diff options
Diffstat (limited to 'roles/apache_server/templates/virtualhost.conf.tmpl')
-rw-r--r-- | roles/apache_server/templates/virtualhost.conf.tmpl | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/roles/apache_server/templates/virtualhost.conf.tmpl b/roles/apache_server/templates/virtualhost.conf.tmpl index 1fa060a..fd6bb51 100644 --- a/roles/apache_server/templates/virtualhost.conf.tmpl +++ b/roles/apache_server/templates/virtualhost.conf.tmpl @@ -8,6 +8,41 @@ ErrorLog /var/log/apache2/{{ item.domain }}/error.log CustomLog /var/log/apache2/{{ item.domain }}/access.log combined <Directory /srv/http/{{ item.domain }}> +{% if item.letsencrypt|default(false) %} + Redirect permanent / "https://{{ item.domain }}/" +{% else %} + Options +SymlinksIfOwnerMatch +Indexes +MultiViews +{% if item.htpasswd is defined %} + AuthType Basic + AuthName "{{ item.htpasswd_name }}" + AuthUserFile "/srv/http/{{ item.domain }}.htpasswd" + Require valid-user +{% else %} + AllowOverride AuthConfig + Require all granted +{% endif %} +{% endif %} + </Directory> + + Alias /.well-known/ /srv/letsencrypt/{{ item.domain }}/ + <Directory /srv/letsencrypt/{{ item.domain }}> + Require all granted + </Directory> + +</VirtualHost> + + +{% if item.letsencrypt|default(false) %} +<VirtualHost _default_:443> + ServerName {{ item.domain }} +{% if item.alias is defined %} + ServerAlias {{ item.alias }} +{% endif %} + ServerAdmin {{ item.ownermail }} + DocumentRoot /srv/http/{{ item.domain }} + ErrorLog /var/log/apache2/{{ item.domain }}/error.log + CustomLog /var/log/apache2/{{ item.domain }}/access.log combined + <Directory /srv/http/{{ item.domain }}> Options +SymlinksIfOwnerMatch +Indexes +MultiViews {% if item.htpasswd is defined %} AuthType Basic @@ -19,4 +54,9 @@ Require all granted {% endif %} </Directory> + + SSLEngine on + SSLCertificateFile "/etc/letsencrypt/live/static_sites/fullchain.pem" + SSLCertificateKeyFile "/etc/letsencrypt/live/static_sites/privkey.pem" </VirtualHost> +{% endif %} |