# custom-admins
infra::role: base
-httpd::webserver:
- test-confluence01.pixelpark.net:
- modules:
- - proxy_ajp
- listens:
- - 0.0.0.0:80
- - 0.0.0.0:443
- extendedStatus: true
- worker: true
\ No newline at end of file
+infra::additional_classes:
+ - infra::profile::apache
+ - apache::mod::proxy_http
+
+infra::profile::apache::pp_vhosts:
+ extranet:
+ docroot: /var/www/test-confluence
+ servername: test-confluence01.pixelpark.net # wenn fertig umgezogen
+ cert_servername: 'wildcard.pixelpark.net'
+ cert_customer: 'pixelpark'
+ ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
+ ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+ ssl_proxyengine: true
+ proxy_preserve_host: true
+ docroot_owner: apache
+ docroot_group: apache
+ docroot_mode: '2775'
+ directories:
+ - directory_root:
+ provider: directory
+ path: '/var/www/test-confluence'
+ options:
+ - FollowSymLinks
+ - MultiViews
+ allow_override:
+ - All
+ directoryindex: index.html
+ proxy_pass:
+ - { path: /server-status, url: '!' }
+ - { path: /server-info, url: '!' }
+ - { path: /confluence, url: 'http://test-confluence01.pixelpark.net:8090/confluence' }
+ - { path: /synchrony, url: 'http://test-confluence01.pixelpark.net:8091/synchrony' }
+
+ headers_ssl:
+ - always set Strict-Transport-Security "max-age=31556926"
+ rewrites:
+ - comment: 'switch to https'
+ rewrite_cond:
+ - '%%{ich-trickse}{HTTPS} !=on [NC]'
+ rewrite_rule:
+ - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L]
+ - comment: 'Rewrite from / to /confluence'
+ rewrite_rule:
+ - ^(/?)$ /confluence/ [R=301,L]
+ - comment: 'synchrony'
+ rewrite_cond:
+ - '%HTTP:UPGRADE} ^WebSocket$ [NC]'
+ - '%{HTTP:CONNECTION} Upgrade$ [NC]'
+ - comment: 'synchrony die zweite'
+ rewrite_rule:
+ - .* ws://test-confluence01.pixelpark.net:8091%{REQUEST_URI} [P]
\ No newline at end of file
projects / pixelpark / hiera.git / commitdiff