spk-spar-checker update global settings

diff --git a/customer/spk-spar-checker/production.yaml b/customer/spk-spar-checker/production.yaml
index 1f8c407cbe77c040ad2544dbf7cdd2cd42ab66d3..c0aa2e8696c73f20aa4153a7a4ba267d5a8e7de4 100644 (file)
--- a/customer/spk-spar-checker/production.yaml
+++ b/customer/spk-spar-checker/production.yaml
@@ -36,11 +36,22 @@ infra::profile::apache::pp_vhosts:
     docroot_group: apache
     docroot_mode: '0750'
     access_log_format: lb_combined
+    headers:
+      - 'always set X-XSS-Protection "1; mode=block"'
+      - 'always set X-Frame-Options "SAMEORIGIN"'
+      - 'always set X-Content-Type-Options "nosniff"'
+      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
+    aliases:
+      - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
+      - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
     setenvif:
+      - 'HTTPS on X-Forwarded-Proto=https'
+      - 'HTTPS on HTTPS=on'
       - 'X-Forwarded-For ^80.146.239.2 admin_ip_range'
       - 'X-Forwarded-For ^109.86.229.215 admin_ip_range'
       - 'X-Forwarded-For ^195.69.134.114 admin_ip_range'
       - 'X-Forwarded-For ^88.99.67.38 admin_ip_range'
+      - 'APPLICATION_ENV production'
     directories:
       - provider: directory
         path: '/var/www/spar-checker/sparchecker-frontend/'
@@ -50,8 +61,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
       - provider: location
         path: '/'
         auth_type: Digest
@@ -85,8 +94,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.php index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
         rewrites:
           - comment: 'sfp files'
             rewrite_cond:
@@ -114,8 +121,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.php index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
         rewrites:
           - comment: 'api files'
             rewrite_cond:
@@ -132,17 +137,6 @@ infra::profile::apache::pp_vhosts:
           - comment: 'api index'
             rewrite_rule:
               - '^(.*)$ %%{ich-trickse}{ENV:BASE}/index.php [L]'
-    headers:
-      - 'always set X-XSS-Protection "1; mode=block"'
-      - 'always set X-Frame-Options "SAMEORIGIN"'
-      - 'always set X-Content-Type-Options "nosniff"'
-      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
-    aliases:
-      - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
-      - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
-    setenvif:
-      - 'HTTPS on X-Forwarded-Proto=https'
-      - 'HTTPS on HTTPS=on'
     rewrites:
       - comment: 'http to https'
         rewrite_cond:

diff --git a/customer/spk-spar-checker/test.yaml b/customer/spk-spar-checker/test.yaml
index ba493d243cf68eab120db82552df6eb229743ad8..71c4e482185c82c891f1de74fdb503c0c86f9526 100644 (file)
--- a/customer/spk-spar-checker/test.yaml
+++ b/customer/spk-spar-checker/test.yaml
@@ -34,7 +34,19 @@ infra::profile::apache::pp_vhosts:
     docroot_group: apache
     docroot_mode: '0750'
     access_log_format: lb_combined
+    headers:
+      - 'always set X-XSS-Protection "1; mode=block"'
+      - 'always set X-Frame-Options "SAMEORIGIN"'
+      - 'always set X-Content-Type-Options "nosniff"'
+      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
+    aliases:
+      - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
+      - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
+    setenv:
+      - 'APPLICATION_ENV production'
     setenvif:
+      - 'HTTPS on X-Forwarded-Proto=https'
+      - 'HTTPS on HTTPS=on'
       - 'X-Forwarded-For ^80.146.239.2 admin_ip_range'
       - 'X-Forwarded-For ^109.86.229.215 admin_ip_range'
       - 'X-Forwarded-For ^195.69.134.114 admin_ip_range'
@@ -48,8 +60,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
       - provider: location
         path: '/'
         auth_type: Digest
@@ -83,8 +93,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.php index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
         rewrites:
           - comment: 'sfp files'
             rewrite_cond:
@@ -112,8 +120,6 @@ infra::profile::apache::pp_vhosts:
         allow_override:
           - None
         directoryindex: 'index.php index.html'
-        setenv:
-          - 'APPLICATION_ENV production'
         rewrites:
           - comment: 'api files'
             rewrite_cond:
@@ -130,18 +136,6 @@ infra::profile::apache::pp_vhosts:
           - comment: 'api index'
             rewrite_rule:
               - '^(.*)$ %%{ich-trickse}{ENV:BASE}/index.php [L]'
-
-    headers:
-      - 'always set X-XSS-Protection "1; mode=block"'
-      - 'always set X-Frame-Options "SAMEORIGIN"'
-      - 'always set X-Content-Type-Options "nosniff"'
-      - "set Content-Security-Policy \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
-    aliases:
-      - { alias: /api , path: /var/www/spar-checker/sparchecker-backend/public/api }
-      - { alias: /sfp , path: /var/www/spar-checker/sparchecker-backend/public/sfp }
-    setenvif:
-      - 'HTTPS on X-Forwarded-Proto=https'
-      - 'HTTPS on HTTPS=on'
     rewrites:
       - comment: 'http to https'
         rewrite_cond: