"Ajout expl_create_vhost.sh"

2017-07-22 09:15:38 +02:00
parent 4aa8e9642f
commit ac1f00a9df
7 changed files with 308 additions and 1 deletions
--- a/mod/backend_template.conf
+++ b/mod/backend_template.conf
@@ -0,0 +1,13 @@
+<VirtualHost SITE_IP:SITE_PORT>                                                                                                                                           
+        ServerName SITE_NAME
+        ServerAdmin bofh@tetalab.org
+        DocumentRoot /var/www/SITE_NAME
+        RemoteIPHeader X-Forwarded-For
+        RemoteIPInternalProxy 192.168.122.0/24
+        <Directory /var/www/SITE_NAME>
+                AllowOverride All
+                Require all granted
+        </Directory>
+        ErrorLog /var/log/httpd/SITE_NAME.error.log
+        CustomLog /var/log/httpd/SITE_NAME.access.log combined
+</VirtualHost>
--- a/mod/rproxy_template.conf
+++ b/mod/rproxy_template.conf
@@ -0,0 +1,36 @@
+<VirtualHost 192.168.122.42:80>
+    # ReverseProxy with https redirect template
+    #
+    # Written by Doug Le Tough
+    #
+    # Usage:
+    # sed -s 's/SITE_NAME/example.com/g' site_template.conf > example.org.conf
+    # sed -i 's/SITE_HOST/hostname.local.tetalab.org/g' example.org.conf
+    #
+    Define FQDN SITE_NAME
+    Define HOST SITE_HOST
+    Define HOST_PORT SITE_PORT
+    ServerName ${FQDN}
+    ### All HTTP requests are converted to HTTPS requests
+    <IfModule mod_rewrite.c>
+      RewriteEngine On
+      RewriteCond %{HTTPS} off
+      RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+    </IfModule>
+    ErrorLog "/var/log/httpd/${FQDN}_error.log"
+    CustomLog "/var/log/httpd/${FQDN}_access.log" Combined
+</VirtualHost>
+<VirtualHost 192.168.122.42:443>
+    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
+    ServerName ${FQDN}
+    ProxyPreserveHost On
+    SSLEngine on
+    SSLCertificateFile      /etc/dehydrated/certs/${FQDN}/cert.pem
+    SSLCertificateKeyFile   /etc/dehydrated/certs/${FQDN}/privkey.pem
+    SSLCertificateChainFile /etc/dehydrated/certs/${FQDN}/fullchain.pem
+    RequestHeader set X_FORWARDED_PROTO 'https'
+    ProxyPass / http://${HOST}:${HOST_PORT}/
+    ProxyPassReverse / http://${HOST}:${HOST_PORT}/
+    ErrorLog "/var/log/httpd/${FQDN}_error.log"
+    CustomLog "/var/log/httpd/${FQDN}_access.log" Combined
+</VirtualHost>