diff --git a/templates/pottwal/spaceapi-apache-site.j2 b/templates/pottwal/spaceapi-apache-site.j2 new file mode 100644 index 0000000..5d6961d --- /dev/null +++ b/templates/pottwal/spaceapi-apache-site.j2 @@ -0,0 +1,53 @@ +{% if 'address' in ansible_default_ipv6 %} + +{% else %} + +{% endif %} + ServerAdmin {{ server_admin }} + ServerName {{ site_name }} + ServerAlias {{ site_name }} + ErrorLog /var/log/apache2/{{ site_name }}-error.log + CustomLog /var/log/apache2/{{ site_name }}-access.log common + + Alias /.well-known/acme-challenge {{ dehydrated_wellknown_dir }} + + + RewriteEngine On + RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/ + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] + + + + + + +{% if 'address' in ansible_default_ipv6 %} + +{% else %} + +{% endif %} + ServerAdmin {{ server_admin }} + ServerName {{ site_name }} + ServerAlias {{ site_name }} + + ErrorLog /var/log/apache2/{{ site_name }}-error.log + CustomLog /var/log/apache2/{{ site_name }}-access.log common + + SSLEngine on + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown + SSLCertificateFile {{dehydrated_certs_dir}}/{{ site_name }}/cert.pem + SSLCertificateKeyFile {{dehydrated_certs_dir}}/{{ site_name }}/privkey.pem + SSLCertificateChainFile {{dehydrated_certs_dir}}/{{ site_name }}/chain.pem + + AllowEncodedSlashes NoDecode + RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME} + RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS} + ProxyPreserveHost {{ proxy_preserve_host | default("Off") }} + + ProxyPass /json http://172.23.48.7/spaceapi + ProxyPass /text http://172.23.48.7/state.txt + ProxyPass /state.png http://172.23.48.7/state.png + + + +