docroot_group: apache
docroot_mode: '0775'
directories:
- - directory_root:
- provider: directory
- path: '/var/www/spar-checker'
+ - provider: directory
+ path: '/var/www/spar-checker/sparchecker-frontend/'
addhandlers:
- { handler: "proxy:unix:/var/run/php5-fpm-sparchecker.sock|fcgi://./" , extensions: '.php' }
options:
- FollowSymLinks
- MultiViews
allow_override:
- - All
+ - None
directoryindex: 'index.php index.html'
- - location1:
- provider: location
+ setenv:
+ - 'APPLICATION_ENV production'
+ - provider: location
path: '/'
auth_type: Digest
auth_name: server
auth_digest_algorithm: MD5
auth_user_file: '/etc/httpd/htdigest'
auth_require: 'valid-user'
+ - provider: location
+ path: '/api'
+ - provider: location
+ path: '/sfp'
+ auth_type: Digest
+ auth_name: 'Manager-Interface'
+ auth_digest_provider: file
+ auth_digest_algorithm: MD5
+ auth_user_file: '/etc/httpd/spk.managed.htdigest'
+ require:
+ - 'valid-user'
+ - 'ip 80.146.239.2/32 109.86.229.215/32 195.69.134.114/32 88.99.67.38/32'
+ error_documents:
+ - { error_code: 401 , document: "/401.html" }
+
+ - provider: directory
+ path: '/var/www/spar-checker/sparchecker-backend/public/sfp/'
+ addhandlers:
+ - { handler: "proxy:unix:/var/run/php5-fpm-sparchecker.sock|fcgi://./" , extensions: '.php' }
+ options:
+ - FollowSymLinks
+ - MultiViews
+ allow_override:
+ - None
+ directoryindex: 'index.php index.html'
+ setenv:
+ - 'APPLICATION_ENV production'
+ rewrites:
+ - comment: 'sfp files'
+ rewrite_cond:
+ - '%%{ich-trickse}{REQUEST_FILENAME} -s [OR]'
+ - '%%{ich-trickse}{REQUEST_FILENAME} -l [OR]'
+ - '%%{ich-trickse}{REQUEST_FILENAME} -d'
+ rewrite_rule:
+ - '^.*$ - [L]'
+ - comment: 'sfp rebase'
+ rewrite_cond:
+ - '%%{ich-trickse}{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$'
+ rewrite_rule:
+ - '^(.*) - [E=BASE:%1]'
+ - comment: 'sfp index'
+ rewrite_rule:
+ - '^(.*)$ %%{ich-trickse}{ENV:BASE}/index.php [L]'
+
+ - provider: directory
+ path: '/var/www/spar-checker/sparchecker-backend/public/api/'
+ addhandlers:
+ - { handler: "proxy:unix:/var/run/php5-fpm-sparchecker.sock|fcgi://./" , extensions: '.php' }
+ options:
+ - FollowSymLinks
+ - MultiViews
+ allow_override:
+ - None
+ directoryindex: 'index.php index.html'
+ setenv:
+ - 'APPLICATION_ENV production'
+ rewrites:
+ - comment: 'api files'
+ rewrite_cond:
+ - '%%{ich-trickse}{REQUEST_FILENAME} -s [OR]'
+ - '%%{ich-trickse}{REQUEST_FILENAME} -l [OR]'
+ - '%%{ich-trickse}{REQUEST_FILENAME} -d'
+ rewrite_rule:
+ - '^.*$ - [L]'
+ - comment: 'api rebase'
+ rewrite_cond:
+ - '%%{ich-trickse}{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$'
+ rewrite_rule:
+ - '^(.*) - [E=BASE:%1]'
+ - comment: 'api index'
+ rewrite_rule:
+ - '^(.*)$ %%{ich-trickse}{ENV:BASE}/index.php [L]'
+ headers:
+ - 'always set X-XSS-Protection "1; mode=block"'
+ - 'always set X-Frame-Options "SAMEORIGIN"'
+ - 'always set X-Content-Type-Options "nosniff"'
+ - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
+ aliases:
+ - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
+ - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
setenvif:
- 'HTTPS on X-Forwarded-Proto=https'
- 'HTTPS on HTTPS=on'
projects / pixelpark / hiera.git / commitdiff