f5b5ee9336
Basic implementation of the opendev static server, described in https://docs.opendev.org/opendev/infra-specs/latest/specs/retire-static.html Change-Id: Ie1b92f06b71aa6069fe831b26ba1cc272ce4562c Story: #2006598 Task: #37757
96 lines
2.9 KiB
Plaintext
Executable File
96 lines
2.9 KiB
Plaintext
Executable File
Define AFS_ROOT /afs/openstack.org/project/governance.openstack.org
|
|
|
|
<VirtualHost *:80>
|
|
ServerName governance.openstack.org
|
|
RewriteEngine On
|
|
RewriteRule ^/(.*) https://governance.openstack.org/$1 [last,redirect=permanent]
|
|
LogLevel warn
|
|
ErrorLog /var/log/apache2/governance.openstack.org_error.log
|
|
CustomLog /var/log/apache2/governance.openstack.org_access.log combined
|
|
ServerSignature Off
|
|
</VirtualHost>
|
|
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost *:443>
|
|
|
|
ServerName governance.openstack.org
|
|
|
|
DocumentRoot ${AFS_ROOT}
|
|
|
|
SSLCertificateFile /etc/letsencrypt-certs/governance.openstack.org/governance.openstack.org.cer
|
|
SSLCertificateKeyFile /etc/letsencrypt-certs/governance.openstack.org/governance.openstack.org.key
|
|
SSLCertificateChainFile /etc/letsencrypt-certs/governance.openstack.org/ca.cer
|
|
SSLProtocol All -SSLv2 -SSLv3
|
|
# Note: this list should ensure ciphers that provide forward secrecy
|
|
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
|
|
SSLHonorCipherOrder on
|
|
|
|
# Alias other folders
|
|
Alias "/election/" "${AFS_ROOT}/election/"
|
|
Alias "/sigs/" "${AFS_ROOT}/sigs/"
|
|
Alias "/tc/" "${AFS_ROOT}/tc/"
|
|
Alias "/uc/" "${AFS_ROOT}/uc/"
|
|
# keep last
|
|
Alias "/" "${AFS_ROOT}/governance/"
|
|
|
|
# Set up redirects
|
|
Redirect "/badges/" "/tc/badges/"
|
|
Redirect "/goals/" "/tc/goals/"
|
|
Redirect "/reference/" "/tc/reference/"
|
|
Redirect "/resolutions/" "/tc/resolutions/"
|
|
|
|
<Directory ${AFS_ROOT}/election>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverrideList Redirect RedirectMatch
|
|
Satisfy Any
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory ${AFS_ROOT}/governance>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverrideList Redirect RedirectMatch
|
|
Satisfy Any
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory ${AFS_ROOT}/sigs>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverrideList Redirect RedirectMatch
|
|
Satisfy Any
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory ${AFS_ROOT}/tc>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverrideList Redirect RedirectMatch
|
|
Satisfy Any
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory ${AFS_ROOT}/uc>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverrideList Redirect RedirectMatch
|
|
Satisfy Any
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory ${AFS_ROOT}/badges>
|
|
Options Indexes FollowSymLinks MultiViews
|
|
AllowOverride None
|
|
Satisfy Any
|
|
Require all granted
|
|
<IfModule mod_headers.c>
|
|
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
|
|
Header set Pragma "no-cache"
|
|
</IfModule>
|
|
ErrorDocument 404 /badges/project-unofficial.svg
|
|
</Directory>
|
|
|
|
LogLevel warn
|
|
ErrorLog /var/log/apache2/governance.openstack.org_error.log
|
|
CustomLog /var/log/apache2/governance.openstack.org_access.log combined
|
|
ServerSignature Off
|
|
|
|
</VirtualHost>
|
|
</IfModule>
|