12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 |
- {% if ansible_controlled is defined and ansible_controlled != "" %}
- #
- # {{ ansible_controlled }}
- #
- {% endif %}
- # Apache vhost for PHP system checks
- <VirtualHost {%if phpsyscheck_vhostip %}{{ phpsyscheck_vhostip }}{% else %}*{% endif %}:{%if phpsyscheck_vhostport %}{{ phpsyscheck_vhostport }}{% else %}80{% endif %}>
- ServerName {{ phpsyscheck_vhostname }}
- Include conf-available/letsencrypt.conf
- {% if phpsyscheck_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpsyscheck_vhostname in ssl_certs_auto_installed.stdout_lines %}
- RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://{{ phpsyscheck_vhostname }}$0
- {% else %}
- DocumentRoot /etc/phpsyscheck
- DirectoryIndex index.php
- {% if phpsyscheck_http_auth %}
- <Location />
- AuthType basic
- AuthName "Restricted Access"
- AuthUserFile /etc/apache2/auth_admin
- <RequireAny>
- {% if phpsyscheck_http_whitelist_ip|length > 0 %}
- Require ip {{ phpsyscheck_http_whitelist_ip | join(' ') }}
- {% endif %}
- Require valid-user
- </RequireAny>
- </Location>
- {% endif %}
- <Directory /etc/phpsyscheck>
- Options None
- AllowOverride None
- Require all granted
- </Directory>
- {% if with_fpm|bool %}
- Include conf-available/fpm-pool.conf
- {% endif %}
- LogLevel warn
- CustomLog ${APACHE_LOG_DIR}/sys.access.log combined
- ErrorLog ${APACHE_LOG_DIR}/sys.error.log
- {% endif %}
- </VirtualHost>
- {% if phpsyscheck_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpsyscheck_vhostname in ssl_certs_auto_installed.stdout_lines %}
- <VirtualHost {%if phpsyscheck_vhostip %}{{ phpsyscheck_vhostip }}{% else %}*{% endif %}:{%if phpsyscheck_vhostport %}{{ phpsyscheck_vhostport }}{% else %}443{% endif %}>
- ServerName {{ phpsyscheck_vhostname }}
- <IfModule http2_module>
- Protocols h2 http/1.1
- </IfModule>
- Include vhost_ssl_auto-{{ phpsyscheck_vhostname }}.conf
- DocumentRoot /etc/phpsyscheck
- DirectoryIndex index.php
- {% if phpsyscheck_http_auth %}
- <Location />
- AuthType basic
- AuthName "Restricted Access"
- AuthUserFile /etc/apache2/auth_admin
- <RequireAny>
- {% if phpsyscheck_http_whitelist_ip|length > 0 %}
- Require ip {{ phpsyscheck_http_whitelist_ip | join(' ') }}
- {% endif %}
- Require valid-user
- </RequireAny>
- </Location>
- {% endif %}
- <Directory /etc/phpsyscheck>
- Options None
- AllowOverride None
- Require all granted
- </Directory>
- <IfModule php7_module>
- php_admin_value max_execution_time 240
- php_admin_value upload_max_filesize 128M
- php_admin_value post_max_size 128M
- </IfModule>
- {% if with_fpm|bool %}
- Include conf-available/fpm-pool.conf
- {% endif %}
- LogLevel warn
- CustomLog ${APACHE_LOG_DIR}/sys.access.log combined
- ErrorLog ${APACHE_LOG_DIR}/sys.error.log
- </VirtualHost>
- {% endif %}
|