]> Frank Brehm's Git Trees - pixelpark/hiera.git/commitdiff
projects / pixelpark / hiera.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f05dd3f)
MHK - baustellenseite
authorOliver Böttcher <oliver.boettcher@pixelpark.com>
Wed, 22 Mar 2017 14:52:13 +0000 (15:52 +0100)
committerOliver Böttcher <oliver.boettcher@pixelpark.com>
Wed, 22 Mar 2017 14:52:13 +0000 (15:52 +0100)
customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml patch | blob | history
customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml patch | blob | history
customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml patch | blob | history

diff --git a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml
index 3b9985eebe5d7f4f7714edb6f018ea0b714edb18..150624dcf4ff4f840b696a9617dc29de3a058791 100644 (file)
--- a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml
+++ b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml
@@ -32,7 +32,18 @@ site::profile::apache::pp_vhosts:
         rewrite_cond:
           - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]'
         rewrite_rule:
-          - '^(.*)$ http://kueche.de [R=301,L]'
+          - '^(.*)$ http://kueche.de$1 [R=301,L]'
+      - to_ssl:
+        comment: 'all to https'
+        rewrite_cond:
+          - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]'
+        rewrite_rule:
+          - '^(.*)$ https://kueche.de$1 [R=301,L]'
+    headers:
+      - 'set X-Frame-Options: sameorigin'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
   www:
     docroot: '/var/www/mhk'
     servername: www-kueche-de.pixelpark.net
diff --git a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml
index 7e7d37e130159479d099d7f0646b9d3d11de8540..272649bc3ef7515a399da0966228697dc87cc409 100644 (file)
--- a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml
+++ b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml
@@ -32,7 +32,18 @@ site::profile::apache::pp_vhosts:
         rewrite_cond:
           - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]'
         rewrite_rule:
-          - '^(.*)$ http://kueche.de [R=301,L]'
+          - '^(.*)$ http://kueche.de$1 [R=301,L]'
+      - to_ssl:
+        comment: 'all to https'
+        rewrite_cond:
+          - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]'
+        rewrite_rule:
+          - '^(.*)$ https://kueche.de$1 [R=301,L]'
+    headers:
+      - 'set X-Frame-Options: sameorigin'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
   www:
     docroot: '/var/www/mhk'
     servername: www-kueche-de.pixelpark.net
diff --git a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml
index 1dac6b2ffae43b8656d1ee1095e600b6454aebcb..09fcefd7cfdd632f691a5bd4ea325566479f7c35 100644 (file)
--- a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml
+++ b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml
@@ -26,13 +26,24 @@ site::profile::apache::pp_vhosts:
     ssl: false
     setenvif:
       - 'HTTPS on HTTPS=on'
+    access_log_format: remote_combined
     rewrites:
       - nonwww:
         rewrite_cond:
           - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]'
         rewrite_rule:
-          - '^(.*)$ http://kueche.de [R=301,L]'
-    access_log_format: remote_combined
+          - '^(.*)$ http://kueche.de$1 [R=301,L]'
+      - to_ssl:
+        comment: 'all to https'
+        rewrite_cond:
+          - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]'
+        rewrite_rule:
+          - '^(.*)$ https://kueche.de$1 [R=301,L]'
+    headers:
+      - 'set X-Frame-Options: sameorigin'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
   www:
     docroot: '/var/www/mhk'
     servername: www-kueche-de.pixelpark.net
Unnamed repository; edit this file 'description' to name the repository.