---
-infra::additional_classes:
- - infra::profile::apache
- - apache::mod::proxy_http
- - java
-
-java::package: java-1.8.0-oraclejdk
-
-accounts::users:
- hybris:
- uid: 61000
- group: hybris
- shell: "bash"
- apply: true
- comment: "Hybris User"
- keys:
- detlef.gaisser:
- key: "AAAAB3NzaC1yc2EAAAADAQABAAABAQDlULtDnNWDd3RoeMdsQN9BJnT1sCeFIqP0QvXgDV/65HXx5u6GFo9wtOqCN+RJBtgdMTitz1YIslJxv5MeCFKEkcxRW5Uj29uWqvoij9ZCnLUtFmqiEt2PyjPWda6TXnQPNYprVoeP/wZTq8priWDxAUaiNGFkaNFL/KAjeQe35+9YrdkEXYyn1PKB1yHM4DcTwFoQcSCgo0vSOZKcqxV/8CW9XxHoBMDWOvtgXebHRu2lqrK0ToF/lShXIa/oq7GvwrKDJlrVGOPhPcW/sacGdMZ2sSmhFWb6ndCnPM9jnw/4sj4NOJwh6j8zpSaX8Kfh62zy38GlLz9mhHFS3oEd"
- detlef.gaisser:
- apply: true
- sudo: true
-
-infra::profile::apache::htdigest:
- server:
- www: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAVQr9NvxKune1HC+hn6htQCWh61TE2NsvPV3bsCIJnm2cTe4XfKE4+w6tLtUikvdFPmH0mzegauxK8Z28ypkrAOxHGWlwHBsmJx/MAFyfMuxgt6KQEKmLhv1kAylIJR3oBdLNdrcj+myBafv1JgtxUrjY1MOTFRZ6NZ0Wqj4g2LvAB4f+s5w9f0fkBGdpiOQi0L5szq2ABXUpTqtzchj1Dc/drWbcprYdQDk0HTSurbSp1skiUowuIq1VNJXnl0icEDnd1K5+V730N/we0JuDFja/Q3zp/yGGeFzK4cAHzlzy7jj0aA0QiKQ60SGxy3Rp+c0wPJhACyPgH74HQ0+aTjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBA/n8mEm/0LU+PlcbZhu46vgCCQCTN6HDaooQ/N2CkykiUnNwdYbHRqT6IsJUdFE9NaTA==]
-
-infra::profile::apache::pp_vhosts:
- lapp-shop:
- docroot: /var/www/lapp-shop
- servername: dev01-www-lapp-de.pixelpark.net
- cert_servername: 'wildcard.pixelpark.net'
- cert_customer: 'pixelpark'
- ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
- ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
- ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
-
-# Damit es ohne gültiges Backend Certificate funktioniert
- custom_fragment: |
- SSLProxyVerify none
- SSLProxyCheckPeerCN off
- SSLProxyCheckPeerName off
-# SSLProxyEngine On
- ssl_proxyengine: true
-# ProxyPreserveHost On
- proxy_preserve_host: true
-# ProxyPass Settings (geht auch in Locations)
- proxy_pass:
- - { path: /assets, url: '!' }
- - { path: /, url: 'https://localhost:9002/' }
- setenvif:
- - 'HTTPS on HTTPS=on'
- setenvifnocase:
- - 'Request_URI \.(?:gif|jpe?g|png)$ no-gzip'
- - 'Request_URI \.(?:gif|jpe?g|png)$ dont-vary'
- headers:
-# - always append X-Frame-Options SAMEORIGIN
- - append Vary User-Agent env=!dont-vary
- docroot_owner: apache
- docroot_group: apache
- docroot_mode: '2775'
- directories:
- - provider: directory
- path: '/var/www/lapp-shop'
- options:
- - FollowSymLinks
- - MultiViews
- allow_override:
- - All
- - provider: directory
- path: '/var/www/cgi-bin'
- ssl_options:
- - '+StdEnvVars'
-
- - provider: location
- path: '/'
- auth_type: Digest
- auth_name: server
- auth_digest_provider: file
- auth_digest_algorithm: MD5
- auth_user_file: '/etc/httpd/htdigest'
- auth_require: 'valid-user'
-
- - provider: location
- path: '/admin'
- sethandler: "admin"
-
- - provider: location
- path: '/hmc'
- sethandler: "hmc"
-
- - provider: location
- path: '/cmscockpit'
- sethandler: "cmscockpit"
- proxy_pass:
- - { path: /, url: 'https://localhost:9002/cmscockpit' }
-
- - provider: location
- path: '/medias'
- sethandler: "medias"
- proxy_pass:
- - { path: /, url: 'http://localhost:9001/media' }
-
-# - provider: location
-# path: '/solr'
-# sethandler: "solr"
-# proxy_pass:
-# - { path: /, url: 'http://localhost:8983/solr' }
-# custom_fragment: |
-# RequestHeader set Authorization "Basic c29scnNlcnZlcjpzZXJ2ZXIxMjM="
-
- - provider: location
- path: '/maintainance'
- sethandler: "maintainance"
- require:
- - local
-
- - provider: filesmatch
- path: '\.(cgi|shtml|phtml|php)$'
- ssl_options:
- - '+StdEnvVars'
-
-# rewrites:
-# - comment: 'frontend root rewrite'
-# rewrite_cond:
-# - '%{literal("%")}{REQUEST_URI} ^(/?)$'
-# rewrite_rule:
-# - '(.*)$ /yb2bacceleratorstorefront/ [R=301]'
projects / pixelpark / hiera.git / commitdiff