/apache2/sites-enabled/eu.bm39.conf

@@ -0,0 +1 @@
+../sites-available/eu.bm39.conf

damia/etc/apache2/sites-enabled/test.bm39.conf

@@ -0,0 +1 @@
+../sites-available/test.bm39.conf