diff options
author | Jan Dittberner <jandd@cacert.org> | 2019-08-02 18:19:45 +0200 |
---|---|---|
committer | Jan Dittberner <jandd@cacert.org> | 2019-08-02 18:19:45 +0200 |
commit | 9a49de9ffe7305e202f469a4153ea3b17643c6f6 (patch) | |
tree | c04ae685068f4f24e79a11b6bf0ddcc6d8885c40 /hieradata | |
parent | ad2d04ff2dd9bd23e488ed5d901c5181c5da8c08 (diff) | |
download | cacert-puppet-9a49de9ffe7305e202f469a4153ea3b17643c6f6.tar.gz cacert-puppet-9a49de9ffe7305e202f469a4153ea3b17643c6f6.tar.xz cacert-puppet-9a49de9ffe7305e202f469a4153ea3b17643c6f6.zip |
Setup Apache httpd on webstatic
Diffstat (limited to 'hieradata')
-rw-r--r-- | hieradata/nodes/webstatic.yaml | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/hieradata/nodes/webstatic.yaml b/hieradata/nodes/webstatic.yaml index c489195..21bf5fe 100644 --- a/hieradata/nodes/webstatic.yaml +++ b/hieradata/nodes/webstatic.yaml @@ -72,3 +72,103 @@ profiles::icinga2_agent::pki_ticket: > zWIAoTBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCz2/HN15HQ/xCGQExX Ozd9gDCOqJLm9jtlSoCpwDwzowwiCgRj+k1s444lp1RkvgWKCrfO3QkOF3aR MY7nsz39ve8=] +profiles::static_websites::apache_vhosts: + 'webstatic.cacert.org': + port: 80 + access_log: true + access_log_format: "combined" + error_log: true + log_level: "warn" + redirect_source: + - "/" + redirect_dest: + - "https://www.cacert.org/" + docroot: false + manage_docroot: false + 'funding.cacert.org': + port: 80 + access_log: true + access_log_format: "combined" + error_log: true + log_level: "warn" + docroot: "/var/www/funding.cacert.org" + docroot_owner: "git" + docroot_mode: "0755" + directoryindex: + - "index.html" + directories: + - + path: "/var/www/funding.cacert.org" + options: + - "-Includes" + - "-Indexes" + - "-FollowSymLinks" + - "-MultiViews" + require: "all granted" + headers: + - 'set X-Frame-Options "sameorigin"' + - 'set Strict-Transport-Security "max-age=31536000; includeSubDomains"' + - 'set X-XSS-Protection "1; mode=block"' + - 'set Cache-Control "no-cache, no-store, must-revalidate"' + - 'set Pragma "no-cache"' + - 'set Expires "-1"' + - 'set X-Permitted-Cross-Domain-Policies "master-only"' + - "set Content-Security-Policy \"default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self'; connect-src 'self';\"" + 'codedocs.cacert.org': + port: 80 + access_log: true + access_log_format: "combined" + error_log: true + log_level: "warn" + docroot: "/var/www/codedocs.cacert.org/html" + docroot_owner: "jenkins-infradocs" + docroot_group: "upload" + docroot_mode: "0755" + directoryindex: + - "index.html" + directories: + - + path: "/var/www/codedocs.cacert.org/html" + options: + - "-Includes" + - "-Indexes" + - "-FollowSymLinks" + - "-MultiViews" + require: "all granted" + headers: + - 'set X-Frame-Options "sameorigin"' + - 'set Strict-Transport-Security "max-age=31536000; includeSubDomains"' + - 'set X-XSS-Protection "1; mode=block"' + - 'set Cache-Control "no-cache, no-store, must-revalidate"' + - 'set Pragma "no-cache"' + - 'set Expires "-1"' + - 'set X-Permitted-Cross-Domain-Policies "master-only"' + 'infradocs.cacert.org': + port: 80 + access_log: true + access_log_format: "combined" + error_log: true + log_level: "warn" + docroot: "/var/www/infradocs.cacert.org/html" + docroot_owner: "jenkins-infradocs" + docroot_group: "upload" + docroot_mode: "0755" + directoryindex: + - "index.html" + directories: + - + path: "/var/www/infradocs.cacert.org/html" + options: + - "-Includes" + - "-Indexes" + - "-FollowSymLinks" + - "-MultiViews" + require: "all granted" + headers: + - 'set X-Frame-Options "sameorigin"' + - 'set Strict-Transport-Security "max-age=31536000; includeSubDomains"' + - 'set X-XSS-Protection "1; mode=block"' + - 'set Cache-Control "no-cache, no-store, must-revalidate"' + - 'set Pragma "no-cache"' + - 'set Expires "-1"' + - 'set X-Permitted-Cross-Domain-Policies "master-only"' |