From c32c2c5fe60e727d8a6b1cb2f9a94785f6945008 Mon Sep 17 00:00:00 2001 From: Bruno Raoult Date: Mon, 22 Mar 2021 08:22:25 +0100 Subject: [PATCH] new bm39.eu domain --- .../etc/apache2/sites-available/dev.bm39.conf | 74 +++++++++++++++++++ .../etc/apache2/sites-available/eu.bm39.conf | 74 +++++++++++++++++++ .../apache2/sites-available/test.bm39.conf | 74 +++++++++++++++++++ 3 files changed, 222 insertions(+) create mode 100644 damia/etc/apache2/sites-available/dev.bm39.conf create mode 100644 damia/etc/apache2/sites-available/eu.bm39.conf create mode 100644 damia/etc/apache2/sites-available/test.bm39.conf diff --git a/damia/etc/apache2/sites-available/dev.bm39.conf b/damia/etc/apache2/sites-available/dev.bm39.conf new file mode 100644 index 0000000..f2692a2 --- /dev/null +++ b/damia/etc/apache2/sites-available/dev.bm39.conf @@ -0,0 +1,74 @@ + + ServerName dev.bm39.eu + ServerAlias www.dev.bm39.eu + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/dev + #Redirect permanent / https://bm39.eu/ + RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0 + ErrorLog ${APACHE_LOG_DIR}/error-bm39.log + CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined + Alias /.well-known/ /home/www/well-known/.well-known/ + + AllowOverride All + Require all granted + + + + + ServerName dev.bm39.eu + ServerAlias www.dev.bm39.eu + + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/dev + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/bm39-error.log + CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined + + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/letsencrypt/live/bm39.eu/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/bm39.eu/privkey.pem + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + + SSLRequireSSL On + SSLVerifyClient none + SSLVerifyDepth 1 + SSLOptions +StdEnvVars +StrictRequire + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Require all granted + SSLRenegBufferSize 10486000 + + + + Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" + + + + SecRequestBodyNoFilesLimit 5242880 + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet + diff --git a/damia/etc/apache2/sites-available/eu.bm39.conf b/damia/etc/apache2/sites-available/eu.bm39.conf new file mode 100644 index 0000000..f8ecd56 --- /dev/null +++ b/damia/etc/apache2/sites-available/eu.bm39.conf @@ -0,0 +1,74 @@ + + ServerName bm39.eu + ServerAlias www.bm39.eu + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/root + #Redirect permanent / https://bm39.eu/ + RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0 + ErrorLog ${APACHE_LOG_DIR}/error-bm39.log + CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined + Alias /.well-known/ /home/www/well-known/.well-known/ + + AllowOverride All + Require all granted + + + + + ServerName bm39.eu + ServerAlias www.bm39.eu + + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/root + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/bm39-error.log + CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined + + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/letsencrypt/live/bm39.eu/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/bm39.eu/privkey.pem + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + + SSLRequireSSL On + SSLVerifyClient none + SSLVerifyDepth 1 + SSLOptions +StdEnvVars +StrictRequire + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Require all granted + SSLRenegBufferSize 10486000 + + + + Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" + + + + SecRequestBodyNoFilesLimit 5242880 + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet + diff --git a/damia/etc/apache2/sites-available/test.bm39.conf b/damia/etc/apache2/sites-available/test.bm39.conf new file mode 100644 index 0000000..7161a21 --- /dev/null +++ b/damia/etc/apache2/sites-available/test.bm39.conf @@ -0,0 +1,74 @@ + + ServerName test.bm39.eu + ServerAlias www.test.bm39.eu + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/test + #Redirect permanent / https://bm39.eu/ + RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://bm39.eu$0 + ErrorLog ${APACHE_LOG_DIR}/error-bm39.log + CustomLog ${APACHE_LOG_DIR}/access-bm39.log combined + Alias /.well-known/ /home/www/well-known/.well-known/ + + AllowOverride All + Require all granted + + + + + ServerName test.bm39.eu + ServerAlias www.test.bm39.eu + + DocumentRoot /mnt/my-mountpoint/www/eu.bm39/test + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/bm39-error.log + CustomLog ${APACHE_LOG_DIR}/bm39-access.log combined + + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/letsencrypt/live/bm39.eu/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/bm39.eu/privkey.pem + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + + SSLRequireSSL On + SSLVerifyClient none + SSLVerifyDepth 1 + SSLOptions +StdEnvVars +StrictRequire + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Require all granted + SSLRenegBufferSize 10486000 + + + + Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" + + + + SecRequestBodyNoFilesLimit 5242880 + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet +