system-config/playbooks/roles/static/files/50-meetings.opendev.org.conf

Define AFS_ROOT /afs/openstack.org/project/meetings.opendev.org

<VirtualHost *:80>
  ServerName meetings.opendev.org
  RewriteEngine On
  RewriteRule ^/(.*) https://meetings.opendev.org/$1 [last,redirect=permanent]
  LogLevel warn
  ErrorLog /var/log/apache2/meetings.opendev.org_error.log
  CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
  ServerSignature Off
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>

  ServerName meetings.opendev.org

  DocumentRoot ${AFS_ROOT}

  SSLCertificateFile      /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.cer
  SSLCertificateKeyFile   /etc/letsencrypt-certs/meetings.opendev.org/meetings.opendev.org.key
  SSLCertificateChainFile /etc/letsencrypt-certs/meetings.opendev.org/ca.cer
  SSLProtocol All -SSLv2 -SSLv3
  # Note: this list should ensure ciphers that provide forward secrecy
  SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
  SSLHonorCipherOrder on

  SSLProxyEngine on

  ProxyPass "/irclogs" "https://eavesdrop01.opendev.org/irclogs" ttl=120 keepalive=On retry=0
  ProxyPassReverse "/irclogs" "https://eavesdrop01.opendev.org/irclogs"

  ProxyPass "/meetings" "https://eavesdrop01.opendev.org/meetings" ttl=120 keepalive=On retry=0
  ProxyPassReverse "/meetings" "https://eavesdrop01.opendev.org/meetings"

  <Directory ${AFS_ROOT}>
    Options Indexes FollowSymLinks MultiViews
    AllowOverrideList Redirect RedirectMatch
    Require all granted
  </Directory>

  LogLevel warn
  ErrorLog /var/log/apache2/meetings.opendev.org_error.log
  CustomLog /var/log/apache2/meetings.opendev.org_access.log combined
  ServerSignature Off

</VirtualHost>
</IfModule>