maybe chmod 0644 'apache2/magic'
maybe chmod 0755 'apache2/modules.d'
maybe chmod 0755 'apache2/modules.d.old'
-maybe chmod 0644 'apache2/modules.d/._mrg0000_00_mod_autoindex.conf'
maybe chmod 0700 'apache2/modules.d/.rcs'
maybe chmod 0444 'apache2/modules.d/.rcs/00_apache_manual.conf,v'
maybe chmod 0444 'apache2/modules.d/.rcs/00_default_settings.conf,v'
maybe chmod 0755 'config-archive/etc/apache2'
maybe chmod 0644 'config-archive/etc/apache2/httpd.conf'
maybe chmod 0644 'config-archive/etc/apache2/httpd.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/httpd.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/httpd.conf.dist'
maybe chmod 0755 'config-archive/etc/apache2/modules.d'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_apache_manual.conf,v'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf,v'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf.1'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf.dist'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_default_settings.conf.dist.new'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_error_documents.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_error_documents.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_error_documents.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_error_documents.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_languages.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_languages.conf,v'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_languages.conf.dist.new'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_autoindex.conf,v'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.1'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_autoindex.conf.dist.new'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_info.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_info.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_info.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_info.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_log_config.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_log_config.conf,v'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_log_config.conf.dist.new'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_mime.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_mime.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_mime.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_mime.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_status.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_status.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_status.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mod_status.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mpm.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mpm.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mpm.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/modules.d/00_mpm.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/20_mod_fastcgi.conf'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/20_mod_fastcgi.conf.dist.new'
maybe chmod 0644 'config-archive/etc/apache2/modules.d/20_mod_fcgid.conf'
maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/00_default_ssl_vhost.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/00_default_vhost.conf'
maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/00_default_vhost.conf,v'
-maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/00_default_vhost.conf.dist'
maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/default_vhost.include'
maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/default_vhost.include,v'
-maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/default_vhost.include.dist.new'
+maybe chmod 0644 'config-archive/etc/apache2/vhosts.d/default_vhost.include.dist'
maybe chmod 0644 'config-archive/etc/auto.master,v'
maybe chmod 0644 'config-archive/etc/auto.misc,v'
maybe chmod 0644 'config-archive/etc/auto.misc.dist.new'
maybe chmod 0644 'config-archive/etc/etc-update.conf,v'
maybe chmod 0755 'config-archive/etc/etckeeper'
maybe chmod 0644 'config-archive/etc/etckeeper/etckeeper.conf'
-maybe chmod 0644 'config-archive/etc/etckeeper/etckeeper.conf.dist.new'
+maybe chmod 0644 'config-archive/etc/etckeeper/etckeeper.conf.dist'
maybe chmod 0755 'config-archive/etc/fonts'
maybe chmod 0755 'config-archive/etc/fonts/conf.avail'
maybe chmod 0644 'config-archive/etc/fonts/conf.avail/30-urw-aliases.conf,v'
maybe chmod 0600 'config-archive/etc/ssh/sshd_config.4'
maybe chmod 0600 'config-archive/etc/ssh/sshd_config.5'
maybe chmod 0600 'config-archive/etc/ssh/sshd_config.dist'
-maybe chmod 0600 'config-archive/etc/ssh/sshd_config.dist.new'
maybe chmod 0755 'config-archive/etc/ssl'
maybe chmod 0755 'config-archive/etc/ssl/certs'
maybe chmod 0644 'config-archive/etc/ssl/certs/ca-certificates.crt,v'
maybe chmod 0755 'snmp'
maybe chmod 0644 'snmp/snmpd.conf.example'
maybe chmod 0755 'ssh'
-maybe chmod 0600 'ssh/._mrg0000_sshd_config'
maybe chmod 0644 'ssh/moduli'
maybe chmod 0644 'ssh/ssh_config'
maybe chmod 0600 'ssh/ssh_host_dsa_key'
-# This is a modification of the default Apache 2.2 configuration file
+# This is a modification of the default Apache 2.4 configuration file
# for Gentoo Linux.
#
# Support:
#
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
+# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
# In particular, see
-# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
+# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
+# Comment: The LockFile directive has been replaced by the Mutex directive
ServerRoot "/usr/lib64/apache2"
# Dynamic Shared Object (DSO) Support
#
# Change these at your own risk!
+LoadModule access_compat_module modules/mod_access_compat.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
<IfDefine AUTH_DIGEST>
LoadModule auth_digest_module modules/mod_auth_digest.so
</IfDefine>
-LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
+LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
<IfDefine AUTHNZ_LDAP>
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
</IfDefine>
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
<IfDefine CACHE>
LoadModule cache_module modules/mod_cache.so
</IfDefine>
-#LoadModule cern_meta_module modules/mod_cern_meta.so
+<IfDefine CACHE>
+LoadModule cache_disk_module modules/mod_cache_disk.so
+</IfDefine>
+LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
-#LoadModule cgid_module modules/mod_cgid.so
+LoadModule cgid_module modules/mod_cgid.so
LoadModule charset_lite_module modules/mod_charset_lite.so
<IfDefine DAV>
LoadModule dav_module modules/mod_dav.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
-<IfDefine CACHE>
-LoadModule disk_cache_module modules/mod_disk_cache.so
-</IfDefine>
-#LoadModule dumpio_module modules/mod_dumpio.so
+LoadModule dumpio_module modules/mod_dumpio.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule ext_filter_module modules/mod_ext_filter.so
</IfDefine>
LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
+<IfDefine HTTP2>
+LoadModule http2_module modules/mod_http2.so
+</IfDefine>
LoadModule ident_module modules/mod_ident.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
-<IfDefine CACHE>
-LoadModule mem_cache_module modules/mod_mem_cache.so
-</IfDefine>
+LoadModule macro_module modules/mod_macro.so
LoadModule mime_module modules/mod_mime.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
</IfDefine>
<IfDefine PROXY>
+LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
+</IfDefine>
+<IfDefine PROXY>
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
</IfDefine>
<IfDefine PROXY>
+LoadModule proxy_html_module modules/mod_proxy_html.so
+</IfDefine>
+<IfDefine PROXY>
LoadModule proxy_http_module modules/mod_proxy_http.so
</IfDefine>
-#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
-#LoadModule reqtimeout_module modules/mod_reqtimeout.so
+<IfDefine PROXY>
+LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
+</IfDefine>
+LoadModule ratelimit_module modules/mod_ratelimit.so
+LoadModule remoteip_module modules/mod_remoteip.so
+LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
+<IfDefine SSL>
+LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
+</IfDefine>
LoadModule speling_module modules/mod_speling.so
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
LoadModule suexec_module modules/mod_suexec.so
</IfDefine>
LoadModule unique_id_module modules/mod_unique_id.so
+LoadModule unixd_module modules/mod_unixd.so
<IfDefine USERDIR>
LoadModule userdir_module modules/mod_userdir.so
</IfDefine>
+++ /dev/null
-<IfModule autoindex_module>
-<IfDefine !NO_AUTOINDEX_CONF>
-
-<IfModule alias_module>
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-Alias /icons/ "/usr/share/apache2/icons/"
-
-<Directory "/usr/share/apache2/icons">
- Options Indexes MultiViews
- AllowOverride None
- Require all granted
-</Directory>
-</IfModule>
-
-# Directives controlling the display of server-generated directory listings.
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-#IndexOptions FancyIndexing VersionSort
-IndexOptions FancyIndexing VersionSort FoldersFirst HTMLTable IgnoreCase NameWidth=50
-
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (CDR,/icons/corel-document.png) image/x-coreldraw
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/corel-document.png .cdr
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-DefaultIcon /icons/unknown.gif
-
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-
-AddDescription "GZIP-komprimiertes Tar-Archiv" .tar.gz
-AddDescription "GZIP-komprimiertes Dokument" .gz
-AddDescription "Tar-Archive" .tar
-AddDescription "GZIP-komprimiertes Tar-Archiv" .tgz
-AddDescription "PDF-Dokument" .pdf
-AddDescription "CorelDraw-Zeichnung" .cdr
-
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-</IfDefine>
-</IfModule>
-
-# vim: ts=4 filetype=apache
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
-EnableMMAP off
-EnableSendfile off
-#EnableMMAP On
-#EnableSendfile On
+EnableMMAP On
+EnableSendfile Off
-# FileEtag: Configures the file attributes that are used to create
+# FileETag: Configures the file attributes that are used to create
# the ETag (entity tag) response header field when the document is
# based on a static file. (The ETag value is used in cache management
# to save network bandwidth.)
<Directory />
Options FollowSymLinks
AllowOverride None
- Order deny,allow
- Deny from all
+ Require all denied
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
+ Require all denied
</FilesMatch>
# vim: ts=4 filetype=apache
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
- Order allow,deny
- Allow from all
+ Require all granted
LanguagePriority de en cs es fr it ja ko nl pl pt-br ro sv tr
ForceLanguagePriority Prefer Fallback
</Directory>
<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</IfModule>
# http://servername/server-info
<Location /server-info>
SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- Allow from localhost
AuthName "Server Status Access"
AuthType Basic
AuthUserFile /etc/apache2/info_users_passwd
+ Require local
Require valid-user
Satisfy Any
</Location>
-# DefaultType: the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value. If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-DefaultType text/plain
-
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
# with the URL of http://servername/server-status
<Location /server-status>
SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- Allow from localhost
AuthName "Server Status Access"
AuthType Basic
AuthUserFile /etc/apache2/info_users_passwd
+ Require local
Require valid-user
Satisfy Any
</Location>
# identification number when it starts.
#
# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
-PidFile /var/run/apache2.pid
+PidFile /run/apache2.pid
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#LockFile /var/run/apache2.lock
+# Mutex file:/run/apache_mpm_mutex
# Only one of the below sections will be relevant on your
# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
# These configuration directives apply to all MPMs
#
# StartServers: Number of child server processes created at startup
-# MaxClients: Maximum number of child processes to serve requests
-# MaxRequestsPerChild: Limit on the number of requests that an individual child
-# server will handle during its life
+# MaxRequestWorkers: Maximum number of child processes to serve requests
+# MaxConnectionsPerChild: Limit on the number of connections that an individual
+# child server will handle during its life
# prefork MPM
StartServers 2
MinSpareServers 2
MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# worker MPM
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# event MPM
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# peruser MPM
MinSpareProcessors 2
MinProcessors 2
MaxProcessors 10
- MaxClients 150
- MaxRequestsPerChild 1000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 1000
ExpireTimeout 1800
Multiplexer nobody nobody
StartServers 5
MinSpareServers 5
MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# vim: ts=4 filetype=apache
# Example configuration:
#<Location /svn/repos>
-# DAV svn
-# SVNPath ${SVN_REPOS_LOC}/repos
-# AuthType Basic
-# AuthName "Subversion repository"
-# AuthUserFile ${SVN_REPOS_LOC}/conf/svnusers
-# Require valid-user
+# DAV svn
+# SVNPath ${SVN_REPOS_LOC}/repos
+# AuthType Basic
+# AuthName "Subversion repository"
+# AuthUserFile ${SVN_REPOS_LOC}/conf/svnusers
+# Require valid-user
#</Location>
<Location /svn>
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
+# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# This should be changed to whatever you set DocumentRoot to.
<Directory "/var/www/localhost/htdocs">
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
- # for more information.
- Options Indexes FollowSymLinks
-
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- AllowOverride All
-
- # Controls who can get stuff from this server.
- Order allow,deny
- Allow from all
+ # Possible values for the Options directive are "None", "All",
+ # or any combination of:
+ # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
+ #
+ # Note that "MultiViews" must be named *explicitly* --- "Options All"
+ # doesn't give it to you.
+ #
+ # The Options directive is both complicated and important. Please see
+ # http://httpd.apache.org/docs/2.4/mod/core.html#options
+ # for more information.
+ Options Indexes FollowSymLinks
+
+ # AllowOverride controls what directives may be placed in .htaccess files.
+ # It can be "All", "None", or any combination of the keywords:
+ # Options FileInfo AuthConfig Limit
+ AllowOverride All
+
+ # Controls who can get stuff from this server.
+ Require all granted
</Directory>
<IfModule alias_module>
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- Alias /distfiles/ /usr/portage/distfiles/
-
- <Directory "/usr/portage/distfiles">
- Options Indexes FollowSymLinks
- AllowOverride All
+ # Redirect: Allows you to tell clients about documents that used to
+ # exist in your server's namespace, but do not anymore. The client
+ # will make a new request for the document at its new location.
+ # Example:
+ # Redirect permanent /foo http://www.example.com/bar
+
+ # Alias: Maps web paths into filesystem paths and is used to
+ # access content that does not live under the DocumentRoot.
+ # Example:
+ # Alias /webpath /full/filesystem/path
+ #
+ # If you include a trailing / on /webpath then the server will
+ # require it to be present in the URL. You will also likely
+ # need to provide a <Directory> section to allow access to
+ # the filesystem path.
+
+ Alias /distfiles/ /usr/portage/distfiles/
+
+ <Directory "/usr/portage/distfiles">
+ Options Indexes FollowSymLinks
+ AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/localhost/cgi-bin">
AllowOverride None
Options None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
-# vim: filetype=apache ts=4 expandtab fileencoding=utf-8
+# vim: ts=4 filetype=apache
--- /dev/null
+# This is a modification of the default Apache 2.4 configuration file
+# for Gentoo Linux.
+#
+# Support:
+# http://www.gentoo.org/main/en/lists.xml [mailing lists]
+# http://forums.gentoo.org/ [web forums]
+# irc://irc.freenode.net#gentoo-apache [irc chat]
+#
+# Bug Reports:
+# http://bugs.gentoo.org [gentoo related bugs]
+# http://httpd.apache.org/bug_report.html [apache httpd related bugs]
+#
+#
+# This is the main Apache HTTP server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
+# In particular, see
+# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
+# for a discussion of each configuration directive.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do. They're here only as hints or reminders. If you are unsure
+# consult the online docs. You have been warned.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path. If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"
+# with ServerRoot set to "/usr" will be interpreted by the
+# server as "/usr/var/log/apache2/foo.log".
+
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# Do not add a slash at the end of the directory path. If you point
+# ServerRoot at a non-local disk, be sure to point the LockFile directive
+# at a local disk. If you wish to share the same ServerRoot for multiple
+# httpd daemons, you will need to change at least LockFile and PidFile.
+# Comment: The LockFile directive has been replaced by the Mutex directive
+ServerRoot "/usr/lib64/apache2"
+
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Statically compiled modules (those listed by `httpd -l') do not need
+# to be loaded here.
+#
+# Example:
+# LoadModule foo_module modules/mod_foo.so
+#
+# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.
+# Do not change manually, it will be overwritten on upgrade.
+#
+# The following modules are considered as the default configuration.
+# If you wish to disable one of them, you may have to alter other
+# configuration directives.
+#
+# Change these at your own risk!
+
+LoadModule access_compat_module modules/mod_access_compat.so
+LoadModule actions_module modules/mod_actions.so
+LoadModule alias_module modules/mod_alias.so
+LoadModule asis_module modules/mod_asis.so
+LoadModule auth_basic_module modules/mod_auth_basic.so
+<IfDefine AUTH_DIGEST>
+LoadModule auth_digest_module modules/mod_auth_digest.so
+</IfDefine>
+LoadModule authn_anon_module modules/mod_authn_anon.so
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule authn_dbd_module modules/mod_authn_dbd.so
+LoadModule authn_dbm_module modules/mod_authn_dbm.so
+LoadModule authn_file_module modules/mod_authn_file.so
+<IfDefine AUTHNZ_LDAP>
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
+</IfDefine>
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_dbd_module modules/mod_authz_dbd.so
+LoadModule authz_dbm_module modules/mod_authz_dbm.so
+LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule authz_owner_module modules/mod_authz_owner.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule autoindex_module modules/mod_autoindex.so
+<IfDefine CACHE>
+LoadModule cache_module modules/mod_cache.so
+</IfDefine>
+<IfDefine CACHE>
+LoadModule cache_disk_module modules/mod_cache_disk.so
+</IfDefine>
+LoadModule cern_meta_module modules/mod_cern_meta.so
+LoadModule cgi_module modules/mod_cgi.so
+LoadModule cgid_module modules/mod_cgid.so
+LoadModule charset_lite_module modules/mod_charset_lite.so
+<IfDefine DAV>
+LoadModule dav_module modules/mod_dav.so
+</IfDefine>
+<IfDefine DAV>
+LoadModule dav_fs_module modules/mod_dav_fs.so
+</IfDefine>
+<IfDefine DAV>
+LoadModule dav_lock_module modules/mod_dav_lock.so
+</IfDefine>
+LoadModule dbd_module modules/mod_dbd.so
+LoadModule deflate_module modules/mod_deflate.so
+LoadModule dir_module modules/mod_dir.so
+LoadModule dumpio_module modules/mod_dumpio.so
+LoadModule env_module modules/mod_env.so
+LoadModule expires_module modules/mod_expires.so
+LoadModule ext_filter_module modules/mod_ext_filter.so
+<IfDefine CACHE>
+LoadModule file_cache_module modules/mod_file_cache.so
+</IfDefine>
+LoadModule filter_module modules/mod_filter.so
+LoadModule headers_module modules/mod_headers.so
+<IfDefine HTTP2>
+LoadModule http2_module modules/mod_http2.so
+</IfDefine>
+LoadModule ident_module modules/mod_ident.so
+LoadModule imagemap_module modules/mod_imagemap.so
+LoadModule include_module modules/mod_include.so
+<IfDefine INFO>
+LoadModule info_module modules/mod_info.so
+</IfDefine>
+<IfDefine LDAP>
+LoadModule ldap_module modules/mod_ldap.so
+</IfDefine>
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule log_forensic_module modules/mod_log_forensic.so
+LoadModule logio_module modules/mod_logio.so
+LoadModule macro_module modules/mod_macro.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule mime_magic_module modules/mod_mime_magic.so
+LoadModule negotiation_module modules/mod_negotiation.so
+<IfDefine PROXY>
+LoadModule proxy_module modules/mod_proxy.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_connect_module modules/mod_proxy_connect.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_html_module modules/mod_proxy_html.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_http_module modules/mod_proxy_http.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
+</IfDefine>
+LoadModule ratelimit_module modules/mod_ratelimit.so
+LoadModule remoteip_module modules/mod_remoteip.so
+LoadModule reqtimeout_module modules/mod_reqtimeout.so
+LoadModule rewrite_module modules/mod_rewrite.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
+<IfDefine SSL>
+LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
+</IfDefine>
+LoadModule speling_module modules/mod_speling.so
+<IfDefine SSL>
+LoadModule ssl_module modules/mod_ssl.so
+</IfDefine>
+<IfDefine STATUS>
+LoadModule status_module modules/mod_status.so
+</IfDefine>
+LoadModule substitute_module modules/mod_substitute.so
+<IfDefine SUEXEC>
+LoadModule suexec_module modules/mod_suexec.so
+</IfDefine>
+LoadModule unique_id_module modules/mod_unique_id.so
+LoadModule unixd_module modules/mod_unixd.so
+<IfDefine USERDIR>
+LoadModule userdir_module modules/mod_userdir.so
+</IfDefine>
+LoadModule usertrack_module modules/mod_usertrack.so
+LoadModule version_module modules/mod_version.so
+LoadModule vhost_alias_module modules/mod_vhost_alias.so
+
+# If you wish httpd to run as a different user or group, you must run
+# httpd as root initially and it will switch.
+#
+# User/Group: The name (or #number) of the user/group to run httpd as.
+# It is usually good practice to create a dedicated user and group for
+# running httpd, as with most system services.
+User apache
+Group apache
+
+# Supplemental configuration
+#
+# Most of the configuration files in the /etc/apache2/modules.d/ directory can
+# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features
+# or to modify the default configuration of the server.
+#
+# To know which flag to add to APACHE2_OPTS, look at the first line of the
+# the file, which will usually be an <IfDefine OPTION> where OPTION is the
+# flag to use.
+Include /etc/apache2/modules.d/*.conf
+
+# Virtual-host support
+#
+# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we
+# include a default vhost (enabled by adding -D DEFAULT_VHOST to
+# APACHE2_OPTS in /etc/conf.d/apache2).
+Include /etc/apache2/vhosts.d/*.conf
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-# This is a modification of the default Apache 2.4 configuration file
-# for Gentoo Linux.
-#
-# Support:
-# http://www.gentoo.org/main/en/lists.xml [mailing lists]
-# http://forums.gentoo.org/ [web forums]
-# irc://irc.freenode.net#gentoo-apache [irc chat]
-#
-# Bug Reports:
-# http://bugs.gentoo.org [gentoo related bugs]
-# http://httpd.apache.org/bug_report.html [apache httpd related bugs]
-#
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"
-# with ServerRoot set to "/usr" will be interpreted by the
-# server as "/usr/var/log/apache2/foo.log".
-
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to point the LockFile directive
-# at a local disk. If you wish to share the same ServerRoot for multiple
-# httpd daemons, you will need to change at least LockFile and PidFile.
-# Comment: The LockFile directive has been replaced by the Mutex directive
-ServerRoot "/usr/lib64/apache2"
-
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.
-# Do not change manually, it will be overwritten on upgrade.
-#
-# The following modules are considered as the default configuration.
-# If you wish to disable one of them, you may have to alter other
-# configuration directives.
-#
-# Change these at your own risk!
-
-LoadModule access_compat_module modules/mod_access_compat.so
-LoadModule actions_module modules/mod_actions.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule asis_module modules/mod_asis.so
-LoadModule auth_basic_module modules/mod_auth_basic.so
-<IfDefine AUTH_DIGEST>
-LoadModule auth_digest_module modules/mod_auth_digest.so
-</IfDefine>
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_core_module modules/mod_authn_core.so
-LoadModule authn_dbd_module modules/mod_authn_dbd.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_file_module modules/mod_authn_file.so
-<IfDefine AUTHNZ_LDAP>
-LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
-</IfDefine>
-LoadModule authz_core_module modules/mod_authz_core.so
-LoadModule authz_dbd_module modules/mod_authz_dbd.so
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule autoindex_module modules/mod_autoindex.so
-<IfDefine CACHE>
-LoadModule cache_module modules/mod_cache.so
-</IfDefine>
-<IfDefine CACHE>
-LoadModule cache_disk_module modules/mod_cache_disk.so
-</IfDefine>
-LoadModule cern_meta_module modules/mod_cern_meta.so
-LoadModule cgi_module modules/mod_cgi.so
-LoadModule cgid_module modules/mod_cgid.so
-LoadModule charset_lite_module modules/mod_charset_lite.so
-<IfDefine DAV>
-LoadModule dav_module modules/mod_dav.so
-</IfDefine>
-<IfDefine DAV>
-LoadModule dav_fs_module modules/mod_dav_fs.so
-</IfDefine>
-<IfDefine DAV>
-LoadModule dav_lock_module modules/mod_dav_lock.so
-</IfDefine>
-LoadModule dbd_module modules/mod_dbd.so
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule dir_module modules/mod_dir.so
-LoadModule dumpio_module modules/mod_dumpio.so
-LoadModule env_module modules/mod_env.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-<IfDefine CACHE>
-LoadModule file_cache_module modules/mod_file_cache.so
-</IfDefine>
-LoadModule filter_module modules/mod_filter.so
-LoadModule headers_module modules/mod_headers.so
-<IfDefine HTTP2>
-LoadModule http2_module modules/mod_http2.so
-</IfDefine>
-LoadModule ident_module modules/mod_ident.so
-LoadModule imagemap_module modules/mod_imagemap.so
-LoadModule include_module modules/mod_include.so
-<IfDefine INFO>
-LoadModule info_module modules/mod_info.so
-</IfDefine>
-<IfDefine LDAP>
-LoadModule ldap_module modules/mod_ldap.so
-</IfDefine>
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule log_forensic_module modules/mod_log_forensic.so
-LoadModule logio_module modules/mod_logio.so
-LoadModule macro_module modules/mod_macro.so
-LoadModule mime_module modules/mod_mime.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule negotiation_module modules/mod_negotiation.so
-<IfDefine PROXY>
-LoadModule proxy_module modules/mod_proxy.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_connect_module modules/mod_proxy_connect.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_html_module modules/mod_proxy_html.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_http_module modules/mod_proxy_http.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
-</IfDefine>
-<IfDefine PROXY>
-LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
-</IfDefine>
-LoadModule ratelimit_module modules/mod_ratelimit.so
-LoadModule remoteip_module modules/mod_remoteip.so
-LoadModule reqtimeout_module modules/mod_reqtimeout.so
-LoadModule rewrite_module modules/mod_rewrite.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
-<IfDefine SSL>
-LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
-</IfDefine>
-LoadModule speling_module modules/mod_speling.so
-<IfDefine SSL>
-LoadModule ssl_module modules/mod_ssl.so
-</IfDefine>
-<IfDefine STATUS>
-LoadModule status_module modules/mod_status.so
-</IfDefine>
-LoadModule substitute_module modules/mod_substitute.so
-<IfDefine SUEXEC>
-LoadModule suexec_module modules/mod_suexec.so
-</IfDefine>
-LoadModule unique_id_module modules/mod_unique_id.so
-LoadModule unixd_module modules/mod_unixd.so
-<IfDefine USERDIR>
-LoadModule userdir_module modules/mod_userdir.so
-</IfDefine>
-LoadModule usertrack_module modules/mod_usertrack.so
-LoadModule version_module modules/mod_version.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-User apache
-Group apache
-
-# Supplemental configuration
-#
-# Most of the configuration files in the /etc/apache2/modules.d/ directory can
-# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features
-# or to modify the default configuration of the server.
-#
-# To know which flag to add to APACHE2_OPTS, look at the first line of the
-# the file, which will usually be an <IfDefine OPTION> where OPTION is the
-# flag to use.
-Include /etc/apache2/modules.d/*.conf
-
-# Virtual-host support
-#
-# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we
-# include a default vhost (enabled by adding -D DEFAULT_VHOST to
-# APACHE2_OPTS in /etc/conf.d/apache2).
-Include /etc/apache2/vhosts.d/*.conf
-
-# vim: ts=4 filetype=apache
# filesystems or if support for these functions is otherwise
# broken on your system.
EnableMMAP On
-EnableSendfile On
+EnableSendfile Off
-# FileEtag: Configures the file attributes that are used to create
+# FileETag: Configures the file attributes that are used to create
# the ETag (entity tag) response header field when the document is
# based on a static file. (The ETag value is used in cache management
# to save network bandwidth.)
-FileEtag INode MTime Size
+FileETag MTime Size
# ContentDigest: This directive enables the generation of Content-MD5
# headers as defined in RFC1864 respectively RFC2616.
<Directory />
Options FollowSymLinks
AllowOverride None
- Order deny,allow
- Deny from all
+ Require all denied
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
+ Require all denied
</FilesMatch>
# vim: ts=4 filetype=apache
+++ /dev/null
-# This configuration file reflects default settings for Apache HTTP Server.
-# You may change these, but chances are that you may not need to.
-
-# Timeout: The number of seconds before receives and sends time out.
-Timeout 300
-
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-KeepAlive On
-
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-MaxKeepAliveRequests 100
-
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-KeepAliveTimeout 15
-
-# UseCanonicalName: Determines how Apache constructs self-referencing
-# URLs and the SERVER_NAME and SERVER_PORT variables.
-# When set "Off", Apache will use the Hostname and Port supplied
-# by the client. When set "On", Apache will use the value of the
-# ServerName directive.
-UseCanonicalName Off
-
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives. See also the AllowOverride
-# directive.
-AccessFileName .htaccess
-
-# ServerTokens
-# This directive configures what you return as the Server HTTP response
-# Header. The default is 'Full' which sends information about the OS-Type
-# and compiled in modules.
-# Set to one of: Full | OS | Minor | Minimal | Major | Prod
-# where Full conveys the most information, and Prod the least.
-ServerTokens Prod
-
-# TraceEnable
-# This directive overrides the behavior of TRACE for both the core server and
-# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616,
-# which disallows any request body to accompany the request. TraceEnable off
-# causes the core server and mod_proxy to return a 405 (Method not allowed)
-# error to the client.
-# For security reasons this is turned off by default. (bug #240680)
-TraceEnable off
-
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of: On | Off | EMail
-ServerSignature On
-
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-HostnameLookups Off
-
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall is used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-EnableMMAP On
-EnableSendfile Off
-
-# FileETag: Configures the file attributes that are used to create
-# the ETag (entity tag) response header field when the document is
-# based on a static file. (The ETag value is used in cache management
-# to save network bandwidth.)
-FileETag MTime Size
-
-# ContentDigest: This directive enables the generation of Content-MD5
-# headers as defined in RFC1864 respectively RFC2616.
-# The Content-MD5 header provides an end-to-end message integrity
-# check (MIC) of the entity-body. A proxy or client may check this
-# header for detecting accidental modification of the entity-body
-# in transit.
-# Note that this can cause performance problems on your server since
-# the message digest is computed on every request (the values are
-# not cached).
-# Content-MD5 is only sent for documents served by the core, and not
-# by any module. For example, SSI documents, output from CGI scripts,
-# and byte range responses do not have this header.
-ContentDigest Off
-
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-ErrorLog /var/log/apache2/error_log
-
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-LogLevel warn
-
-# We configure the "default" to be a very restrictive set of features.
-<Directory />
- Options FollowSymLinks
- AllowOverride None
- Require all denied
-</Directory>
-
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-# The index.html.var file (a type-map) is used to deliver content-
-# negotiated documents. The MultiViews Options can be used for the
-# same purpose, but it is much slower.
-#
-# Do not change this entry unless you know what you are doing.
-<IfModule dir_module>
- DirectoryIndex index.html index.html.var
-</IfModule>
-
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-<FilesMatch "^\.ht">
- Require all denied
-</FilesMatch>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+# The configuration below implements multi-language error documents through
+# content-negotiation.
+
+# Customizable error responses come in three flavors:
+# 1) plain text 2) local redirects 3) external redirects
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+
+# Required modules: mod_alias, mod_include, mod_negotiation
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections. We use
+# includes to substitute the appropriate text.
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+# Alias /error/include/ "/your/include/path/"
+# which allows you to create your own set of files by starting with the
+# /var/www/localhost/error/include/ files and copying them to /your/include/path/,
+# even on a per-VirtualHost basis. The default include files will display
+# your Apache version number and your ServerAdmin email address regardless
+# of the setting of ServerSignature.
+
+<IfDefine ERRORDOCS>
+Alias /error/ "/usr/share/apache2/error/"
+
+<Directory "/usr/share/apache2/error">
+ AllowOverride None
+ Options IncludesNoExec
+ AddOutputFilter Includes html
+ AddHandler type-map var
+ Require all granted
+ LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
+ ForceLanguagePriority Prefer Fallback
+</Directory>
+
+ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+ErrorDocument 410 /error/HTTP_GONE.html.var
+ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+</IfDefine>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-# The configuration below implements multi-language error documents through
-# content-negotiation.
-
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-
-# Required modules: mod_alias, mod_include, mod_negotiation
-# We use Alias to redirect any /error/HTTP_<error>.html.var response to
-# our collection of by-error message multi-language collections. We use
-# includes to substitute the appropriate text.
-# You can modify the messages' appearance without changing any of the
-# default HTTP_<error>.html.var files by adding the line:
-# Alias /error/include/ "/your/include/path/"
-# which allows you to create your own set of files by starting with the
-# /var/www/localhost/error/include/ files and copying them to /your/include/path/,
-# even on a per-VirtualHost basis. The default include files will display
-# your Apache version number and your ServerAdmin email address regardless
-# of the setting of ServerSignature.
-
-<IfDefine ERRORDOCS>
-Alias /error/ "/usr/share/apache2/error/"
-
-<Directory "/usr/share/apache2/error">
- AllowOverride None
- Options IncludesNoExec
- AddOutputFilter Includes html
- AddHandler type-map var
- Require all granted
- LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
-
-ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-ErrorDocument 410 /error/HTTP_GONE.html.var
-ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-</IfDefine>
-
-# vim: ts=4 filetype=apache
<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</IfModule>
+++ /dev/null
-<IfModule autoindex_module>
-<IfDefine !NO_AUTOINDEX_CONF>
-
-<IfModule alias_module>
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-Alias /icons/ "/usr/share/apache2/icons/"
-
-<Directory "/usr/share/apache2/icons">
- Options Indexes MultiViews
- AllowOverride None
- Require all granted
-</Directory>
-</IfModule>
-
-# Directives controlling the display of server-generated directory listings.
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-IndexOptions FancyIndexing VersionSort
-
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-DefaultIcon /icons/unknown.gif
-
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-</IfDefine>
-</IfModule>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+<IfDefine INFO>
+# Allow remote server configuration reports, with the URL of
+# http://servername/server-info
+<Location /server-info>
+ SetHandler server-info
+ Require local
+</Location>
+</IfDefine>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine INFO>
-# Allow remote server configuration reports, with the URL of
-# http://servername/server-info
-<Location /server-info>
- SetHandler server-info
- Require local
-</Location>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+<IfModule mime_module>
+# TypesConfig points to the file containing the list of mappings from
+# filename extension to MIME-type.
+TypesConfig /etc/mime.types
+
+# AddType allows you to add to or override the MIME configuration
+# file specified in TypesConfig for specific file types.
+#AddType application/x-gzip .tgz
+
+# AddEncoding allows you to have certain browsers uncompress
+# information on the fly. Note: Not all browsers support this.
+#AddEncoding x-compress .Z
+#AddEncoding x-gzip .gz .tgz
+
+# If the AddEncoding directives above are commented-out, then you
+# probably should define those extensions to indicate media types:
+AddType application/x-compress .Z
+AddType application/x-gzip .gz .tgz
+
+# AddHandler allows you to map certain file extensions to "handlers":
+# actions unrelated to filetype. These can be either built into the server
+# or added with the Action directive (see below)
+
+# To use CGI scripts outside of ScriptAliased directories:
+# (You will also need to add "ExecCGI" to the "Options" directive.)
+#AddHandler cgi-script .cgi
+
+# For type maps (negotiated resources):
+#AddHandler type-map var
+
+# Filters allow you to process content before it is sent to the client.
+#
+# To parse .shtml files for server-side includes (SSI):
+# (You will also need to add "Includes" to the "Options" directive.)
+#AddType text/html .shtml
+#AddOutputFilter INCLUDES .shtml
+</IfModule>
+
+<IfModule mime_magic_module>
+# The mod_mime_magic module allows the server to use various hints from the
+# contents of the file itself to determine its type. The MIMEMagicFile
+# directive tells the module where the hint definitions are located.
+MIMEMagicFile /etc/apache2/magic
+</IfModule>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-<IfModule mime_module>
-# TypesConfig points to the file containing the list of mappings from
-# filename extension to MIME-type.
-TypesConfig /etc/mime.types
-
-# AddType allows you to add to or override the MIME configuration
-# file specified in TypesConfig for specific file types.
-#AddType application/x-gzip .tgz
-
-# AddEncoding allows you to have certain browsers uncompress
-# information on the fly. Note: Not all browsers support this.
-#AddEncoding x-compress .Z
-#AddEncoding x-gzip .gz .tgz
-
-# If the AddEncoding directives above are commented-out, then you
-# probably should define those extensions to indicate media types:
-AddType application/x-compress .Z
-AddType application/x-gzip .gz .tgz
-
-# AddHandler allows you to map certain file extensions to "handlers":
-# actions unrelated to filetype. These can be either built into the server
-# or added with the Action directive (see below)
-
-# To use CGI scripts outside of ScriptAliased directories:
-# (You will also need to add "ExecCGI" to the "Options" directive.)
-#AddHandler cgi-script .cgi
-
-# For type maps (negotiated resources):
-#AddHandler type-map var
-
-# Filters allow you to process content before it is sent to the client.
-#
-# To parse .shtml files for server-side includes (SSI):
-# (You will also need to add "Includes" to the "Options" directive.)
-#AddType text/html .shtml
-#AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-<IfModule mime_magic_module>
-# The mod_mime_magic module allows the server to use various hints from the
-# contents of the file itself to determine its type. The MIMEMagicFile
-# directive tells the module where the hint definitions are located.
-MIMEMagicFile /etc/apache2/magic
-</IfModule>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+<IfDefine STATUS>
+# Allow server status reports generated by mod_status,
+# with the URL of http://servername/server-status
+<Location /server-status>
+ SetHandler server-status
+ Require local
+</Location>
+
+# ExtendedStatus controls whether Apache will generate "full" status
+# information (ExtendedStatus On) or just basic information (ExtendedStatus
+# Off) when the "server-status" handler is called.
+ExtendedStatus On
+</IfDefine>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine STATUS>
-# Allow server status reports generated by mod_status,
-# with the URL of http://servername/server-status
-<Location /server-status>
- SetHandler server-status
- Require local
-</Location>
-
-# ExtendedStatus controls whether Apache will generate "full" status
-# information (ExtendedStatus On) or just basic information (ExtendedStatus
-# Off) when the "server-status" handler is called.
-ExtendedStatus On
-</IfDefine>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+# Server-Pool Management (MPM specific)
+
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
+PidFile /run/apache2.pid
+
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+# Mutex file:/run/apache_mpm_mutex
+
+# Only one of the below sections will be relevant on your
+# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
+# active mpm.
+
+# common MPM configuration
+# These configuration directives apply to all MPMs
+#
+# StartServers: Number of child server processes created at startup
+# MaxRequestWorkers: Maximum number of child processes to serve requests
+# MaxConnectionsPerChild: Limit on the number of connections that an individual
+# child server will handle during its life
+
+
+# prefork MPM
+# This is the default MPM if USE=-threads
+#
+# MinSpareServers: Minimum number of idle child server processes
+# MaxSpareServers: Maximum number of idle child server processes
+<IfModule mpm_prefork_module>
+ StartServers 5
+ MinSpareServers 5
+ MaxSpareServers 10
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
+</IfModule>
+
+# worker MPM
+# This is the default MPM if USE=threads
+#
+# MinSpareThreads: Minimum number of idle threads available to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads
+# ThreadsPerChild: Number of threads created by each child process
+<IfModule mpm_worker_module>
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
+</IfModule>
+
+# event MPM
+#
+# MinSpareThreads: Minimum number of idle threads available to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads
+# ThreadsPerChild: Number of threads created by each child process
+<IfModule mpm_event_module>
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
+</IfModule>
+
+# peruser MPM
+#
+# MinSpareProcessors: Minimum number of idle child server processes
+# MinProcessors: Minimum number of processors per virtual host
+# MaxProcessors: Maximum number of processors per virtual host
+# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable
+# Multiplexer: Specify a Multiplexer child configuration.
+# Processor: Specify a user and group for a specific child process
+<IfModule mpm_peruser_module>
+ MinSpareProcessors 2
+ MinProcessors 2
+ MaxProcessors 10
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 1000
+ ExpireTimeout 1800
+
+ Multiplexer nobody nobody
+ Processor apache apache
+</IfModule>
+
+# itk MPM
+#
+# MinSpareServers: Minimum number of idle child server processes
+# MaxSpareServers: Maximum number of idle child server processes
+<IfModule mpm_itk_module>
+ StartServers 5
+ MinSpareServers 5
+ MaxSpareServers 10
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
+</IfModule>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-# Server-Pool Management (MPM specific)
-
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-#
-# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
-PidFile /run/apache2.pid
-
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-# Mutex file:/run/apache_mpm_mutex
-
-# Only one of the below sections will be relevant on your
-# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
-# active mpm.
-
-# common MPM configuration
-# These configuration directives apply to all MPMs
-#
-# StartServers: Number of child server processes created at startup
-# MaxRequestWorkers: Maximum number of child processes to serve requests
-# MaxConnectionsPerChild: Limit on the number of connections that an individual
-# child server will handle during its life
-
-
-# prefork MPM
-# This is the default MPM if USE=-threads
-#
-# MinSpareServers: Minimum number of idle child server processes
-# MaxSpareServers: Maximum number of idle child server processes
-<IfModule mpm_prefork_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxRequestWorkers 150
- MaxConnectionsPerChild 10000
-</IfModule>
-
-# worker MPM
-# This is the default MPM if USE=threads
-#
-# MinSpareThreads: Minimum number of idle threads available to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# ThreadsPerChild: Number of threads created by each child process
-<IfModule mpm_worker_module>
- StartServers 2
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxRequestWorkers 150
- MaxConnectionsPerChild 10000
-</IfModule>
-
-# event MPM
-#
-# MinSpareThreads: Minimum number of idle threads available to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# ThreadsPerChild: Number of threads created by each child process
-<IfModule mpm_event_module>
- StartServers 2
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxRequestWorkers 150
- MaxConnectionsPerChild 10000
-</IfModule>
-
-# peruser MPM
-#
-# MinSpareProcessors: Minimum number of idle child server processes
-# MinProcessors: Minimum number of processors per virtual host
-# MaxProcessors: Maximum number of processors per virtual host
-# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable
-# Multiplexer: Specify a Multiplexer child configuration.
-# Processor: Specify a user and group for a specific child process
-<IfModule mpm_peruser_module>
- MinSpareProcessors 2
- MinProcessors 2
- MaxProcessors 10
- MaxRequestWorkers 150
- MaxConnectionsPerChild 1000
- ExpireTimeout 1800
-
- Multiplexer nobody nobody
- Processor apache apache
-</IfModule>
-
-# itk MPM
-#
-# MinSpareServers: Minimum number of idle child server processes
-# MaxSpareServers: Maximum number of idle child server processes
-<IfModule mpm_itk_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxRequestWorkers 150
- MaxConnectionsPerChild 10000
-</IfModule>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+# Virtual Hosts
+#
+# If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them. Most configurations
+# use only name-based virtual hosts so the server doesn't need to worry about
+# IP addresses. This is indicated by the asterisks in the directives below.
+#
+# Please see the documentation at
+# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
+# for further details before you try to setup virtual hosts.
+#
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+
+<IfDefine DEFAULT_VHOST>
+# see bug #178966 why this is in here
+
+# Listen: Allows you to bind Apache to specific IP addresses and/or
+# ports, instead of the default. See also the <VirtualHost>
+# directive.
+#
+# Change this to Listen on specific IP addresses as shown below to
+# prevent Apache from glomming onto all bound IP addresses.
+#
+#Listen 12.34.56.78:80
+Listen 80
+
+# When virtual hosts are enabled, the main host defined in the default
+# httpd.conf configuration will go away. We redefine it here so that it is
+# still available.
+#
+# If you disable this vhost by removing -D DEFAULT_VHOST from
+# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
+# the default.
+<VirtualHost *:80>
+ ServerName localhost
+ Include /etc/apache2/vhosts.d/default_vhost.include
+
+ <IfModule mpm_peruser_module>
+ ServerEnvironment apache apache
+ </IfModule>
+</VirtualHost>
+</IfDefine>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-# Virtual Hosts
-#
-# If you want to maintain multiple domains/hostnames on your
-# machine you can setup VirtualHost containers for them. Most configurations
-# use only name-based virtual hosts so the server doesn't need to worry about
-# IP addresses. This is indicated by the asterisks in the directives below.
-#
-# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
-# for further details before you try to setup virtual hosts.
-#
-# You may use the command line option '-S' to verify your virtual host
-# configuration.
-
-<IfDefine DEFAULT_VHOST>
-# see bug #178966 why this is in here
-
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 80
-
-# When virtual hosts are enabled, the main host defined in the default
-# httpd.conf configuration will go away. We redefine it here so that it is
-# still available.
-#
-# If you disable this vhost by removing -D DEFAULT_VHOST from
-# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
-# the default.
-<VirtualHost *:80>
- ServerName localhost
- Include /etc/apache2/vhosts.d/default_vhost.include
-
- <IfModule mpm_peruser_module>
- ServerEnvironment apache apache
- </IfModule>
-</VirtualHost>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+# ServerAdmin: Your address, where problems with the server should be
+# e-mailed. This address appears on some server-generated pages, such
+# as error documents. e.g. admin@your-domain.com
+ServerAdmin root@localhost
+
+# DocumentRoot: The directory out of which you will serve your
+# documents. By default, all requests are taken from this directory, but
+# symbolic links and aliases may be used to point to other locations.
+#
+# If you change this to something that isn't under /var/www then suexec
+# will no longer work.
+DocumentRoot "/var/www/localhost/htdocs"
+
+# This should be changed to whatever you set DocumentRoot to.
+<Directory "/var/www/localhost/htdocs">
+ # Possible values for the Options directive are "None", "All",
+ # or any combination of:
+ # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
+ #
+ # Note that "MultiViews" must be named *explicitly* --- "Options All"
+ # doesn't give it to you.
+ #
+ # The Options directive is both complicated and important. Please see
+ # http://httpd.apache.org/docs/2.4/mod/core.html#options
+ # for more information.
+ Options Indexes FollowSymLinks
+
+ # AllowOverride controls what directives may be placed in .htaccess files.
+ # It can be "All", "None", or any combination of the keywords:
+ # Options FileInfo AuthConfig Limit
+ AllowOverride All
+
+ # Controls who can get stuff from this server.
+ Require all granted
+</Directory>
+
+<IfModule alias_module>
+ # Redirect: Allows you to tell clients about documents that used to
+ # exist in your server's namespace, but do not anymore. The client
+ # will make a new request for the document at its new location.
+ # Example:
+ # Redirect permanent /foo http://www.example.com/bar
+
+ # Alias: Maps web paths into filesystem paths and is used to
+ # access content that does not live under the DocumentRoot.
+ # Example:
+ # Alias /webpath /full/filesystem/path
+ #
+ # If you include a trailing / on /webpath then the server will
+ # require it to be present in the URL. You will also likely
+ # need to provide a <Directory> section to allow access to
+ # the filesystem path.
+
+ # ScriptAlias: This controls which directories contain server scripts.
+ # ScriptAliases are essentially the same as Aliases, except that
+ # documents in the target directory are treated as applications and
+ # run by the server when requested rather than as documents sent to the
+ # client. The same rules about trailing "/" apply to ScriptAlias
+ # directives as to Alias.
+ ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
+</IfModule>
+
+# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
+# CGI directory exists, if you have that configured.
+<Directory "/var/www/localhost/cgi-bin">
+ AllowOverride None
+ Options None
+ Require all granted
+</Directory>
+
+# vim: ts=4 filetype=apache
+++ /dev/null
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-ServerAdmin root@localhost
-
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-# If you change this to something that isn't under /var/www then suexec
-# will no longer work.
-DocumentRoot "/var/www/localhost/htdocs"
-
-# This should be changed to whatever you set DocumentRoot to.
-<Directory "/var/www/localhost/htdocs">
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.4/mod/core.html#options
- # for more information.
- Options Indexes FollowSymLinks
-
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- AllowOverride All
-
- # Controls who can get stuff from this server.
- Require all granted
-</Directory>
-
-<IfModule alias_module>
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- # ScriptAlias: This controls which directories contain server scripts.
- # ScriptAliases are essentially the same as Aliases, except that
- # documents in the target directory are treated as applications and
- # run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
- # directives as to Alias.
- ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
-</IfModule>
-
-# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-<Directory "/var/www/localhost/cgi-bin">
- AllowOverride None
- Options None
- Require all granted
-</Directory>
-
-# vim: ts=4 filetype=apache
--- /dev/null
+# The VCS to use.
+#VCS="hg"
+VCS="git"
+#VCS="bzr"
+#VCS="darcs"
+
+# Options passed to git commit when run by etckeeper.
+GIT_COMMIT_OPTIONS=""
+
+# Options passed to hg commit when run by etckeeper.
+HG_COMMIT_OPTIONS=""
+
+# Options passed to bzr commit when run by etckeeper.
+BZR_COMMIT_OPTIONS=""
+
+# Options passed to darcs record when run by etckeeper.
+DARCS_COMMIT_OPTIONS="-a"
+
+# Uncomment to avoid etckeeper committing existing changes
+# to /etc automatically once per day.
+#AVOID_DAILY_AUTOCOMMITS=1
+
+# Uncomment the following to avoid special file warning
+# (the option is enabled automatically by cronjob regardless).
+#AVOID_SPECIAL_FILE_WARNING=1
+
+# Uncomment to avoid etckeeper committing existing changes to
+# /etc before installation. It will cancel the installation,
+# so you can commit the changes by hand.
+#AVOID_COMMIT_BEFORE_INSTALL=1
+
+# The high-level package manager that's being used.
+# (apt, pacman-g2, yum, dnf, zypper etc)
+#HIGHLEVEL_PACKAGE_MANAGER=apt
+
+# Gentoo specific:
+# For portage this is emerge
+# For paludis this is cave
+HIGHLEVEL_PACKAGE_MANAGER=emerge
+
+# The low-level package manager that's being used.
+# (dpkg, rpm, pacman, pacman-g2, etc)
+#LOWLEVEL_PACKAGE_MANAGER=dpkg
+
+# Gentoo specific:
+# For portage this is qlist
+# For paludis this is cave
+LOWLEVEL_PACKAGE_MANAGER=qlist
+
+# To push each commit to a remote, put the name of the remote here.
+# (eg, "origin" for git). Space-separated lists of multiple remotes
+# also work (eg, "origin gitlab github" for git).
+PUSH_REMOTE=""
+++ /dev/null
-# The VCS to use.
-#VCS="hg"
-VCS="git"
-#VCS="bzr"
-#VCS="darcs"
-
-# Options passed to git commit when run by etckeeper.
-GIT_COMMIT_OPTIONS=""
-
-# Options passed to hg commit when run by etckeeper.
-HG_COMMIT_OPTIONS=""
-
-# Options passed to bzr commit when run by etckeeper.
-BZR_COMMIT_OPTIONS=""
-
-# Options passed to darcs record when run by etckeeper.
-DARCS_COMMIT_OPTIONS="-a"
-
-# Uncomment to avoid etckeeper committing existing changes
-# to /etc automatically once per day.
-#AVOID_DAILY_AUTOCOMMITS=1
-
-# Uncomment the following to avoid special file warning
-# (the option is enabled automatically by cronjob regardless).
-#AVOID_SPECIAL_FILE_WARNING=1
-
-# Uncomment to avoid etckeeper committing existing changes to
-# /etc before installation. It will cancel the installation,
-# so you can commit the changes by hand.
-#AVOID_COMMIT_BEFORE_INSTALL=1
-
-# The high-level package manager that's being used.
-# (apt, pacman-g2, yum, dnf, zypper etc)
-#HIGHLEVEL_PACKAGE_MANAGER=apt
-
-# Gentoo specific:
-# For portage this is emerge
-# For paludis this is cave
-HIGHLEVEL_PACKAGE_MANAGER=emerge
-
-# The low-level package manager that's being used.
-# (dpkg, rpm, pacman, pacman-g2, etc)
-#LOWLEVEL_PACKAGE_MANAGER=dpkg
-
-# Gentoo specific:
-# For portage this is qlist
-# For paludis this is cave
-LOWLEVEL_PACKAGE_MANAGER=qlist
-
-# To push each commit to a remote, put the name of the remote here.
-# (eg, "origin" for git). Space-separated lists of multiple remotes
-# also work (eg, "origin gitlab github" for git).
-PUSH_REMOTE=""
-# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
+# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-UsePrivilegeSeparation sandbox # Default for new installations.
+#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# the following are HPN related configuration options
-# tcp receive buffer polling. disable in non autotuning kernels
-#TcpRcvBufPoll yes
-
-# disable hpn performance boosts
-#HPNDisabled no
-
-# buffer size for hpn to non-hpn connections
-#HPNBufferSize 2048
-
-
-# allow the use of the none cipher
-#NoneEnabled no
-
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
+++ /dev/null
-# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
-
-# This is the sshd server system-wide configuration file. See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_dsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-# obsoletes QuietMode and FascistLogging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#RSAAuthentication yes
-#PubkeyAuthentication yes
-
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-#AuthorizedKeysFile .ssh/authorized_keys
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to no to disable s/key passwords
-#ChallengeResponseAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-#X11Forwarding no
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-PrintLastLog no
-#TCPKeepAlive yes
-#UseLogin no
-#UsePrivilegeSeparation sandbox
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# here are the new patched ldap related tokens
-# entries in your LDAP must have posixAccount & ldapPublicKey objectclass
-#UseLPK yes
-#LpkLdapConf /etc/ldap.conf
-#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/
-#LpkUserDN ou=users,dc=phear,dc=org
-#LpkGroupDN ou=groups,dc=phear,dc=org
-#LpkBindDN cn=Manager,dc=phear,dc=org
-#LpkBindPw secret
-#LpkServerGroup mail
-#LpkFilter (hostAccess=master.phear.org)
-#LpkForceTLS no
-#LpkSearchTimelimit 3
-#LpkBindTimelimit 3
-#LpkPubKeyAttr sshPublicKey
-
-# override default of no subsystems
-Subsystem sftp /usr/lib64/misc/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# PermitTTY no
-# ForceCommand cvs server
-
-# Allow client to pass locale environment variables #367017
-AcceptEnv LANG LC_*
#AVOID_COMMIT_BEFORE_INSTALL=1
# The high-level package manager that's being used.
-# (apt, pacman-g2, yum, zypper etc)
-# For gentoo this is emerge
+# (apt, pacman-g2, yum, dnf, zypper etc)
+#HIGHLEVEL_PACKAGE_MANAGER=apt
+
+# Gentoo specific:
+# For portage this is emerge
+# For paludis this is cave
HIGHLEVEL_PACKAGE_MANAGER=emerge
# The low-level package manager that's being used.
# (dpkg, rpm, pacman, pacman-g2, etc)
-# For gentoo this is qlist
+#LOWLEVEL_PACKAGE_MANAGER=dpkg
+
+# Gentoo specific:
+# For portage this is qlist
+# For paludis this is cave
LOWLEVEL_PACKAGE_MANAGER=qlist
# To push each commit to a remote, put the name of the remote here.
-# (eg, "origin" for git).
+# (eg, "origin" for git). Space-separated lists of multiple remotes
+# also work (eg, "origin gitlab github" for git).
PUSH_REMOTE="origin"
+++ /dev/null
-# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
-
-# This is the sshd server system-wide configuration file. See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options override the
-# default value.
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-# The default requires explicit activation of protocol 1
-#Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_dsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-# obsoletes QuietMode and FascistLogging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin no
-#PermitRootLogin prohibit-password
-PermitRootLogin yes
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#RSAAuthentication yes
-#PubkeyAuthentication yes
-
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-#AuthorizedKeysFile .ssh/authorized_keys
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-PasswordAuthentication no
-#PermitEmptyPasswords no
-
-# Change to no to disable s/key passwords
-#ChallengeResponseAuthentication yes
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-#X11Forwarding no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-PrintLastLog no
-#TCPKeepAlive yes
-#UseLogin no
-#UsePrivilegeSeparation sandbox
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# here are the new patched ldap related tokens
-# entries in your LDAP must have posixAccount & ldapPublicKey objectclass
-#UseLPK yes
-#LpkLdapConf /etc/ldap.conf
-#LpkServers ldap://10.1.7.1/ ldap://10.1.7.2/
-#LpkUserDN ou=users,dc=phear,dc=org
-#LpkGroupDN ou=groups,dc=phear,dc=org
-#LpkBindDN cn=Manager,dc=phear,dc=org
-#LpkBindPw secret
-#LpkServerGroup mail
-#LpkFilter (hostAccess=master.phear.org)
-#LpkForceTLS no
-#LpkSearchTimelimit 3
-#LpkBindTimelimit 3
-#LpkPubKeyAttr sshPublicKey
-
-# override default of no subsystems
-Subsystem sftp /usr/lib64/misc/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-# X11Forwarding no
-# AllowTcpForwarding no
-# PermitTTY no
-# ForceCommand cvs server
-
-# Allow client to pass locale environment variables #367017
-AcceptEnv LANG LC_*
-# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
+# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
-UsePrivilegeSeparation sandbox # Default for new installations.
+#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
-# the following are HPN related configuration options
-# tcp receive buffer polling. disable in non autotuning kernels
-#TcpRcvBufPoll yes
-
-# disable hpn performance boosts
-#HPNDisabled no
-
-# buffer size for hpn to non-hpn connections
-#HPNBufferSize 2048
-
-
-# allow the use of the none cipher
-#NoneEnabled no
-
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
projects / config / helga / etc.git / commitdiff