75 lines
2.5 KiB
ApacheConf
75 lines
2.5 KiB
ApacheConf
<VirtualHost *:80>
|
|
ServerName daniel-bremond.faivre.ml
|
|
ServerAlias www.daniel-bremond.faivre.ml
|
|
DocumentRoot /home/www/ml.faivre/daniel-bremond
|
|
#Redirect permanent / https://faivre.ml/
|
|
RewriteEngine On
|
|
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
|
|
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
|
|
ErrorLog ${APACHE_LOG_DIR}/bremond-error.log
|
|
CustomLog ${APACHE_LOG_DIR}/bremond-access.log combined
|
|
|
|
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
ServerName daniel-bremond.faivre.ml
|
|
ServerAlias www.daniel-bremond.faivre.ml
|
|
|
|
DocumentRoot /home/www/ml.faivre/daniel-bremond
|
|
|
|
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
|
|
# error, crit, alert, emerg.
|
|
# It is also possible to configure the loglevel for particular
|
|
# modules, e.g.
|
|
#LogLevel info ssl:warn
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/bremond-error.log
|
|
CustomLog ${APACHE_LOG_DIR}/bremond-access.log combined
|
|
|
|
SSLEngine on
|
|
|
|
# A self-signed (snakeoil) certificate can be created by installing
|
|
# the ssl-cert package. See
|
|
# /usr/share/doc/apache2/README.Debian.gz for more info.
|
|
# If both key and certificate are stored in the same file, only the
|
|
# SSLCertificateFile directive is needed.
|
|
SSLCertificateFile /etc/letsencrypt/live/faivre.ml/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/faivre.ml/privkey.pem
|
|
|
|
# Certificate Authority (CA):
|
|
# Set the CA certificate verification path where to find CA
|
|
# certificates for client authentication or alternatively one
|
|
# huge file containing all of them (file must be PEM encoded)
|
|
# Note: Inside SSLCACertificatePath you need hash symlinks
|
|
# to point to the certificate files. Use the provided
|
|
# Makefile to update the hash symlinks after changes.
|
|
#SSLCACertificatePath /etc/ssl/certs/
|
|
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
|
|
|
|
<Location />
|
|
SSLRequireSSL On
|
|
SSLVerifyClient none
|
|
SSLVerifyDepth 1
|
|
SSLOptions +StdEnvVars +StrictRequire
|
|
</Location>
|
|
<Directory /home/www/ml.faivre/daniel-bremond>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride All
|
|
Require all granted
|
|
SSLRenegBufferSize 10486000
|
|
</Directory>
|
|
|
|
<IfModule mod_headers.c>
|
|
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
|
|
</IfModule>
|
|
|
|
<IfModule mod_security2.c>
|
|
SecRequestBodyNoFilesLimit 5242880
|
|
</IfModule>
|
|
|
|
</VirtualHost>
|
|
|
|
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
|
|
|